Ir ao conteúdo
  • Cadastre-se
brsantos95

Google chorme abre abas sozinho

Recommended Posts

Boa Tarde,

 

O chorme fica abrindo paginas sozinho a cada pequeno intevalo de tempo, ja olhei nas extensões e não tem nenhuma lá que já não estivesse instalada antes de acontecer isso,também já olhei se tinha algum programa instalado desconhecido e também estão os mesmo de sempre. Isso aconteceu depois que instalei um programa.

Segue Logs do Junkware,Adware e Zoek.

Poderiam me ajudar por favor?

AdwCleaner[S1].txt

JRT.txt

zoek-results.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @brsantos95

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

# Etapa nº 1 #
 
Baixe o AdwCleaner e salve em sua Área de trabalho (Desktop)

Execute o arquivo adwcleaner.exe

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Clique na aba Opções e deixe marcado apenas "Restaurar Políticas do IE" e "Restaurar Políticas do Chrome"
  • Clique no botão Verificar e aguarde o exame finalizar.
  • Clique no botão Limpar.
  • Abrirá um bloco de notas com o resultado.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.
  • O log também será salvo em C:\AdwCleaner


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar.
 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Junkware Removal Tool (JRT) e salve em sua Área de trabalho (Desktop)

 

Clique duas vezes para executar o jrt.exe.
 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • A ferramenta começará o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Ao final um log se abrirá. Será salvo no desktop com o nome de JRT.txt.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 
# Etapa nº 3 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @brsantos95

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


32 bit (x86) ou 64 bit (x64)

 

  • Clique duas vezes para executar a ferramenta.
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar.
  • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta.
  • Anexe o log Addition.txt

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 18-07-2016
Executado por bruno.tavares (administrador) em TEN-EALMOX-04 (20-07-2016 07:51:34)
Executando a partir de C:\Users\bruno.tavares\Downloads\Programs
Perfis Carregados: bruno.tavares (Perfis Disponíveis: bruno.tavares & TEN-admin)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\Ntrtscan.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RalinkRegistryWriter.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RalinkRegistryWriter64.exe
(CYPE Ingenieros S.A.) C:\CYPE Ingenieros\Versão 2015\servipas\servcpas.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
() C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmListen.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\msoia.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\TmCCSF.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(BitTorrent Inc.) C:\Users\bruno.tavares\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
(Microsoft Corporation) C:\Windows\CCM\CcmExec.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
() C:\Users\bruno.tavares\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Microsoft Corporation) C:\Windows\CCM\RemCtrl\CmRcService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Microsoft Corporation) C:\Windows\CCM\CcmEval.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\msoia.exe
(Microsoft Corporation) C:\Windows\ccmsetup\cache\ccmsetup.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIC.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe [2908888 2013-08-15] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-10-25] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-12] (Intel Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [380088 2012-07-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-06-07] (Power Software Ltd)
HKLM-x32\...\Run: [OfficeScanNT Monitor] => C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe [2462336 2015-07-24] (Trend Micro Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-03-10] (Banco do Brasil)
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3903056 2015-05-20] (Tonec Inc.)
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Run: [uTorrent] => C:\Users\bruno.tavares\AppData\Roaming\uTorrent\uTorrent.exe [4951040 2016-05-06] (BitTorrent Inc.)
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Run: [Lync] => "C:\Program Files\Microsoft Office 15\root\office15\lync.exe" /fromrunkey
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Run: [Akamai NetSession Interface] => "C:\Users\bruno.tavares\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\RunOnce: [Uninstall C:\Users\bruno.tavares\AppData\Local\Microsoft\OneDrive\17.3.4604.0120_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\bruno.tavares\AppData\Local\Microsoft\OneDrive\17.3.4604.0120_1\amd64"
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\RunOnce: [Uninstall C:\Users\bruno.tavares\AppData\Local\Microsoft\OneDrive\17.3.4604.0120_1] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\bruno.tavares\AppData\Local\Microsoft\OneDrive\17.3.4604.0120_1"
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Policies\system: [Wallpaper] %logonserver%\netlogon\QG-desktop-Compliance-1024x768.JPG
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Policies\system: [WallpaperStyle] 3
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Policies\Explorer: []
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\MountPoints2: H - H:\RunGame.exe
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\MountPoints2: {13863323-91c9-11e5-a71f-74867afcac0a} - H:\SISetup.exe
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\MountPoints2: {d843f2bb-0eb1-11e5-85d4-74867afcac0a} - F:\Setup.exe
AppInit_DLLs-x32: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll => C:\Program Files (x86)\Citrix\ICA Client\RSHook.dll [257208 2012-07-27] (Citrix Systems, Inc.)
IFEO\OSppSvc.exe: [Debugger]
IFEO\SppSvc.exe: [Debugger]
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1864576 2015-03-10] (Banco do Brasil)
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Servidor de hardlocks de rede.lnk [2016-07-18]
ShortcutTarget: Servidor de hardlocks de rede.lnk -> C:\CYPE Ingenieros\Versão 2015\servipas\Servidor de hardlocks de rede.exe (Nenhum Arquivo)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\wampmanager.lnk [2016-01-14]
ShortcutTarget: wampmanager.lnk -> C:\wamp\wampmanager.exe (Aestan Software)
Startup: C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk [2016-03-19]
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyServer: [S-1-5-21-1833769877-242398472-790376807-38818] => webproxy.queirozgalvao.com:8080
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\..\Interfaces\{5B2CD355-71C4-4788-AD69-5458A1902623}: [DhcpNameServer] 10.211.0.4 10.10.19.3
Tcpip\..\Interfaces\{BFE83BFA-7922-4406-B0E7-BE4729564CE1}: [NameServer] 10.0.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1833769877-242398472-790376807-38818\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-06-05] (Microsoft Corporation)
BHO: Trend Micro Osprey Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg.dll [2015-06-17] (Trend Micro Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-06-05] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-06-05] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-06-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-17] (Oracle Corporation)
BHO-x32: Trend Micro Osprey Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll [2015-06-17] (Trend Micro Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-06-05] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-03-10] (Banco do Brasil)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-17] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg.dll [2015-06-17] (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll [2015-06-17] (Trend Micro Inc.)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\bruno.tavares\AppData\Roaming\Mozilla\Firefox\Profiles\y9gm6ird.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-05] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/AuthorwarePlayer -> C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll [Nenhum Arquivo]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1222172.dll [Nenhum Arquivo]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2012-07-27] (Citrix Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-06-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-06-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1833769877-242398472-790376807-38818: gastecnologia.com.br/sf/bb64 -> C:\Users\bruno.tavares\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [Nenhum Arquivo]
FF Plugin HKU\S-1-5-21-1833769877-242398472-790376807-38818: SkypePlugin -> C:\Users\bruno.tavares\AppData\Local\SkypePlugin\7.12.0.55\npGatewayNpapi.dll [2015-12-08] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-1833769877-242398472-790376807-38818: SkypePlugin64 -> C:\Users\bruno.tavares\AppData\Local\SkypePlugin\7.12.0.55\npGatewayNpapi-x64.dll [2015-12-08] (Skype Technologies S.A.)
FF Extension: IDM integration - C:\Users\bruno.tavares\AppData\Roaming\Mozilla\Firefox\Profiles\y9gm6ird.default\extensions\mozilla_cc2@internetdownloadmanager.com [2016-07-18]
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files (x86)\Trend Micro\OfficeScan Client\FirefoxExtensionOsprey
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files (x86)\Trend Micro\OfficeScan Client\FirefoxExtensionOsprey [2015-09-16] [não assinado]
FF HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\bruno.tavares\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\bruno.tavares\AppData\Roaming\IDM\idmmzcc5 [2016-07-20] [não assinado]
FF HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\bruno.tavares\AppData\Roaming\IDM\idmmzcc5
FF HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-06-08]

