Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 13-10-2016
Executado por USER (administrador) em USER-PC (14-10-2016 08:32:48)
Executando a partir de C:\Users\USER\Desktop
Perfis Carregados: USER & postgres (Perfis Disponíveis: USER & postgres)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\afwServ.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(McAfee, Inc.) C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.1\bin\pg_ctl.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.1\bin\postgres.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.1\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.1\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.1\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.1\bin\postgres.exe
(PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\9.1\bin\postgres.exe
() C:\Program Files (x86)\WeatherTool\2.0.1.11280\WeatherService.exe
(GAS Tecnologia LTDA) C:\Program Files (x86)\Diebold\Warsaw\core.exe
(ShenZhen Enode Techology co,.Ltd) C:\Program Files (x86)\WeatherTool\2.0.1.11280\weather.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(PC Utilities Software Limited) C:\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe
(PC Utilities Software Limited) C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATII4E.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Cyberlink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe
() C:\Windows\Samsung\PanelMgr\SSMMgr.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
() C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe
() C:\Windows\Samsung\PanelMgr\caller64.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
(GAS Tecnologia LTDA) C:\Program Files (x86)\Diebold\Warsaw\core.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [RemoteControl] => C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [56928 2006-11-23] (Cyberlink Corp.)
HKLM-x32\...\Run: [LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [54832 2006-12-05] ()
HKLM-x32\...\Run: [Samsung PanelMgr] => C:\Windows\Samsung\PanelMgr\SSMMgr.exe [688128 2011-07-06] ()
HKLM-x32\...\Run: [3200 Scan2PC] => C:\Windows\twain_32\Samsung\SCX3200\Scan2Pc.exe [1989120 2010-05-18] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [BCU] => C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [411864 2010-03-05] (DeviceVM, Inc.)
HKLM-x32\...\Run: [Diebold - Warsaw] => C:\Program Files (x86)\Diebold\Warsaw\core.exe [518968 2014-07-12] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Bing Bar] => C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe [243544 2010-04-27] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [YouCam Service7] => C:\Program Files (x86)\CyberLink\YouCam7\YouCamService7.exe [466712 2016-07-04] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1156824 2016-09-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\RunOnce: [Pefatodibab] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\USER\AppData\Local\79EDFC~1\Komoso.dat"
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-10-20] (Banco do Brasil)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-07-06] (Banco Itaú Unibanco)
HKU\S-1-5-21-1669034011-631852397-235957565-1000\...\Run: [Facebook Update] => C:\Users\USER\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-04-03] (Facebook Inc.)
HKU\S-1-5-21-1669034011-631852397-235957565-1000\...\Run: [] => "C:\Program Files (x86)\YouTube Accelerator\.exe" /startup
HKU\S-1-5-21-1669034011-631852397-235957565-1000\...\Run: [EEDSpeedLauncher] => C:\Windows\system32\eed_ec.dll [3112960 2014-04-11] ()
HKU\S-1-5-21-1669034011-631852397-235957565-1000\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [148048 2014-10-28] (PC Utilities Software Limited)
HKU\S-1-5-21-1669034011-631852397-235957565-1000\...\Run: [GoogleChromeAutoLaunch_784F03EA1805574ADB86F03CF1DCCEF7] => C:\Users\USER\AppData\Local\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors)
HKU\S-1-5-21-1669034011-631852397-235957565-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATII4E.EXE [283232 2012-02-28] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1669034011-631852397-235957565-1000\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [966760 2016-09-25] (Google Inc.)
HKU\S-1-5-21-1669034011-631852397-235957565-1004\...\Run: [Facebook Update] => C:\Users\USER\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-04-03] (Facebook Inc.)
HKU\S-1-5-21-1669034011-631852397-235957565-1004\...\Run: [] => "C:\Program Files (x86)\YouTube Accelerator\.exe" /startup
HKU\S-1-5-21-1669034011-631852397-235957565-1004\...\Run: [ManyCam] => "C:\Program Files (x86)\ManyCam\ManyCam.exe" --silent
HKU\S-1-5-21-1669034011-631852397-235957565-1004\...\Run: [EEDSpeedLauncher] => C:\Windows\system32\eed_ec.dll [3112960 2014-04-11] ()
HKU\S-1-5-18\...\Run: [EEDSpeedLauncher] => C:\Windows\system32\eed_ec.dll [3112960 2014-04-11] ()
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1945472 2015-10-20] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehuni.dll [1759992 2015-07-06] (Banco Itaú Unibanco)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\USER\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\USER\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\USER\AppData\Local\MEGAsync\ShellExtX64.dll [2016-06-30] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-07] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\USER\AppData\Local\MEGAsync\ShellExtX32.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\USER\AppData\Local\MEGAsync\ShellExtX32.dll [2016-06-30] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\USER\AppData\Local\MEGAsync\ShellExtX32.dll [2016-06-30] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-04-03]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2014-08-15]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-08-16]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ralink Wireless Utility.lnk [2016-02-28]
ShortcutTarget: Ralink Wireless Utility.lnk -> C:\Program Files (x86)\Ralink\Common\RaUI.exe (Ralink Technology, Corp.)
GroupPolicy: Restrição <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyEnable: [.DEFAULT] => Proxy está habilitado.