Chrome:
=======
CHR Profile: C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-08]
CHR Extension: (Docs) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-08]
CHR Extension: (Google Drive) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-08]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcipapbfhdnmgihoimbjiadmhpcgcnil [2015-04-09]
CHR Extension: (YouTube) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-08]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd [2015-04-08]
CHR Extension: (Pesquisa do Google) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-08]
CHR Extension: (Planilhas do Google) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-08]
CHR Extension: (Google Wallet) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-08]
CHR Extension: (Gmail) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08]
CHR Profile: C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-10]
CHR Extension: (Docs) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-10]
CHR Extension: (Google Drive) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-18]
CHR Extension: (Audiotool) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [2015-08-06]
CHR Extension: (YouTube) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd [2015-09-25]
CHR Extension: (Pesquisa do Google) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-10]
CHR Extension: (Planilhas do Google) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-10]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
CHR Extension: (CircuitLab) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\haghanbgfkfpmepoohpigmglbfejljoj [2015-04-10]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\imcbnnnoghiihopefblgehihofbfbmei [2015-05-29]
CHR Extension: (AudioSauna) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2015-04-10]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\naeeohopejehgjckpkmbdojogdipklbj [2015-06-05]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-08]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oecmlnmneeeeiccpcohlffnipjhngmdk [2015-10-02]
CHR Extension: (Gmail) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-10]
CHR Profile: C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-19]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-19]
CHR Extension: (Google Drive) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Audiotool) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [2015-10-19]
CHR Extension: (YouTube) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-19]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd [2015-10-19]
CHR Extension: (Google Search) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dpkpacmindnbflfmbigkenceicnpjmhh [2016-04-27]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-19]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-07-12]
CHR Extension: (CircuitLab) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\haghanbgfkfpmepoohpigmglbfejljoj [2015-10-19]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\imcbnnnoghiihopefblgehihofbfbmei [2016-06-10]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jdcfmebflppkljibgpdlboifpcaalolg [2016-05-03]
CHR Extension: (AudioSauna) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2015-10-19]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-06-20]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-31]
CHR Extension: (Gmail) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-19]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-06-09]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-06-09]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 CcmExec; C:\Windows\CCM\CcmExec.exe [1773744 2016-01-13] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2855152 2016-06-05] (Microsoft Corporation)
R2 CmRcService; C:\Windows\CCM\RemCtrl\CmRcService.exe [671928 2015-04-14] (Microsoft Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [565560 2015-01-20] (GAS Tecnologia)
R2 hasplms; C:\Windows\system32\hasplms.exe [4608320 2014-11-26] (SafeNet Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-12] (Intel Corporation)
S3 lpasvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation)
S3 lppsvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation)
R2 ntrtscan; C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe [5202160 2015-07-30] (Trend Micro Inc.)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RalinkRegistryWriter.exe [75040 2008-09-05] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RalinkRegistryWriter64.exe [210720 2008-09-05] (Ralink Technology, Corp.)
R2 Servidor de hardlocks de rede; C:\CYPE Ingenieros\Versão 2015\servipas\servcpas.exe [102400 2015-11-30] (CYPE Ingenieros S.A.) [Arquivo não assinado]
S3 smstsmgr; C:\Windows\CCM\TSManager.exe [316600 2015-04-14] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-02] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6341904 2015-09-28] (TeamViewer GmbH)
R3 TMBMServer; C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe [584704 2015-07-23] (Trend Micro Inc.)
R3 tmccsf; C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe [713384 2015-07-24] (Trend Micro Inc.)
R2 tmlisten; C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe [5155520 2015-07-24] (Trend Micro Inc.)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
R2 VRLService; C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe [209408 2014-09-05] () [Arquivo não assinado]
S3 wampapache; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [22016 2014-05-01] (Apache Software Foundation) [Arquivo não assinado]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [10959360 2014-05-01] () [Arquivo não assinado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [X]
S4 LjladpMeselygidusp.exe;  [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [63944 2013-08-01] (SafeNet Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [94208 2015-05-12] (LG Electronics Inc.)
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [130944 2014-11-10] (Gemalto)
S2 Hardlock; C:\Windows\SysWOW64\drivers\hardlock.sys [676864 2004-07-14] (Aladdin Knowledge Systems) [Arquivo não assinado]
S3 HPx9G+; C:\Windows\System32\DRIVERS\HPx9G2k.sys [32056 2009-11-12] (Hewlett Packard Development LLC)
S3 HPx9G+; C:\Windows\SysWOW64\DRIVERS\HPx9G2k.sys [12658 2005-02-17] (KINPOSH) [Arquivo não assinado]
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-05-29] (Intel Corporation)
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-09-09] (Intel Corporation)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [2191832 2013-08-15] (Realtek Semiconductor Corp.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180480 2015-10-08] (Intel Corporation)
R2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [76040 2013-05-12] (Chingachguk & Denger2k (Elite & SP edition))
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
R3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1061888 2009-09-15] (Ralink Technology Corp.)
S3 prepdrvr; C:\Windows\System32\DRIVERS\prepdrv.sys [26984 2012-11-21] (Microsoft Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-13] (Synaptics Incorporated)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206104 2014-12-02] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [119336 2015-07-28] (Trend Micro Inc.)
R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [324824 2015-07-28] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [61232 2015-06-19] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [116576 2015-06-08] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [79720 2015-07-28] (Trend Micro Inc.)
R2 TmFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [368392 2015-07-02] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [416608 2015-05-28] (Trend Micro Inc.)
R2 TmPreFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys [44808 2015-07-02] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [109080 2013-06-18] (Trend Micro Inc.)
R3 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [116536 2015-06-22] (Trend Micro Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [Arquivo não assinado]
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-08-13] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [146072 2015-08-13] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [125008 2015-08-13] (Oracle Corporation)
R2 VSApiNt; C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys [2384136 2015-07-02] (Trend Micro Inc.)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-01-20] (GAS Tecnologia LTDA)
S2 aksdf; system32\DRIVERS\aksdf.sys [X]
S3 akshasp; system32\DRIVERS\akshasp.sys [X]
S3 aksusb; system32\DRIVERS\aksusb.sys [X]
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-20 07:47 - 2016-07-20 07:51 - 00000000 ____D C:\FRST
2016-07-19 14:38 - 2016-07-19 14:39 - 00005156 _____ C:\Users\bruno.tavares\Downloads\23160735123447001619550010000486301199963730.xml
2016-07-19 11:27 - 2016-07-19 11:27 - 00010307 _____ C:\Users\bruno.tavares\Desktop\Relação de Notas.xlsx
2016-07-18 14:08 - 2016-07-18 14:08 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\CYPE Ingenieros
2016-07-18 14:02 - 2016-07-18 14:02 - 00000000 ____D C:\usr
2016-07-18 13:58 - 2016-07-18 13:58 - 00000000 ____D C:\Users\bruno.tavares\Documents\Downloaded Installations
2016-07-18 13:58 - 2004-07-14 12:54 - 00676864 _____ (Aladdin Knowledge Systems) C:\Windows\SysWOW64\Drivers\hardlock.sys
2016-07-18 13:57 - 2016-07-18 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CYPE Ingenieros Versão 2015
2016-07-18 13:57 - 2016-07-18 13:57 - 00001073 _____ C:\Users\Public\Desktop\CYPE 2015 (Brasil).lnk
2016-07-18 13:51 - 2016-07-18 14:08 - 00000000 ____D C:\CYPE Ingenieros
2016-07-18 13:12 - 2016-07-20 07:05 - 00000964 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-18 13:12 - 2016-07-18 13:12 - 00003984 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-07-18 13:11 - 2016-07-18 13:11 - 20466368 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-07-18 11:35 - 2016-07-20 07:09 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-18 11:35 - 2016-07-18 13:12 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-18 11:05 - 2016-07-18 11:05 - 00003718 _____ C:\Users\bruno.tavares\Desktop\ZHPCleaner.txt
2016-07-18 10:45 - 2016-07-18 10:59 - 00000843 _____ C:\Users\bruno.tavares\Desktop\ZHPCleaner.lnk
2016-07-18 10:43 - 2016-07-18 11:56 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\ZHP
2016-07-18 10:17 - 2016-07-18 10:17 - 00001904 _____ C:\Users\bruno.tavares\Desktop\JRT.txt
2016-07-18 10:02 - 2016-07-18 10:02 - 00003660 _____ C:\Users\bruno.tavares\Desktop\AdwCleaner[C1].txt
2016-07-18 09:54 - 2016-07-18 09:57 - 00000000 ____D C:\AdwCleaner
2016-07-18 09:52 - 2016-07-18 09:52 - 02283008 _____ C:\Users\bruno.tavares\Desktop\ZHPCleaner.exe
2016-07-18 09:51 - 2016-07-18 09:52 - 01610560 _____ (Malwarebytes) C:\Users\bruno.tavares\Desktop\JRT.exe
2016-07-18 09:50 - 2016-07-18 09:53 - 03712064 _____ C:\Users\bruno.tavares\Desktop\adwcleaner_5.201.exe
2016-07-15 08:59 - 2016-07-15 09:09 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\Mozilla
2016-07-15 08:59 - 2016-07-15 09:03 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Mozilla
2016-07-15 08:49 - 2016-07-15 08:49 - 00000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-15 08:49 - 2016-07-15 08:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-07-15 08:49 - 2016-07-15 08:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-15 08:34 - 2016-07-15 08:47 - 47206880 _____ C:\Users\bruno.tavares\Downloads\Firefox Setup 47.0.1.exe
2016-07-15 07:47 - 2016-07-15 07:47 - 00018819 _____ C:\Users\bruno.tavares\Desktop\browse.xlsx
2016-07-15 03:14 - 2016-07-18 07:06 - 00000001 _____ C:\Windows\SysWOW64\br.html
2016-07-14 08:02 - 2016-07-14 08:02 - 00027938 _____ C:\Users\bruno.tavares\Downloads\3BA9.tmp
2016-07-13 15:43 - 2016-07-13 15:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft System Center 2012
2016-07-13 15:41 - 2016-07-13 15:41 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\UltraVNC
2016-07-13 13:46 - 2016-07-13 13:46 - 00001669 _____ C:\Users\bruno.tavares\Downloads\launch (3).ica
2016-07-13 10:32 - 2016-07-13 10:33 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-07-12 13:54 - 2016-07-12 16:54 - 00001670 _____ C:\Users\bruno.tavares\Downloads\launch (2).ica
2016-07-12 13:42 - 2016-07-12 13:42 - 00000000 ____D C:\Users\Todos os Usuários\IDM
2016-07-12 13:42 - 2016-07-12 13:42 - 00000000 ____D C:\ProgramData\IDM
2016-07-12 13:30 - 2016-07-12 12:38 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-07-12 11:29 - 2016-07-12 11:29 - 00001669 _____ C:\Users\bruno.tavares\Downloads\launch (1).ica
2016-07-12 09:51 - 2016-07-12 09:51 - 00000000 ____D C:\Users\bruno.tavares\Documents\InvSvr_x64_NAVMAN_13
2016-07-12 09:43 - 2016-07-12 09:43 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2016-07-12 09:00 - 2016-07-12 09:00 - 00000269 _____ C:\Users\bruno.tavares\Documents\licença Robot Structural Analysis Professional 2017.txt
2016-07-11 16:46 - 2016-07-11 16:46 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\DigiPara
2016-07-11 16:21 - 2016-07-11 16:21 - 00002358 _____ C:\Users\Public\Desktop\Autodesk Robot Structural Analysis Professional 2016.lnk
2016-07-11 15:18 - 2016-07-16 15:31 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\Autodesk
2016-07-11 15:09 - 2016-07-11 15:09 - 00001975 _____ C:\Users\Public\Desktop\Revit 2016.lnk
2016-07-11 14:59 - 2016-07-12 10:03 - 00000000 ____D C:\Program Files\Autodesk
2016-07-11 14:45 - 2016-07-12 10:04 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk
2016-07-11 14:45 - 2016-07-12 10:04 - 00000000 ____D C:\ProgramData\Autodesk
2016-07-11 14:45 - 2016-07-12 09:38 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Autodesk
2016-07-11 13:28 - 2016-07-11 13:28 - 00000000 ____D C:\Users\Todos os Usuários\IsolatedStorage
2016-07-11 13:28 - 2016-07-11 13:28 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\IsolatedStorage
2016-07-11 13:28 - 2016-07-11 13:28 - 00000000 ____D C:\ProgramData\IsolatedStorage
2016-07-11 13:22 - 2016-07-11 13:22 - 00000000 ____D C:\Users\Todos os Usuários\Applications
2016-07-11 13:22 - 2016-07-11 13:22 - 00000000 ____D C:\ProgramData\Applications
2016-07-11 07:35 - 2016-07-19 14:26 - 00000000 ____D C:\Program Files (x86)\Lezase
2016-07-11 07:35 - 2016-07-11 07:35 - 00001521 _____ C:\Users\bruno.tavares\Downloads\launch (2).ica.crdownload
2016-07-08 15:57 - 2016-07-08 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TigreCAD-2010
2016-07-08 15:57 - 2016-07-08 15:57 - 00000000 ____D C:\Program Files (x86)\TigreCAD-2010
2016-07-07 15:56 - 2016-07-07 15:56 - 00000000 ____D C:\Users\Public\Autodesk
2016-07-07 13:18 - 2016-07-14 13:40 - 07176192 _____ C:\Users\bruno.tavares\Desktop\Projeto Estrutural 2.rvt
2016-07-07 13:18 - 2016-07-06 14:10 - 17661952 _____ C:\Users\bruno.tavares\Desktop\Projeto2.rvt
2016-07-07 13:05 - 2016-07-07 13:14 - 58875904 _____ C:\Users\bruno.tavares\Downloads\Arctipo_2015.rte
2016-07-07 09:13 - 2016-07-07 09:13 - 00001668 _____ C:\Users\bruno.tavares\Downloads\launch.ica
2016-07-05 09:53 - 2016-07-05 09:53 - 00000000 ____D C:\Users\Todos os Usuários\Inreal Technologies
2016-07-05 09:53 - 2016-07-05 09:53 - 00000000 ____D C:\Users\bruno.tavares\Documents\Inreal Technologies
2016-07-05 09:53 - 2016-07-05 09:53 - 00000000 ____D C:\ProgramData\Inreal Technologies
2016-07-05 09:50 - 2016-07-05 09:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enscape
2016-07-04 17:09 - 2016-07-04 17:09 - 748582619 _____ C:\Windows\MEMORY.DMP
2016-07-04 17:09 - 2016-07-04 17:09 - 00720312 _____ C:\Windows\Minidump\070416-43649-01.dmp
2016-07-04 17:09 - 2016-07-04 17:09 - 00000000 ____D C:\Windows\Minidump
2016-07-04 15:13 - 2013-05-12 16:08 - 00076040 _____ (Chingachguk & Denger2k (Elite & SP edition)) C:\Windows\system32\Drivers\multikey.sys
2016-07-04 15:11 - 2002-07-26 17:02 - 00153088 _____ C:\Windows\SysWOW64\UNWISE.EXE
2016-06-28 11:33 - 2016-06-28 11:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chaos Group
2016-06-28 11:32 - 2016-06-28 11:32 - 00000000 ____D C:\Program Files\WIBU-SYSTEMS
2016-06-28 11:32 - 2016-06-28 11:32 - 00000000 ____D C:\Program Files (x86)\WIBU-SYSTEMS
2016-06-28 11:24 - 2016-06-28 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015
2016-06-28 11:24 - 2016-06-28 11:24 - 00000000 ____D C:\Program Files\SketchUp
2016-06-27 14:12 - 2016-06-27 14:12 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\4kdownload.com
2016-06-27 14:11 - 2016-06-27 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2016-06-27 14:11 - 2016-06-27 14:11 - 00000000 ____D C:\Program Files (x86)\4KDownload
2016-06-23 13:45 - 2016-06-23 13:45 - 00001872 _____ C:\Users\bruno.tavares\Desktop\uTorrent.lnk
2016-06-23 13:45 - 2016-06-23 13:45 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Pro 3.4.7 Build 42330 by Seven7i
2016-06-23 13:44 - 2016-07-20 07:53 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\uTorrent
2016-06-22 09:47 - 2016-06-22 09:47 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-06-21 15:54 - 2016-06-21 15:54 - 00003528 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-QUEIROZGALVAO-bruno.tavares
2016-06-21 15:48 - 2016-06-21 15:48 - 00000000 ____D C:\Users\Todos os Usuários\regid.1986-12.com.adobe
2016-06-21 15:48 - 2016-06-21 15:48 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-06-21 15:47 - 2016-06-21 15:47 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2016-06-21 15:47 - 2016-06-21 15:47 - 00000000 ____D C:\Users\bruno.tavares\Documents\Adobe
2016-06-21 15:19 - 2016-06-21 15:47 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-06-21 15:19 - 2016-06-21 15:19 - 00000000 ____D C:\Program Files\Adobe
2016-06-21 15:14 - 2016-06-21 15:14 - 00001530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-06-21 10:30 - 2016-06-21 10:30 - 00000884 _____ C:\Users\Public\Desktop\MegaDownloader.lnk
2016-06-21 10:30 - 2016-06-21 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDownloader
2016-06-21 10:30 - 2016-06-21 10:30 - 00000000 ____D C:\Program Files\MegaDownloader
2016-06-21 10:29 - 2016-06-21 10:29 - 02097696 _____ (AppsForMega.info ) C:\Users\bruno.tavares\Downloads\MegaDownloader_v1.7.exe
2016-06-20 07:41 - 2016-07-20 07:50 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\DMCache
2016-06-20 07:41 - 2016-07-19 16:44 - 00000000 ____D C:\Users\bruno.tavares\Downloads\Compressed
2016-06-20 07:41 - 2016-07-19 16:34 - 00000000 ____D C:\Users\bruno.tavares\Downloads\Video
2016-06-20 07:41 - 2016-07-12 16:12 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-06-20 07:41 - 2016-07-07 10:52 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\IDM
2016-06-20 07:41 - 2016-06-20 07:41 - 00001009 _____ C:\Users\bruno.tavares\Desktop\Internet Download Manager.lnk
2016-06-20 07:41 - 2016-06-20 07:41 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-06-20 07:41 - 2016-06-20 07:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-06-20 07:39 - 2016-06-20 07:40 - 06851184 _____ (Tonec Inc.) C:\Users\bruno.tavares\Downloads\idman625build21.exe
2016-06-17 13:22 - 2016-06-17 13:26 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\NFS Underground 2
2016-06-17 13:20 - 2016-06-17 13:20 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-06-16 07:39 - 2016-06-16 07:39 - 00001801 _____ C:\Windows\SMSAdvancedClient.configmgr2012ac-sp2r2sp1-kb3135680-x64.mif
2016-06-16 07:36 - 2016-06-16 07:36 - 00014348 _____ C:\Windows\system32\CcmFramework.ini
2016-06-16 07:36 - 2016-06-16 07:36 - 00000621 _____ C:\Windows\system32\CcmFramework.h
2016-06-16 07:28 - 2016-06-16 07:35 - 00000000 ____D C:\Windows\system32\{3DA228BE-34DA-49f4-A081-66465B077429}
2016-06-15 14:18 - 2016-06-15 14:30 - 08025608 _____ C:\Users\bruno.tavares\Downloads\Não confirmado 772552.crdownload
2016-06-15 08:02 - 2016-06-15 08:02 - 00153818 _____ C:\Users\bruno.tavares\Downloads\Notas.zip
2016-06-10 10:39 - 2016-06-10 10:39 - 00033424 _____ C:\Users\bruno.tavares\Desktop\Habilitação Cidada.pdf
2016-06-09 13:49 - 2016-05-24 11:29 - 00207928 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2016-06-01 11:12 - 2016-06-01 11:37 - 00003390 _____ C:\Users\bruno.tavares\AppData\Local\icsys.icn
2016-06-01 10:54 - 2009-09-17 07:05 - 00145448 _____ (SafeNet, Inc.) C:\Windows\system32\Drivers\sentinel64.sys
2016-06-01 10:53 - 2016-06-01 10:53 - 00000000 ____D C:\Windows\Downloaded Installations
2016-06-01 10:49 - 2006-12-20 10:00 - 02511360 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\haspds_windows.dll
2016-06-01 10:49 - 2002-01-05 13:37 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2016-05-31 08:52 - 2016-05-31 08:52 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-05-31 08:52 - 2016-05-31 08:52 - 00002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-05-31 08:52 - 2016-05-31 08:52 - 00002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-05-31 08:52 - 2016-05-31 08:52 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-05-31 08:52 - 2016-05-31 08:52 - 00002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-05-31 08:52 - 2016-05-31 08:52 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-05-31 08:52 - 2016-05-31 08:52 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-05-31 08:52 - 2016-05-31 08:52 - 00002322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-05-31 08:52 - 2016-05-31 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2016-05-31 08:51 - 2016-06-22 09:53 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-05-31 08:51 - 2016-06-22 09:53 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-31 08:50 - 2016-05-31 08:50 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-05-30 13:36 - 2016-05-30 13:37 - 02530304 _____ (BitTorrent Inc.) C:\Users\bruno.tavares\Downloads\uTorrent.exe
2016-05-25 14:43 - 2016-05-25 14:51 - 00299323 _____ C:\Users\bruno.tavares\Downloads\bhc1M40aUSJ.zip
2016-05-25 12:25 - 2016-05-25 12:25 - 00000165 ____H C:\Users\bruno.tavares\~$Passivo 2.xlsx
2016-05-25 08:13 - 2016-05-25 08:14 - 04187331 _____ C:\Users\bruno.tavares\Downloads\Dialnet-UmEquipamentoDemonstrativoDeLevitacaoMagneticaDeUm-5165595.pdf
2016-05-04 17:05 - 2016-05-04 17:05 - 00001173 _____ C:\Users\bruno.tavares\Downloads\circuit-construction-kit-ac-virtual-lab_pt_BR.jnlp
2016-05-03 12:22 - 2016-05-03 12:22 - 00179257 _____ C:\Users\bruno.tavares\Downloads\vigagv41bhp49.zip
2016-05-03 12:06 - 2016-05-03 12:06 - 00302378 _____ C:\Users\bruno.tavares\Downloads\beam49v11.zip
2016-05-03 12:03 - 2016-05-03 12:03 - 00006232 _____ C:\Users\bruno.tavares\Downloads\icalcv20.zip
2016-05-03 10:41 - 2016-05-03 10:41 - 01669345 _____ C:\Users\bruno.tavares\Downloads\secc121.zip
2016-05-03 10:41 - 2016-05-03 10:41 - 00003859 _____ C:\Users\bruno.tavares\Downloads\seccion2 (1).zip
2016-05-03 10:30 - 2016-05-03 10:30 - 00006188 _____ C:\Users\bruno.tavares\Downloads\vigas.zip
2016-05-03 10:30 - 2016-05-03 10:30 - 00002492 _____ C:\Users\bruno.tavares\Downloads\seccion.zip
2016-05-03 10:28 - 2016-05-03 10:28 - 00003674 _____ C:\Users\bruno.tavares\Downloads\Inercias.zip
2016-05-03 10:17 - 2016-05-03 10:17 - 00006610 _____ C:\Users\bruno.tavares\Downloads\Icalc.zip
2016-05-03 10:17 - 2016-05-03 10:17 - 00003996 _____ C:\Users\bruno.tavares\Downloads\iner.zip
2016-05-02 12:58 - 2016-06-30 08:36 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\MegaDownloader
2016-05-02 10:34 - 2016-05-02 10:35 - 01625969 _____ C:\Users\bruno.tavares\Downloads\ftool301win32.zip
2016-04-29 17:41 - 2016-05-12 08:54 - 00138216 _____ C:\Users\bruno.tavares\Desktop\ULTIMAS MOVIMENTACOES- LOTE 7.xlsx
2016-04-29 17:41 - 2016-04-29 17:41 - 00000165 ____H C:\Users\bruno.tavares\Desktop\~$ULTIMAS MOVIMENTACOES.xlsx
2016-04-29 16:41 - 2016-04-29 16:41 - 00002079 _____ C:\Users\bruno.tavares\Desktop\Conn4x.lnk
2016-04-29 16:32 - 2016-04-29 16:32 - 00002085 _____ C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\HP48g,49g,50g series Calculator Connectivity Kit.lnk
2016-04-29 16:31 - 2016-04-29 16:31 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP48g,49g,50g series Calculator Connectivity Kit
2016-04-29 16:31 - 2005-02-17 14:38 - 00012658 _____ (KINPOSH) C:\Windows\SysWOW64\Drivers\HPx9G2k.sys
2016-04-29 16:28 - 2016-04-29 16:29 - 04520366 _____ (Hewlett-Packard) C:\Users\bruno.tavares\Downloads\Conn4x_Portuguese (1).exe
2016-04-29 15:30 - 2016-04-29 15:30 - 00525064 _____ C:\Users\bruno.tavares\Downloads\HPCalculatorUSBSetup.exe
2016-04-29 11:24 - 2016-04-29 16:38 - 00000000 ____D C:\Users\bruno.tavares\Downloads\HP 50G
2016-04-27 13:18 - 2016-04-27 13:18 - 00118784 _____ C:\Users\bruno.tavares\Downloads\CONCRETO.XLS
2016-04-27 13:16 - 2016-04-27 13:16 - 00094208 _____ C:\Users\bruno.tavares\Downloads\tabelas.xls
2016-04-27 12:23 - 2016-04-27 12:34 - 16267058 _____ C:\Users\bruno.tavares\Downloads\SetupMDSolids40.zip
2016-04-25 12:55 - 2016-04-25 12:55 - 00003140 _____ C:\Windows\System32\Tasks\{E9D135D8-45E9-452F-95EE-5AC621F53878}
2016-04-25 12:27 - 2016-04-25 12:27 - 00001076 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-04-25 12:27 - 2016-04-25 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-04-25 12:27 - 2015-08-13 18:24 - 00138904 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-04-22 14:22 - 2016-04-22 15:13 - 00680913 _____ C:\Users\bruno.tavares\Desktop\sc036960.xlsx

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-20 07:52 - 2009-07-14 01:45 - 00019120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-20 07:52 - 2009-07-14 01:45 - 00019120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-20 07:51 - 2015-07-20 12:48 - 00000000 ____D C:\Users\bruno.tavares\Documents\Arquivos do Outlook
2016-07-20 07:50 - 2016-01-12 14:46 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Skype
2016-07-20 07:10 - 2015-09-23 10:14 - 00000000 ____D C:\Users\bruno.tavares\OneDrive
2016-07-20 07:10 - 2015-04-08 11:20 - 00000000 ____D C:\Temp
2016-07-20 07:05 - 2015-07-14 06:52 - 00001662 _____ C:\Windows\DCEBOOT.RST
2016-07-20 07:05 - 2015-05-13 10:31 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-07-20 07:05 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-19 16:38 - 2015-05-02 07:05 - 00451584 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe
2016-07-19 16:32 - 2011-04-12 09:15 - 00868374 _____ C:\Windows\system32\prfh0416.dat
2016-07-19 16:32 - 2011-04-12 09:15 - 00217490 _____ C:\Windows\system32\prfc0416.dat
2016-07-19 16:32 - 2009-07-14 02:13 - 02110086 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-19 16:32 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-07-19 15:27 - 2015-04-08 08:49 - 00000000 ____D C:\Users\bruno.tavares\Documents\SCAN
2016-07-19 15:24 - 2015-04-09 07:34 - 00012932 _____ C:\Windows\cfgall.ini
2016-07-19 15:24 - 2015-04-08 08:20 - 00000520 _____ C:\Windows\system32\config\netlogon.ftl
2016-07-19 14:53 - 2015-06-19 11:05 - 00000000 ____D C:\Users\bruno.tavares\Desktop\XML
2016-07-19 14:20 - 2015-04-08 14:30 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\VirtualStore
2016-07-19 12:32 - 2015-04-08 14:49 - 00698368 _____ (Trend Micro Inc.) C:\Windows\TSCCensus64.exe
2016-07-19 11:47 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-19 11:29 - 2015-07-13 08:55 - 00025088 _____ (Trend Micro Inc.) C:\Windows\DCEBoot64.exe
2016-07-19 09:24 - 2015-04-10 08:58 - 00002240 ____H C:\Users\bruno.tavares\Documents\Default.rdp
2016-07-19 02:00 - 2015-04-23 17:40 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\Adobe
2016-07-18 15:42 - 2015-10-26 10:50 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-07-18 13:58 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2016-07-18 13:12 - 2016-01-18 17:31 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-18 13:12 - 2016-01-18 17:31 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-18 12:31 - 2015-04-08 14:30 - 00002024 __RSH C:\Users\bruno.tavares\ntuser.pol
2016-07-18 12:31 - 2015-04-08 14:30 - 00000000 ____D C:\Users\bruno.tavares
2016-07-18 12:31 - 2015-04-08 08:22 - 00018186 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-07-18 12:31 - 2015-04-08 08:22 - 00018186 __RSH C:\ProgramData\ntuser.pol
2016-07-18 11:35 - 2015-06-17 10:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-18 11:35 - 2015-06-17 10:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-18 10:41 - 2015-04-08 12:39 - 00000570 _____ C:\Windows\SMSCFG.ini
2016-07-16 15:28 - 2015-04-08 08:40 - 00000000 ____D C:\Users\bruno.tavares\Desktop\Engenharia
2016-07-16 10:00 - 2015-04-17 11:31 - 00000000 ____D C:\Users\bruno.tavares\.VirtualBox
2016-07-15 11:14 - 2015-12-04 16:30 - 00000000 ____D C:\Users\bruno.tavares\Downloads\Nova pasta
2016-07-14 09:43 - 2015-08-27 14:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-14 09:43 - 2015-06-23 08:59 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-13 15:44 - 2015-06-12 11:45 - 00017721 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2016-07-13 15:44 - 2015-03-28 08:31 - 02126608 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-07-13 10:33 - 2016-01-07 15:23 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-13 10:33 - 2016-01-07 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-13 09:55 - 2016-04-07 15:53 - 00000000 ____D C:\Autodesk
2016-07-13 09:43 - 2015-06-09 07:03 - 00000000 ____D C:\Users\bruno.tavares\Desktop\Civil 3D
2016-07-12 11:34 - 2009-07-14 01:45 - 00445312 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-12 11:31 - 2015-04-08 14:31 - 00000981 _____ C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-07-12 11:31 - 2015-03-28 17:01 - 00001296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-12 11:31 - 2015-03-28 17:01 - 00001284 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-12 10:05 - 2016-04-04 13:58 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\CrashDumps
2016-07-12 10:04 - 2015-05-14 08:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-07-12 09:58 - 2015-03-28 08:35 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-07-12 09:13 - 2015-04-08 11:33 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-12 09:13 - 2015-04-08 11:33 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-11 15:17 - 2015-04-08 14:34 - 00116312 _____ C:\Users\bruno.tavares\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-11 14:12 - 2015-05-14 08:04 - 00000000 ____D C:\Program Files (x86)\Autodesk
2016-07-11 12:24 - 2009-07-14 02:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-07-11 12:19 - 2015-09-12 08:57 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-07-05 16:12 - 2015-07-29 16:58 - 00000000 ____D C:\DANFEView
2016-07-04 15:20 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\Setup
2016-07-04 12:10 - 2015-05-14 08:29 - 00000000 ____D C:\Users\bruno.tavares\Documents\Autodesk
2016-07-04 10:15 - 2016-02-10 13:34 - 00229310 _____ C:\Users\bruno.tavares\Desktop\Projeto.dwg
2016-06-28 11:33 - 2015-05-12 13:20 - 00000000 ____D C:\Users\Todos os Usuários\ASGVIS
2016-06-28 11:33 - 2015-05-12 13:20 - 00000000 ____D C:\ProgramData\ASGVIS
2016-06-27 13:33 - 2015-09-12 07:51 - 00000000 ____D C:\Windows\pss
2016-06-22 09:47 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-06-22 09:45 - 2015-03-28 07:36 - 00000000 ____D C:\Program Files\Microsoft Office
2016-06-22 07:27 - 2015-04-23 17:38 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-06-22 07:27 - 2015-04-23 17:38 - 00000000 ____D C:\ProgramData\Adobe
2016-06-22 07:23 - 2015-09-23 10:17 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Office 2016
2016-06-21 15:55 - 2015-04-08 14:31 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Adobe

==================== Arquivos na raiz de alguns diretórios =======

2016-04-06 16:48 - 2016-04-06 16:50 - 0000253 _____ () C:\Users\bruno.tavares\AppData\Roaming\ANICONFIG_{8B82E624-77A1-4174-A392-F4DBA18D7538}.ini
2016-04-06 16:51 - 2016-04-06 16:51 - 0003284 _____ () C:\Users\bruno.tavares\AppData\Roaming\ANIWZCS{8B82E624-77A1-4174-A392-F4DBA18D7538}
2015-08-05 09:18 - 2015-08-05 09:18 - 0000009 _____ () C:\Users\bruno.tavares\AppData\Roaming\id
2016-06-01 11:12 - 2016-06-01 11:37 - 0003390 _____ () C:\Users\bruno.tavares\AppData\Local\icsys.icn
2015-06-30 08:02 - 2015-06-30 08:02 - 0007597 _____ () C:\Users\bruno.tavares\AppData\Local\Resmon.ResmonCfg
2015-08-25 08:47 - 2015-08-25 08:47 - 0000000 _____ () C:\Users\bruno.tavares\AppData\Local\{2EB272A1-CE4C-4C64-A2A5-C43FE8FB655A}
2015-08-14 18:01 - 2015-08-14 18:01 - 0000000 _____ () C:\Users\bruno.tavares\AppData\Local\{AEF5FCF4-FC90-4980-8F35-36B6BF6537E8}

Alguns arquivos em TEMP:
====================
C:\Users\bruno.tavares\AppData\Local\Temp\ConfigurationWizard.exe
C:\Users\bruno.tavares\AppData\Local\Temp\libeay32.dll
C:\Users\bruno.tavares\AppData\Local\Temp\msvcr120.dll
C:\Users\bruno.tavares\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-04-13 14:37

==================== Fim de FRST.txt ============================

Addition.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @brsantos95

 

O FRST deve ser executado diretamente da Área de Trabalho (Desktop), no entanto você executou da pasta:

 

Executando a partir de C:\Users\bruno.tavares\Downloads\Programs

 

Delete-o daí, baixe um novo para o Desktop, execute o FRST, marque a opção Addition e clique no botão Examinar. Anexe os logs.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 18-07-2016
Executado por bruno.tavares (administrador) em TEN-EALMOX-04 (20-07-2016 09:47:21)
Executando a partir de C:\Users\bruno.tavares\Desktop
Perfis Carregados: bruno.tavares (Perfis Disponíveis: bruno.tavares & TEN-admin)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\Ntrtscan.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RalinkRegistryWriter.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RalinkRegistryWriter64.exe
(CYPE Ingenieros S.A.) C:\CYPE Ingenieros\Versão 2015\servipas\servcpas.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
() C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmListen.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\CNTAoSMgr.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\msoia.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\TmCCSF.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(GlavSoft LLC.) C:\Program Files\TightVNC\tvnserver.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe
(Trend Micro Inc.) C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(BitTorrent Inc.) C:\Users\bruno.tavares\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe
(Microsoft Corporation) C:\Windows\CCM\CcmExec.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
() C:\Users\bruno.tavares\AppData\Roaming\uTorrent\VirusGuard\BitTorrentAntivirus.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Microsoft Corporation) C:\Windows\CCM\RemCtrl\CmRcService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(MPC-HC Team) C:\Program Files (x86)\K-Lite Codec Pack\MPC-HC64\mpc-hc64.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfica32.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [tvncontrol] => C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe [2908888 2013-08-15] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-10-25] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-12] (Intel Corporation)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [380088 2012-07-27] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-06-07] (Power Software Ltd)
HKLM-x32\...\Run: [OfficeScanNT Monitor] => C:\Program Files (x86)\Trend Micro\OfficeScan Client\pccntmon.exe [2462336 2015-07-24] (Trend Micro Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-03-10] (Banco do Brasil)
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3903056 2015-05-20] (Tonec Inc.)
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Run: [uTorrent] => C:\Users\bruno.tavares\AppData\Roaming\uTorrent\uTorrent.exe [4951040 2016-05-06] (BitTorrent Inc.)
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Run: [Lync] => "C:\Program Files\Microsoft Office 15\root\office15\lync.exe" /fromrunkey
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Run: [Akamai NetSession Interface] => "C:\Users\bruno.tavares\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\RunOnce: [Uninstall C:\Users\bruno.tavares\AppData\Local\Microsoft\OneDrive\17.3.4604.0120_1\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\bruno.tavares\AppData\Local\Microsoft\OneDrive\17.3.4604.0120_1\amd64"
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\RunOnce: [Uninstall C:\Users\bruno.tavares\AppData\Local\Microsoft\OneDrive\17.3.4604.0120_1] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\bruno.tavares\AppData\Local\Microsoft\OneDrive\17.3.4604.0120_1"
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Policies\system: [Wallpaper] %logonserver%\netlogon\QG-desktop-Compliance-1024x768.JPG
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Policies\system: [WallpaperStyle] 3
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Policies\Explorer: []
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\MountPoints2: H - H:\RunGame.exe
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\MountPoints2: {13863323-91c9-11e5-a71f-74867afcac0a} - H:\SISetup.exe
HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\MountPoints2: {d843f2bb-0eb1-11e5-85d4-74867afcac0a} - F:\Setup.exe
AppInit_DLLs-x32: C:\PROGRA~2\Citrix\ICACLI~1\RSHook.dll => C:\Program Files (x86)\Citrix\ICA Client\RSHook.dll [257208 2012-07-27] (Citrix Systems, Inc.)
IFEO\OSppSvc.exe: [Debugger]
IFEO\SppSvc.exe: [Debugger]
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1864576 2015-03-10] (Banco do Brasil)
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Servidor de hardlocks de rede.lnk [2016-07-18]
ShortcutTarget: Servidor de hardlocks de rede.lnk -> C:\CYPE Ingenieros\Versão 2015\servipas\Servidor de hardlocks de rede.exe (Nenhum Arquivo)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\wampmanager.lnk [2016-01-14]
ShortcutTarget: wampmanager.lnk -> C:\wamp\wampmanager.exe (Aestan Software)
Startup: C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk [2016-03-19]
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyServer: [S-1-5-21-1833769877-242398472-790376807-38818] => webproxy.queirozgalvao.com:8080
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.211.0.4 10.10.19.3
Tcpip\..\Interfaces\{5B2CD355-71C4-4788-AD69-5458A1902623}: [DhcpNameServer] 10.211.0.4 10.10.19.3
Tcpip\..\Interfaces\{BFE83BFA-7922-4406-B0E7-BE4729564CE1}: [NameServer] 10.0.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-1833769877-242398472-790376807-38818\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-06-05] (Microsoft Corporation)
BHO: Trend Micro Osprey Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg.dll [2015-06-17] (Trend Micro Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-06-05] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-06-05] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-06-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-17] (Oracle Corporation)
BHO-x32: Trend Micro Osprey Plugin -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll [2015-06-17] (Trend Micro Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2016-06-05] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-03-10] (Banco do Brasil)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-05] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-17] (Oracle Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-05] (Microsoft Corporation)
Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg.dll [2015-06-17] (Trend Micro Inc.)
Handler-x32: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmopIEPlg32.dll [2015-06-17] (Trend Micro Inc.)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2012-07-27] (Citrix Systems, Inc.)

FireFox:
========
FF ProfilePath: C:\Users\bruno.tavares\AppData\Roaming\Mozilla\Firefox\Profiles\y9gm6ird.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-18] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-05] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @adobe.com/AuthorwarePlayer -> C:\Windows\system32\Macromed\AUTHORWA\np32asw.dll [Nenhum Arquivo]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-18] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1222172.dll [Nenhum Arquivo]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2012-07-27] (Citrix Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-12] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-12] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-06-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-06-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1833769877-242398472-790376807-38818: gastecnologia.com.br/sf/bb64 -> C:\Users\bruno.tavares\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [Nenhum Arquivo]
FF Plugin HKU\S-1-5-21-1833769877-242398472-790376807-38818: SkypePlugin -> C:\Users\bruno.tavares\AppData\Local\SkypePlugin\7.12.0.55\npGatewayNpapi.dll [2015-12-08] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-1833769877-242398472-790376807-38818: SkypePlugin64 -> C:\Users\bruno.tavares\AppData\Local\SkypePlugin\7.12.0.55\npGatewayNpapi-x64.dll [2015-12-08] (Skype Technologies S.A.)
FF Extension: IDM integration - C:\Users\bruno.tavares\AppData\Roaming\Mozilla\Firefox\Profiles\y9gm6ird.default\extensions\mozilla_cc2@internetdownloadmanager.com [2016-07-18]
FF HKLM-x32\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files (x86)\Trend Micro\OfficeScan Client\FirefoxExtensionOsprey
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files (x86)\Trend Micro\OfficeScan Client\FirefoxExtensionOsprey [2015-09-16] [não assinado]
FF HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\bruno.tavares\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\bruno.tavares\AppData\Roaming\IDM\idmmzcc5 [2016-07-20] [não assinado]
FF HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\bruno.tavares\AppData\Roaming\IDM\idmmzcc5
FF HKU\S-1-5-21-1833769877-242398472-790376807-38818\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-06-08]

Chrome:
=======
CHR Profile: C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-08]
CHR Extension: (Docs) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-08]
CHR Extension: (Google Drive) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-08]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcipapbfhdnmgihoimbjiadmhpcgcnil [2015-04-09]
CHR Extension: (YouTube) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-08]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd [2015-04-08]
CHR Extension: (Pesquisa do Google) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-08]
CHR Extension: (Planilhas do Google) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-08]
CHR Extension: (Google Wallet) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-08]
CHR Extension: (Gmail) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08]
CHR Profile: C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-10]
CHR Extension: (Docs) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-10]
CHR Extension: (Google Drive) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-18]
CHR Extension: (Audiotool) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [2015-08-06]
CHR Extension: (YouTube) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd [2015-09-25]
CHR Extension: (Pesquisa do Google) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-10]
CHR Extension: (Planilhas do Google) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-10]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
CHR Extension: (CircuitLab) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\haghanbgfkfpmepoohpigmglbfejljoj [2015-04-10]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\imcbnnnoghiihopefblgehihofbfbmei [2015-05-29]
CHR Extension: (AudioSauna) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2015-04-10]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\naeeohopejehgjckpkmbdojogdipklbj [2015-06-05]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-08]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oecmlnmneeeeiccpcohlffnipjhngmdk [2015-10-02]
CHR Extension: (Gmail) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-10]
CHR Profile: C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-19]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-19]
CHR Extension: (Google Drive) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Audiotool) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bkgoccjhfjgjedhkiefaclppgbmoobnk [2015-10-19]
CHR Extension: (YouTube) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-19]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd [2015-10-19]
CHR Extension: (Google Search) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dpkpacmindnbflfmbigkenceicnpjmhh [2016-04-27]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-19]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2016-07-12]
CHR Extension: (CircuitLab) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\haghanbgfkfpmepoohpigmglbfejljoj [2015-10-19]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\imcbnnnoghiihopefblgehihofbfbmei [2016-06-10]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jdcfmebflppkljibgpdlboifpcaalolg [2016-05-03]
CHR Extension: (AudioSauna) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae [2015-10-19]
CHR Extension: (Google Apresentações) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-06-20]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-31]
CHR Extension: (Gmail) - C:\Users\bruno.tavares\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-19]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-06-09]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-06-09]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 CcmExec; C:\Windows\CCM\CcmExec.exe [1773744 2016-01-13] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2855152 2016-06-05] (Microsoft Corporation)
R2 CmRcService; C:\Windows\CCM\RemCtrl\CmRcService.exe [671928 2015-04-14] (Microsoft Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [565560 2015-01-20] (GAS Tecnologia)
R2 hasplms; C:\Windows\system32\hasplms.exe [4608320 2014-11-26] (SafeNet Inc.)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-12] (Intel Corporation)
S3 lpasvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation)
S3 lppsvc; C:\Program Files\Microsoft Policy Platform\policyHost.exe [50280 2012-08-02] (Microsoft Corporation)
R2 ntrtscan; C:\Program Files (x86)\Trend Micro\OfficeScan Client\ntrtscan.exe [5202160 2015-07-30] (Trend Micro Inc.)
R2 RalinkRegistryWriter; C:\Program Files (x86)\Ralink\Common\RalinkRegistryWriter.exe [75040 2008-09-05] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\Ralink\Common\RalinkRegistryWriter64.exe [210720 2008-09-05] (Ralink Technology, Corp.)
R2 Servidor de hardlocks de rede; C:\CYPE Ingenieros\Versão 2015\servipas\servcpas.exe [102400 2015-11-30] (CYPE Ingenieros S.A.) [Arquivo não assinado]
S3 smstsmgr; C:\Windows\CCM\TSManager.exe [316600 2015-04-14] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-02] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6341904 2015-09-28] (TeamViewer GmbH)
R3 TMBMServer; C:\Program Files (x86)\Trend Micro\BM\TMBMSRV.exe [584704 2015-07-23] (Trend Micro Inc.)
R3 tmccsf; C:\Program Files (x86)\Trend Micro\OfficeScan Client\CCSF\tmccsf.exe [713384 2015-07-24] (Trend Micro Inc.)
R2 tmlisten; C:\Program Files (x86)\Trend Micro\OfficeScan Client\tmlisten.exe [5155520 2015-07-24] (Trend Micro Inc.)
R2 tvnserver; C:\Program Files\TightVNC\tvnserver.exe [2179056 2013-07-19] (GlavSoft LLC.)
R2 VRLService; C:\ProgramData\ASGVIS\Dongle Utilities\startvrlservice.exe [209408 2014-09-05] () [Arquivo não assinado]
S3 wampapache; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [22016 2014-05-01] (Apache Software Foundation) [Arquivo não assinado]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [10959360 2014-05-01] () [Arquivo não assinado]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [X]
S4 LjladpMeselygidusp.exe;  [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [63944 2013-08-01] (SafeNet Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [30720 2015-05-12] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [37376 2015-05-12] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [94208 2015-05-12] (LG Electronics Inc.)
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [26024 2009-02-12] (EldoS Corporation)
S3 GemCCID; C:\Windows\System32\DRIVERS\GemCCID.sys [130944 2014-11-10] (Gemalto)
S2 Hardlock; C:\Windows\SysWOW64\drivers\hardlock.sys [676864 2004-07-14] (Aladdin Knowledge Systems) [Arquivo não assinado]
S3 HPx9G+; C:\Windows\System32\DRIVERS\HPx9G2k.sys [32056 2009-11-12] (Hewlett Packard Development LLC)
S3 HPx9G+; C:\Windows\SysWOW64\DRIVERS\HPx9G2k.sys [12658 2005-02-17] (KINPOSH) [Arquivo não assinado]
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-05-29] (Intel Corporation)
R3 int0800; C:\Windows\System32\DRIVERS\flashud.sys [51712 2009-09-09] (Intel Corporation)
R3 IntcAzAudAddService; C:\Windows\System32\drivers\RTDVHD64.sys [2191832 2013-08-15] (Realtek Semiconductor Corp.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [180480 2015-10-08] (Intel Corporation)
R2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [76040 2013-05-12] (Chingachguk & Denger2k (Elite & SP edition))
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
R3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1061888 2009-09-15] (Ralink Technology Corp.)
S3 prepdrvr; C:\Windows\System32\DRIVERS\prepdrv.sys [26984 2012-11-21] (Microsoft Corporation)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R3 Serenum; C:\Windows\System32\DRIVERS\nuvserenum.sys [23552 2014-01-12] (Windows (R) Win 7 DDK provider)
R3 Serial; C:\Windows\System32\DRIVERS\nuvserial.sys [86016 2014-01-12] (Nuvoton Technology Corp.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-13] (Synaptics Incorporated)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [206104 2014-12-02] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [119336 2015-07-28] (Trend Micro Inc.)
R1 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [324824 2015-07-28] (Trend Micro Inc.)
R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC64.sys [61232 2015-06-19] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [116576 2015-06-08] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [79720 2015-07-28] (Trend Micro Inc.)
R2 TmFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmXPFlt.sys [368392 2015-07-02] (Trend Micro Inc.)
R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [416608 2015-05-28] (Trend Micro Inc.)
R2 TmPreFilter; C:\Program Files (x86)\Trend Micro\OfficeScan Client\TmPreFlt.sys [44808 2015-07-02] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [109080 2013-06-18] (Trend Micro Inc.)
R3 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [116536 2015-06-22] (Trend Micro Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [Arquivo não assinado]
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-08-13] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [146072 2015-08-13] (Oracle Corporation)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [125008 2015-08-13] (Oracle Corporation)
R2 VSApiNt; C:\Program Files (x86)\Trend Micro\OfficeScan Client\VSApiNt.sys [2384136 2015-07-02] (Trend Micro Inc.)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-01-20] (GAS Tecnologia LTDA)
S2 aksdf; system32\DRIVERS\aksdf.sys [X]
S3 akshasp; system32\DRIVERS\akshasp.sys [X]
S3 aksusb; system32\DRIVERS\aksusb.sys [X]
S3 andnetadb; System32\Drivers\lgandnetadb.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-20 09:47 - 2016-07-20 09:48 - 00039614 _____ C:\Users\bruno.tavares\Desktop\FRST.txt
2016-07-20 07:47 - 2016-07-20 09:47 - 00000000 ____D C:\FRST
2016-07-20 07:45 - 2016-07-20 07:45 - 02391552 _____ (Farbar) C:\Users\bruno.tavares\Desktop\FRST64.exe
2016-07-19 14:38 - 2016-07-19 14:39 - 00005156 _____ C:\Users\bruno.tavares\Downloads\23160735123447001619550010000486301199963730.xml
2016-07-19 11:27 - 2016-07-19 11:27 - 00010307 _____ C:\Users\bruno.tavares\Desktop\Relação de Notas.xlsx
2016-07-18 14:08 - 2016-07-18 14:08 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\CYPE Ingenieros
2016-07-18 14:02 - 2016-07-18 14:02 - 00000000 ____D C:\usr
2016-07-18 13:58 - 2016-07-18 13:58 - 00000000 ____D C:\Users\bruno.tavares\Documents\Downloaded Installations
2016-07-18 13:58 - 2004-07-14 12:54 - 00676864 _____ (Aladdin Knowledge Systems) C:\Windows\SysWOW64\Drivers\hardlock.sys
2016-07-18 13:57 - 2016-07-18 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CYPE Ingenieros Versão 2015
2016-07-18 13:57 - 2016-07-18 13:57 - 00001073 _____ C:\Users\Public\Desktop\CYPE 2015 (Brasil).lnk
2016-07-18 13:51 - 2016-07-18 14:08 - 00000000 ____D C:\CYPE Ingenieros
2016-07-18 13:12 - 2016-07-20 07:05 - 00000964 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-18 13:12 - 2016-07-18 13:12 - 00003984 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-07-18 13:11 - 2016-07-18 13:11 - 20466368 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-07-18 11:35 - 2016-07-20 09:09 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-18 11:35 - 2016-07-18 13:12 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-18 11:05 - 2016-07-18 11:05 - 00003718 _____ C:\Users\bruno.tavares\Desktop\ZHPCleaner.txt
2016-07-18 10:45 - 2016-07-18 10:59 - 00000843 _____ C:\Users\bruno.tavares\Desktop\ZHPCleaner.lnk
2016-07-18 10:43 - 2016-07-18 11:56 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\ZHP
2016-07-18 10:17 - 2016-07-18 10:17 - 00001904 _____ C:\Users\bruno.tavares\Desktop\JRT.txt
2016-07-18 10:02 - 2016-07-18 10:02 - 00003660 _____ C:\Users\bruno.tavares\Desktop\AdwCleaner[C1].txt
2016-07-18 09:54 - 2016-07-18 09:57 - 00000000 ____D C:\AdwCleaner
2016-07-18 09:52 - 2016-07-18 09:52 - 02283008 _____ C:\Users\bruno.tavares\Desktop\ZHPCleaner.exe
2016-07-18 09:51 - 2016-07-18 09:52 - 01610560 _____ (Malwarebytes) C:\Users\bruno.tavares\Desktop\JRT.exe
2016-07-18 09:50 - 2016-07-18 09:53 - 03712064 _____ C:\Users\bruno.tavares\Desktop\adwcleaner_5.201.exe
2016-07-15 08:59 - 2016-07-15 09:09 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\Mozilla
2016-07-15 08:59 - 2016-07-15 09:03 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Mozilla
2016-07-15 08:49 - 2016-07-15 08:49 - 00000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-07-15 08:49 - 2016-07-15 08:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-07-15 08:49 - 2016-07-15 08:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-15 08:34 - 2016-07-15 08:47 - 47206880 _____ C:\Users\bruno.tavares\Downloads\Firefox Setup 47.0.1.exe
2016-07-15 07:47 - 2016-07-15 07:47 - 00018819 _____ C:\Users\bruno.tavares\Desktop\browse.xlsx
2016-07-15 03:14 - 2016-07-18 07:06 - 00000001 _____ C:\Windows\SysWOW64\br.html
2016-07-14 08:02 - 2016-07-14 08:02 - 00027938 _____ C:\Users\bruno.tavares\Downloads\3BA9.tmp
2016-07-13 15:43 - 2016-07-13 15:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft System Center 2012
2016-07-13 15:41 - 2016-07-13 15:41 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\UltraVNC
2016-07-13 13:46 - 2016-07-13 13:46 - 00001669 _____ C:\Users\bruno.tavares\Downloads\launch (3).ica
2016-07-13 10:32 - 2016-07-13 10:33 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-07-12 13:54 - 2016-07-12 16:54 - 00001670 _____ C:\Users\bruno.tavares\Downloads\launch (2).ica
2016-07-12 13:42 - 2016-07-12 13:42 - 00000000 ____D C:\Users\Todos os Usuários\IDM
2016-07-12 13:42 - 2016-07-12 13:42 - 00000000 ____D C:\ProgramData\IDM
2016-07-12 13:30 - 2016-07-12 12:38 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-07-12 11:29 - 2016-07-12 11:29 - 00001669 _____ C:\Users\bruno.tavares\Downloads\launch (1).ica
2016-07-12 09:51 - 2016-07-12 09:51 - 00000000 ____D C:\Users\bruno.tavares\Documents\InvSvr_x64_NAVMAN_13
2016-07-12 09:43 - 2016-07-12 09:43 - 00000000 ____D C:\Program Files (x86)\Microsoft WSE
2016-07-12 09:00 - 2016-07-12 09:00 - 00000269 _____ C:\Users\bruno.tavares\Documents\licença Robot Structural Analysis Professional 2017.txt
2016-07-11 16:46 - 2016-07-11 16:46 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\DigiPara
2016-07-11 16:21 - 2016-07-11 16:21 - 00002358 _____ C:\Users\Public\Desktop\Autodesk Robot Structural Analysis Professional 2016.lnk
2016-07-11 15:18 - 2016-07-16 15:31 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\Autodesk
2016-07-11 15:09 - 2016-07-11 15:09 - 00001975 _____ C:\Users\Public\Desktop\Revit 2016.lnk
2016-07-11 14:59 - 2016-07-12 10:03 - 00000000 ____D C:\Program Files\Autodesk
2016-07-11 14:45 - 2016-07-12 10:04 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk
2016-07-11 14:45 - 2016-07-12 10:04 - 00000000 ____D C:\ProgramData\Autodesk
2016-07-11 14:45 - 2016-07-12 09:38 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Autodesk
2016-07-11 13:28 - 2016-07-11 13:28 - 00000000 ____D C:\Users\Todos os Usuários\IsolatedStorage
2016-07-11 13:28 - 2016-07-11 13:28 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\IsolatedStorage
2016-07-11 13:28 - 2016-07-11 13:28 - 00000000 ____D C:\ProgramData\IsolatedStorage
2016-07-11 13:22 - 2016-07-11 13:22 - 00000000 ____D C:\Users\Todos os Usuários\Applications
2016-07-11 13:22 - 2016-07-11 13:22 - 00000000 ____D C:\ProgramData\Applications
2016-07-11 07:35 - 2016-07-19 14:26 - 00000000 ____D C:\Program Files (x86)\Lezase
2016-07-11 07:35 - 2016-07-11 07:35 - 00001521 _____ C:\Users\bruno.tavares\Downloads\launch (2).ica.crdownload
2016-07-08 15:57 - 2016-07-08 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TigreCAD-2010
2016-07-08 15:57 - 2016-07-08 15:57 - 00000000 ____D C:\Program Files (x86)\TigreCAD-2010
2016-07-07 15:56 - 2016-07-07 15:56 - 00000000 ____D C:\Users\Public\Autodesk
2016-07-07 13:18 - 2016-07-14 13:40 - 07176192 _____ C:\Users\bruno.tavares\Desktop\Projeto Estrutural 2.rvt
2016-07-07 13:18 - 2016-07-06 14:10 - 17661952 _____ C:\Users\bruno.tavares\Desktop\Projeto2.rvt
2016-07-07 13:05 - 2016-07-07 13:14 - 58875904 _____ C:\Users\bruno.tavares\Downloads\Arctipo_2015.rte
2016-07-07 09:13 - 2016-07-07 09:13 - 00001668 _____ C:\Users\bruno.tavares\Downloads\launch.ica
2016-07-05 09:53 - 2016-07-05 09:53 - 00000000 ____D C:\Users\Todos os Usuários\Inreal Technologies
2016-07-05 09:53 - 2016-07-05 09:53 - 00000000 ____D C:\Users\bruno.tavares\Documents\Inreal Technologies
2016-07-05 09:53 - 2016-07-05 09:53 - 00000000 ____D C:\ProgramData\Inreal Technologies
2016-07-05 09:50 - 2016-07-05 09:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Enscape
2016-07-04 17:09 - 2016-07-04 17:09 - 748582619 _____ C:\Windows\MEMORY.DMP
2016-07-04 17:09 - 2016-07-04 17:09 - 00720312 _____ C:\Windows\Minidump\070416-43649-01.dmp
2016-07-04 17:09 - 2016-07-04 17:09 - 00000000 ____D C:\Windows\Minidump
2016-07-04 15:13 - 2013-05-12 16:08 - 00076040 _____ (Chingachguk & Denger2k (Elite & SP edition)) C:\Windows\system32\Drivers\multikey.sys
2016-07-04 15:11 - 2002-07-26 17:02 - 00153088 _____ C:\Windows\SysWOW64\UNWISE.EXE
2016-06-28 11:33 - 2016-06-28 11:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chaos Group
2016-06-28 11:32 - 2016-06-28 11:32 - 00000000 ____D C:\Program Files\WIBU-SYSTEMS
2016-06-28 11:32 - 2016-06-28 11:32 - 00000000 ____D C:\Program Files (x86)\WIBU-SYSTEMS
2016-06-28 11:24 - 2016-06-28 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2015
2016-06-28 11:24 - 2016-06-28 11:24 - 00000000 ____D C:\Program Files\SketchUp
2016-06-27 14:12 - 2016-06-27 14:12 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\4kdownload.com
2016-06-27 14:11 - 2016-06-27 14:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
2016-06-27 14:11 - 2016-06-27 14:11 - 00000000 ____D C:\Program Files (x86)\4KDownload
2016-06-23 13:45 - 2016-06-23 13:45 - 00001872 _____ C:\Users\bruno.tavares\Desktop\uTorrent.lnk
2016-06-23 13:45 - 2016-06-23 13:45 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent Pro 3.4.7 Build 42330 by Seven7i
2016-06-23 13:44 - 2016-07-20 09:48 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\uTorrent
2016-06-22 09:47 - 2016-06-22 09:47 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-06-21 15:54 - 2016-06-21 15:54 - 00003528 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-QUEIROZGALVAO-bruno.tavares
2016-06-21 15:48 - 2016-06-21 15:48 - 00000000 ____D C:\Users\Todos os Usuários\regid.1986-12.com.adobe
2016-06-21 15:48 - 2016-06-21 15:48 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-06-21 15:47 - 2016-06-21 15:47 - 00001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2016-06-21 15:47 - 2016-06-21 15:47 - 00000000 ____D C:\Users\bruno.tavares\Documents\Adobe
2016-06-21 15:19 - 2016-06-21 15:47 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-06-21 15:19 - 2016-06-21 15:19 - 00000000 ____D C:\Program Files\Adobe
2016-06-21 15:14 - 2016-06-21 15:14 - 00001530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-06-21 10:30 - 2016-06-21 10:30 - 00000884 _____ C:\Users\Public\Desktop\MegaDownloader.lnk
2016-06-21 10:30 - 2016-06-21 10:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MegaDownloader
2016-06-21 10:30 - 2016-06-21 10:30 - 00000000 ____D C:\Program Files\MegaDownloader
2016-06-21 10:29 - 2016-06-21 10:29 - 02097696 _____ (AppsForMega.info ) C:\Users\bruno.tavares\Downloads\MegaDownloader_v1.7.exe
2016-06-20 07:41 - 2016-07-20 07:50 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\DMCache
2016-06-20 07:41 - 2016-07-19 16:44 - 00000000 ____D C:\Users\bruno.tavares\Downloads\Compressed
2016-06-20 07:41 - 2016-07-19 16:34 - 00000000 ____D C:\Users\bruno.tavares\Downloads\Video
2016-06-20 07:41 - 2016-07-12 16:12 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-06-20 07:41 - 2016-07-07 10:52 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\IDM
2016-06-20 07:41 - 2016-06-20 07:41 - 00001009 _____ C:\Users\bruno.tavares\Desktop\Internet Download Manager.lnk
2016-06-20 07:41 - 2016-06-20 07:41 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-06-20 07:41 - 2016-06-20 07:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
2016-06-20 07:39 - 2016-06-20 07:40 - 06851184 _____ (Tonec Inc.) C:\Users\bruno.tavares\Downloads\idman625build21.exe
2016-06-17 13:22 - 2016-06-17 13:26 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\NFS Underground 2
2016-06-17 13:20 - 2016-06-17 13:20 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-06-16 07:39 - 2016-06-16 07:39 - 00001801 _____ C:\Windows\SMSAdvancedClient.configmgr2012ac-sp2r2sp1-kb3135680-x64.mif
2016-06-16 07:36 - 2016-06-16 07:36 - 00014348 _____ C:\Windows\system32\CcmFramework.ini
2016-06-16 07:36 - 2016-06-16 07:36 - 00000621 _____ C:\Windows\system32\CcmFramework.h
2016-06-16 07:28 - 2016-06-16 07:35 - 00000000 ____D C:\Windows\system32\{3DA228BE-34DA-49f4-A081-66465B077429}
2016-06-15 14:18 - 2016-06-15 14:30 - 08025608 _____ C:\Users\bruno.tavares\Downloads\Não confirmado 772552.crdownload
2016-06-15 08:02 - 2016-06-15 08:02 - 00153818 _____ C:\Users\bruno.tavares\Downloads\Notas.zip
2016-06-10 10:39 - 2016-06-10 10:39 - 00033424 _____ C:\Users\bruno.tavares\Desktop\Habilitação Cidada.pdf
2016-06-09 13:49 - 2016-05-24 11:29 - 00207928 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2016-06-01 11:12 - 2016-06-01 11:37 - 00003390 _____ C:\Users\bruno.tavares\AppData\Local\icsys.icn
2016-06-01 10:54 - 2009-09-17 07:05 - 00145448 _____ (SafeNet, Inc.) C:\Windows\system32\Drivers\sentinel64.sys
2016-06-01 10:53 - 2016-06-01 10:53 - 00000000 ____D C:\Windows\Downloaded Installations
2016-06-01 10:49 - 2006-12-20 10:00 - 02511360 _____ (Aladdin Knowledge Systems Ltd.) C:\Windows\SysWOW64\haspds_windows.dll
2016-06-01 10:49 - 2002-01-05 13:37 - 00344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2016-05-31 08:52 - 2016-05-31 08:52 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-05-31 08:52 - 2016-05-31 08:52 - 00002417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-05-31 08:52 - 2016-05-31 08:52 - 00002406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-05-31 08:52 - 2016-05-31 08:52 - 00002355 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-05-31 08:52 - 2016-05-31 08:52 - 00002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-05-31 08:52 - 2016-05-31 08:52 - 00002342 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-05-31 08:52 - 2016-05-31 08:52 - 00002338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-05-31 08:52 - 2016-05-31 08:52 - 00002322 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-05-31 08:52 - 2016-05-31 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ferramentas do Microsoft Office 2016
2016-05-31 08:51 - 2016-06-22 09:53 - 00000000 ____D C:\Users\Todos os Usuários\regid.1991-06.com.microsoft
2016-05-31 08:51 - 2016-06-22 09:53 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-05-31 08:50 - 2016-05-31 08:50 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-05-30 13:36 - 2016-05-30 13:37 - 02530304 _____ (BitTorrent Inc.) C:\Users\bruno.tavares\Downloads\uTorrent.exe
2016-05-25 14:43 - 2016-05-25 14:51 - 00299323 _____ C:\Users\bruno.tavares\Downloads\bhc1M40aUSJ.zip
2016-05-25 12:25 - 2016-05-25 12:25 - 00000165 ____H C:\Users\bruno.tavares\~$Passivo 2.xlsx
2016-05-25 08:13 - 2016-05-25 08:14 - 04187331 _____ C:\Users\bruno.tavares\Downloads\Dialnet-UmEquipamentoDemonstrativoDeLevitacaoMagneticaDeUm-5165595.pdf
2016-05-04 17:05 - 2016-05-04 17:05 - 00001173 _____ C:\Users\bruno.tavares\Downloads\circuit-construction-kit-ac-virtual-lab_pt_BR.jnlp
2016-05-03 12:22 - 2016-05-03 12:22 - 00179257 _____ C:\Users\bruno.tavares\Downloads\vigagv41bhp49.zip
2016-05-03 12:06 - 2016-05-03 12:06 - 00302378 _____ C:\Users\bruno.tavares\Downloads\beam49v11.zip
2016-05-03 12:03 - 2016-05-03 12:03 - 00006232 _____ C:\Users\bruno.tavares\Downloads\icalcv20.zip
2016-05-03 10:41 - 2016-05-03 10:41 - 01669345 _____ C:\Users\bruno.tavares\Downloads\secc121.zip
2016-05-03 10:41 - 2016-05-03 10:41 - 00003859 _____ C:\Users\bruno.tavares\Downloads\seccion2 (1).zip
2016-05-03 10:30 - 2016-05-03 10:30 - 00006188 _____ C:\Users\bruno.tavares\Downloads\vigas.zip
2016-05-03 10:30 - 2016-05-03 10:30 - 00002492 _____ C:\Users\bruno.tavares\Downloads\seccion.zip
2016-05-03 10:28 - 2016-05-03 10:28 - 00003674 _____ C:\Users\bruno.tavares\Downloads\Inercias.zip
2016-05-03 10:17 - 2016-05-03 10:17 - 00006610 _____ C:\Users\bruno.tavares\Downloads\Icalc.zip
2016-05-03 10:17 - 2016-05-03 10:17 - 00003996 _____ C:\Users\bruno.tavares\Downloads\iner.zip
2016-05-02 12:58 - 2016-06-30 08:36 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\MegaDownloader
2016-05-02 10:34 - 2016-05-02 10:35 - 01625969 _____ C:\Users\bruno.tavares\Downloads\ftool301win32.zip
2016-04-29 17:41 - 2016-05-12 08:54 - 00138216 _____ C:\Users\bruno.tavares\Desktop\ULTIMAS MOVIMENTACOES- LOTE 7.xlsx
2016-04-29 17:41 - 2016-04-29 17:41 - 00000165 ____H C:\Users\bruno.tavares\Desktop\~$ULTIMAS MOVIMENTACOES.xlsx
2016-04-29 16:41 - 2016-04-29 16:41 - 00002079 _____ C:\Users\bruno.tavares\Desktop\Conn4x.lnk
2016-04-29 16:32 - 2016-04-29 16:32 - 00002085 _____ C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\HP48g,49g,50g series Calculator Connectivity Kit.lnk
2016-04-29 16:31 - 2016-04-29 16:31 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP48g,49g,50g series Calculator Connectivity Kit
2016-04-29 16:31 - 2005-02-17 14:38 - 00012658 _____ (KINPOSH) C:\Windows\SysWOW64\Drivers\HPx9G2k.sys
2016-04-29 16:28 - 2016-04-29 16:29 - 04520366 _____ (Hewlett-Packard) C:\Users\bruno.tavares\Downloads\Conn4x_Portuguese (1).exe
2016-04-29 15:30 - 2016-04-29 15:30 - 00525064 _____ C:\Users\bruno.tavares\Downloads\HPCalculatorUSBSetup.exe
2016-04-29 11:24 - 2016-04-29 16:38 - 00000000 ____D C:\Users\bruno.tavares\Downloads\HP 50G
2016-04-27 13:18 - 2016-04-27 13:18 - 00118784 _____ C:\Users\bruno.tavares\Downloads\CONCRETO.XLS
2016-04-27 13:16 - 2016-04-27 13:16 - 00094208 _____ C:\Users\bruno.tavares\Downloads\tabelas.xls
2016-04-27 12:23 - 2016-04-27 12:34 - 16267058 _____ C:\Users\bruno.tavares\Downloads\SetupMDSolids40.zip
2016-04-25 12:55 - 2016-04-25 12:55 - 00003140 _____ C:\Windows\System32\Tasks\{E9D135D8-45E9-452F-95EE-5AC621F53878}
2016-04-25 12:27 - 2016-04-25 12:27 - 00001076 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2016-04-25 12:27 - 2016-04-25 12:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2016-04-25 12:27 - 2015-08-13 18:24 - 00138904 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2016-04-22 14:22 - 2016-04-22 15:13 - 00680913 _____ C:\Users\bruno.tavares\Desktop\sc036960.xlsx

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-20 09:42 - 2015-07-20 12:48 - 00000000 ____D C:\Users\bruno.tavares\Documents\Arquivos do Outlook
2016-07-20 09:38 - 2016-01-12 14:46 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Skype
2016-07-20 09:37 - 2009-07-14 01:45 - 00019120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-20 09:37 - 2009-07-14 01:45 - 00019120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-20 09:36 - 2015-06-16 07:05 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\ElevatedDiagnostics
2016-07-20 08:57 - 2015-04-08 08:20 - 00000520 _____ C:\Windows\system32\config\netlogon.ftl
2016-07-20 08:29 - 2015-04-23 17:40 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\Adobe
2016-07-20 08:25 - 2015-04-08 12:39 - 00000570 _____ C:\Windows\SMSCFG.ini
2016-07-20 07:10 - 2015-09-23 10:14 - 00000000 ____D C:\Users\bruno.tavares\OneDrive
2016-07-20 07:10 - 2015-04-08 11:20 - 00000000 ____D C:\Temp
2016-07-20 07:05 - 2015-07-14 06:52 - 00001662 _____ C:\Windows\DCEBOOT.RST
2016-07-20 07:05 - 2015-05-13 10:31 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-07-20 07:05 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-19 16:38 - 2015-05-02 07:05 - 00451584 _____ (Trend Micro Inc.) C:\Windows\RegBootClean64.exe
2016-07-19 16:32 - 2011-04-12 09:15 - 00868374 _____ C:\Windows\system32\prfh0416.dat
2016-07-19 16:32 - 2011-04-12 09:15 - 00217490 _____ C:\Windows\system32\prfc0416.dat
2016-07-19 16:32 - 2009-07-14 02:13 - 02110086 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-19 16:32 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-07-19 15:27 - 2015-04-08 08:49 - 00000000 ____D C:\Users\bruno.tavares\Documents\SCAN
2016-07-19 15:24 - 2015-04-09 07:34 - 00012932 _____ C:\Windows\cfgall.ini
2016-07-19 14:53 - 2015-06-19 11:05 - 00000000 ____D C:\Users\bruno.tavares\Desktop\XML
2016-07-19 14:20 - 2015-04-08 14:30 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\VirtualStore
2016-07-19 12:32 - 2015-04-08 14:49 - 00698368 _____ (Trend Micro Inc.) C:\Windows\TSCCensus64.exe
2016-07-19 11:47 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\NDF
2016-07-19 11:29 - 2015-07-13 08:55 - 00025088 _____ (Trend Micro Inc.) C:\Windows\DCEBoot64.exe
2016-07-19 09:24 - 2015-04-10 08:58 - 00002240 ____H C:\Users\bruno.tavares\Documents\Default.rdp
2016-07-18 15:42 - 2015-10-26 10:50 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-07-18 13:58 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2016-07-18 13:12 - 2016-01-18 17:31 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-18 13:12 - 2016-01-18 17:31 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-18 12:31 - 2015-04-08 14:30 - 00002024 __RSH C:\Users\bruno.tavares\ntuser.pol
2016-07-18 12:31 - 2015-04-08 14:30 - 00000000 ____D C:\Users\bruno.tavares
2016-07-18 12:31 - 2015-04-08 08:22 - 00018186 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-07-18 12:31 - 2015-04-08 08:22 - 00018186 __RSH C:\ProgramData\ntuser.pol
2016-07-18 11:35 - 2015-06-17 10:44 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-18 11:35 - 2015-06-17 10:44 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-16 15:28 - 2015-04-08 08:40 - 00000000 ____D C:\Users\bruno.tavares\Desktop\Engenharia
2016-07-16 10:00 - 2015-04-17 11:31 - 00000000 ____D C:\Users\bruno.tavares\.VirtualBox
2016-07-15 11:14 - 2015-12-04 16:30 - 00000000 ____D C:\Users\bruno.tavares\Downloads\Nova pasta
2016-07-14 09:43 - 2015-08-27 14:04 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-14 09:43 - 2015-06-23 08:59 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-13 15:44 - 2015-06-12 11:45 - 00017721 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog
2016-07-13 15:44 - 2015-03-28 08:31 - 02126608 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-07-13 10:33 - 2016-01-07 15:23 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-13 10:33 - 2016-01-07 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-07-13 09:55 - 2016-04-07 15:53 - 00000000 ____D C:\Autodesk
2016-07-13 09:43 - 2015-06-09 07:03 - 00000000 ____D C:\Users\bruno.tavares\Desktop\Civil 3D
2016-07-12 11:34 - 2009-07-14 01:45 - 00445312 _____ C:\Windows\system32\FNTCACHE.DAT
2016-07-12 11:31 - 2015-04-08 14:31 - 00000981 _____ C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-07-12 11:31 - 2015-03-28 17:01 - 00001296 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-07-12 11:31 - 2015-03-28 17:01 - 00001284 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-07-12 10:05 - 2016-04-04 13:58 - 00000000 ____D C:\Users\bruno.tavares\AppData\Local\CrashDumps
2016-07-12 10:04 - 2015-05-14 08:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-07-12 09:58 - 2015-03-28 08:35 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-07-12 09:13 - 2015-04-08 11:33 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-07-12 09:13 - 2015-04-08 11:33 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-11 15:17 - 2015-04-08 14:34 - 00116312 _____ C:\Users\bruno.tavares\AppData\Local\GDIPFONTCACHEV1.DAT
2016-07-11 14:12 - 2015-05-14 08:04 - 00000000 ____D C:\Program Files (x86)\Autodesk
2016-07-11 12:24 - 2009-07-14 02:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-07-11 12:19 - 2015-09-12 08:57 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-07-05 16:12 - 2015-07-29 16:58 - 00000000 ____D C:\DANFEView
2016-07-04 15:20 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\system32\Setup
2016-07-04 12:10 - 2015-05-14 08:29 - 00000000 ____D C:\Users\bruno.tavares\Documents\Autodesk
2016-07-04 10:15 - 2016-02-10 13:34 - 00229310 _____ C:\Users\bruno.tavares\Desktop\Projeto.dwg
2016-06-28 11:33 - 2015-05-12 13:20 - 00000000 ____D C:\Users\Todos os Usuários\ASGVIS
2016-06-28 11:33 - 2015-05-12 13:20 - 00000000 ____D C:\ProgramData\ASGVIS
2016-06-27 13:33 - 2015-09-12 07:51 - 00000000 ____D C:\Windows\pss
2016-06-22 09:47 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-06-22 09:45 - 2015-03-28 07:36 - 00000000 ____D C:\Program Files\Microsoft Office
2016-06-22 07:27 - 2015-04-23 17:38 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2016-06-22 07:27 - 2015-04-23 17:38 - 00000000 ____D C:\ProgramData\Adobe
2016-06-22 07:23 - 2015-09-23 10:17 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Office 2016
2016-06-21 15:55 - 2015-04-08 14:31 - 00000000 ____D C:\Users\bruno.tavares\AppData\Roaming\Adobe

==================== Arquivos na raiz de alguns diretórios =======

2016-04-06 16:48 - 2016-04-06 16:50 - 0000253 _____ () C:\Users\bruno.tavares\AppData\Roaming\ANICONFIG_{8B82E624-77A1-4174-A392-F4DBA18D7538}.ini
2016-04-06 16:51 - 2016-04-06 16:51 - 0003284 _____ () C:\Users\bruno.tavares\AppData\Roaming\ANIWZCS{8B82E624-77A1-4174-A392-F4DBA18D7538}
2015-08-05 09:18 - 2015-08-05 09:18 - 0000009 _____ () C:\Users\bruno.tavares\AppData\Roaming\id
2016-06-01 11:12 - 2016-06-01 11:37 - 0003390 _____ () C:\Users\bruno.tavares\AppData\Local\icsys.icn
2015-06-30 08:02 - 2015-06-30 08:02 - 0007597 _____ () C:\Users\bruno.tavares\AppData\Local\Resmon.ResmonCfg
2015-08-25 08:47 - 2015-08-25 08:47 - 0000000 _____ () C:\Users\bruno.tavares\AppData\Local\{2EB272A1-CE4C-4C64-A2A5-C43FE8FB655A}
2015-08-14 18:01 - 2015-08-14 18:01 - 0000000 _____ () C:\Users\bruno.tavares\AppData\Local\{AEF5FCF4-FC90-4980-8F35-36B6BF6537E8}

Alguns arquivos em TEMP:
====================
C:\Users\bruno.tavares\AppData\Local\Temp\ConfigurationWizard.exe
C:\Users\bruno.tavares\AppData\Local\Temp\libeay32.dll
C:\Users\bruno.tavares\AppData\Local\Temp\msvcr120.dll
C:\Users\bruno.tavares\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-07-20 09:28

==================== Fim de FRST.txt ============================

Addition.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Amigo, este computador é pessoal ou pertence a empresa Queiroz Galvão?

 

Preciso que anexe novamente o Addition.txt, pois está dando erro ao tentar abri-lo.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @brsantos95

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o arquivo (fixlist.txt) no anexo deste post e salve-o na Área de Trabalho (Desktop).

Execute o FRST.exe (ou FRST64.exe) e clique no botão Corrigir.

Aguarde... ao final será gerado o log Fixlog.txt  salvo em sua Área de Trabalho (Desktop).

Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

fixlist.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @brsantos95

 

Baixe a Malwarebytes Anti-Malware (MBAM).
 
Clique duas vezes no mbam-setup.exe para instalar o programa.

  • Desmarque a caixa Ativar trial gratuito do MalwareBytes Anti-Malware PRO.
  • Se houver atualizações a serem feitas, serão baixadas e instaladas..
  • Clique em Configurações, clique em Detecção e proteção, marque Verificar por Rootkits.
  • Volte ao Painel e por fim clique em Verificar agora.
  • Começará então o exame. Aguarde, pois pode demorar.
  • Ao acabar o exame, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Histórico -> Registros do aplicativo na janela principal do programa.
  • Clique duas vezes no log (Registro de verificação). Utilize o formato .txt para exportar o log.
  • O log de Proteção é desnecessário para a análise, exporte sempre o log correto.
  • Selecione, copie e cole o conteúdo deste log em sua próxima resposta.

 

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @brsantos95

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Stinger e salve em sua Área de trabalho (Desktop).
32 bit (x86) ou 64 bit (x64)

  • Execute o arquivo Stinger.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Clique no botão “I Accept”


Stinger%20a.png

Na nova janela clique em “Advanced” e depois “Settings”

Stinger%20b.png

Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

9hnsyu.png

Clique em “Customize my Scan”

Stinger%20f.png

Selecione as unidades do sistema e em seguida clique no botão “Scan”

Stinger%20g.png

Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.
Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @brsantos95

 

Baixe Security Check, by glax24 e salve em sua Área de trabalho (Desktop).

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Aguarde enquanto a ferramenta faz o exame.
  • Ao final salve log como SecurityCheck.html
  • Abra o arquivo com o bloco de notas;
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Amigo

 

Preciso que execute novamente o Security Check, reveja os ultimos passos:

 

  • Ao final salve log como SecurityCheck.html
  • Abra o arquivo com o bloco de notas;
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Aguardo.

Compartilhar este post


Link para o post
Compartilhar em outros sites

SecurityCheck by glax24 & Severnyj v.1.4.0.40 [21.05.16]
WebSite: www.safezone.cc
DateLog: 01.08.2016 12:02:34
Path starting: C:\Users\bruno.tavares\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: bruno.tavares
VersionXML: 3.26is-29.07.2016
___________________________________________________________________________

Windows 7(6.1.7601) Service Pack 1 (x64) Enterprise Lang: Portuguese(0416)
Installation date OS: 28.03.2015 10:27:29
LicenseStatus: Windows(R) 7, Enterprise edition Volume activation will expire : 240780 minutes
Boot Mode: Normal
Default Browser: C:\Program Files\Mozilla Firefox\firefox.exe
SystemDrive: C: FS: [NTFS] Capacity: [390.5 Gb] Used: [341.9 Gb] Free: [48.6 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 11.0.9600.17691 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Automatic download and scheduled installation
Date install updates: 2015-11-06 06:01:11
Windows Update (wuauserv) - The service is running
Central de Segurança (wscsvc) - The service is running
Registro remoto (RemoteRegistry) - The service is running
Descoberta SSDP (SSDPSRV) - The service is running
Serviços de Área de Trabalho Remota (TermService) - The service is running
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Trend Micro OfficeScan Antivirus (disabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Firewall do Windows (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Trend Micro OfficeScan Anti-spyware (disabled and up to date)
Windows Defender (disabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Trend Micro OfficeScan Agent v.11.0.4150
--------------------------- [ OtherUtilities ] ----------------------------
Oracle VM VirtualBox 5.0.2 v.5.0.2 Warning! Download Update
Microsoft Silverlight v.5.1.40728.0 Warning! Download Update
7-Zip 15.14 v.15.14 Warning! Download Update
Uninstall old version and install new one.
Foxit Reader v.7.0.6.1126 Warning! Download Update
WinRAR 5.31 (32-bit) v.5.31.0
--------------------------------- [ IM ] ----------------------------------
Skype™ 7.24 v.7.24.104 Warning! Download Update
^Optional update.^
-------------------------------- [ Java ] ---------------------------------
Java 8 Update 45 v.8.0.450 Warning! Download Update
Uninstall old version and install new one (jre-8u102-windows-i586.exe).
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 22 ActiveX v.22.0.0.210
Adobe Flash Player 22 NPAPI v.22.0.0.209
Adobe Flash Player 22 PPAPI v.22.0.0.209
Adobe Shockwave Player + Authorware Web Player v.v12.2.2.172 Warning! This software is no longer supported. Please uninstall it and use Adobe Shockwave Player.
Adobe Acrobat Reader DC - Português v.15.017.20050
------------------------------- [ Browser ] -------------------------------
Mozilla Firefox 47.0.1 (x64 pt-BR) v.47.0.1
Google Chrome v.51.0.2704.103 Warning! Download Update
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files\Mozilla Firefox\firefox.exe v.47.0.1.6018
------------------ [ AntivirusFirewallProcessServices ] -------------------
McAfee Validation Trust Protection Service (mfevtp) - The service is running
C:\Windows\System32\mfevtps.exe
Windows Defender (WinDefend) - The service has stopped
----------------------------- [ End of Log ] ------------------------------

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @brsantos95

 

Como está seu Windows?

 

# Etapa nº 1 #

 

Baixe o Delfix by Xplode e salve na sua área de trabalho.

 

Clique duas vezes no delfix.exe para executá-lo. Marque as caixas conforme imagem.

 

** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo delfix.exe, depois clique em execadmin.png.

 

2mez6ld.png

 

Clique no botão Executar.

 

Ao final será gerado um log, mas não é necessário postar.
 
# Etapa nº 2 #
 
imageproxy.php?img=http%3A%2F%2Fi65.tiny Versões antigas de programas têm vulnerabilidades que alguns malwares podem usar para infectar o seu sistema.
 
Por isso, é recomendável atualizar os programas que o Security Check apontou como desatualizados (os updates opcionais ficam ao seu critério).
 
Basta clicar no Download Update de cada aviso (post acima), que irá para o site do desenvolvedor.

<<@>> Mantenha sempre seu Windows atualizado; mantenha uma vigilância constante com o firewall e antivírus e por fim, lembre-se que, a melhor forma de prevenir começa pelas nossas atitudes!

 

# Etapa nº 3 #

 

O Ccleaner é um excelente utilitário de limpeza para o computador.

 

Faça o download dele aqui Ccleaner

 

  • Após a instalação vá até o local onde o programa foi instalado, geralmente em C:\Arquivos de programas\CCleaner.
  • Clique duas vezes nesta pasta;
  • Numa área vazia desta janela, clique com o botão direito do mouse e escolha Novo > pasta e crie uma nova pasta;
  • Coloque o nome de backups.
  • Abra o programa e clique em Executar Limpeza;
  • Clique no botão Registro > Procurar Erros > Corrigir erro(s) seleciona(s)...
  • Observação: Não se esqueça de aceitar o backup das correções, e salvá-los nas pasta criada acima!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×