ProxyServer: [.DEFAULT] => http=127.0.0.1:63683;https=127.0.0.1:63683
Hosts: 0.0.0.1 mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 82.163.142.4 95.211.158.131
Tcpip\..\Interfaces\{1D045926-FE8C-475B-899C-BC55A73D69EF}: [NameServer] 82.163.142.4 95.211.158.131
Tcpip\..\Interfaces\{1D045926-FE8C-475B-899C-BC55A73D69EF}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4AFBA930-D9D7-45F7-A23F-9BBB4F02D5DF}: [NameServer] 82.163.142.4 95.211.158.131
Tcpip\..\Interfaces\{4B3C7F46-D70A-4D72-88BA-2955E43B8127}: [NameServer] 82.163.142.4 95.211.158.131
Tcpip\..\Interfaces\{E9146962-7E72-44B5-9524-B3C7C60A6FE3}: [NameServer] 82.163.142.4 95.211.158.131
Tcpip\..\Interfaces\{E9146962-7E72-44B5-9524-B3C7C60A6FE3}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKU\S-1-5-21-1669034011-631852397-235957565-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=68c50e344e900c679e43168e06ac1aa6
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=68c50e344e900c679e43168e06ac1aa6
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1409240839&from=vit&uid=SAMSUNGXHD753LJ_S13UJDWQB09301&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://br.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1409240839&from=vit&uid=SAMSUNGXHD753LJ_S13UJDWQB09301
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409240839&from=vit&uid=SAMSUNGXHD753LJ_S13UJDWQB09301&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1669034011-631852397-235957565-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://br.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-1669034011-631852397-235957565-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=68c50e344e900c679e43168e06ac1aa6
HKU\S-1-5-21-1669034011-631852397-235957565-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://br.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-1669034011-631852397-235957565-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.iminent.com/?appId=3F7B555A-7361-419A-BBB3-A8CA2114C16F
HKU\S-1-5-21-1669034011-631852397-235957565-1004\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://br.yahoo.com?fr=hp-avast&type=avastbcl
URLSearchHook: HKU\S-1-5-21-1669034011-631852397-235957565-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll (DeviceVM, Inc.)
URLSearchHook: HKU\S-1-5-21-1669034011-631852397-235957565-1000 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
URLSearchHook: HKU\S-1-5-21-1669034011-631852397-235957565-1000 - (Sem Nome) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Nenhum Arquivo
URLSearchHook: HKU\S-1-5-21-1669034011-631852397-235957565-1000 - (Sem Nome) - {cf7c1ceb-1fb1-417f-bb89-821eebc91a22} - C:\Program Files (x86)\ProductivityBoss_e5\bar\1.bin\e5SrcAs.dll Nenhum Arquivo
URLSearchHook: HKU\S-1-5-21-1669034011-631852397-235957565-1004 - (Sem Nome) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - Nenhum Arquivo
URLSearchHook: HKU\S-1-5-21-1669034011-631852397-235957565-1004 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch64.dll (DeviceVM, Inc.)
URLSearchHook: HKU\S-1-5-21-1669034011-631852397-235957565-1004 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409240839&from=vit&uid=SAMSUNGXHD753LJ_S13UJDWQB09301&q={searchTerms}
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKLM -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_22_ch&cd=2XzuyEtN2Y1L1Qzu0B0C0E0EyB0ByDyC0A0E0BtCtB0FtAtAtN0D0Tzu0SzzyByBtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0DyCtDzytAzzzztG0CyCyB0AtGzzyDtCzytGyB0A0BzytGtBtDtC0E0A0D0CyCtAtD0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0A0DyDtByBtCtGtD0C0E0AtGtA0Bzy0AtG0FyEyBtDtGyCyBzztAtCyEzy0FzztByCtA2Q&cr=1149616015&ir=
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409240839&from=vit&uid=SAMSUNGXHD753LJ_S13UJDWQB09301&q={searchTerms}
SearchScopes: HKLM -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://br.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409240839&from=vit&uid=SAMSUNGXHD753LJ_S13UJDWQB09301&q={searchTerms}
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://br.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {a37187ba-df01-4b27-a7c9-a645524b0517} URL = hxxp://int.search.tb.ask.com/search/GGmain.jhtml?p2=^BYM^xdm102^YYA^br&ptb=FA3F9F3B-D476-4F83-A0EC-5E023C983D8D&ind=2016010707&n=7829e1d3&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1000 -> DefaultScope {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_bxi01_15_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0ByDyC0A0E0BtCtB0FtAtAtN0D0Tzu0StCtBtByCtN1L2XzutAtFtCtDtFyCtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StByEtA0E0FtA0ByEtG0EtCtCyBtG0D0DyE0DtGyE0E0E0EtGyC0ByDyBtAzytAtB0EyBzytA2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyDyDyBtB0D0EtAtG0C0DyC0EtGyEtA0F0BtG0BtBtByBtGtB0AyC0FtDtD0ByBtC0BzztD2QtN0A0LzuyE%26cr%3D296287213%26a%3Dwncy_bxi01_15_21%26os%3DWindows 7 Ultimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxps://br.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1000 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_22_ch&cd=2XzuyEtN2Y1L1Qzu0B0C0E0EyB0ByDyC0A0E0BtCtB0FtAtAtN0D0Tzu0SzzyByBtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0DyCtDzytAzzzztG0CyCyB0AtGzzyDtCzytGyB0A0BzytGtBtDtC0E0A0D0CyCtAtD0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0A0DyDtByBtCtGtD0C0E0AtGtA0Bzy0AtG0FyEyBtDtGyCyBzztAtCyEzy0FzztByCtA2Q&cr=1149616015&ir=
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409240839&from=vit&uid=SAMSUNGXHD753LJ_S13UJDWQB09301&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1000 -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://br.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1000 -> {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_bxi01_15_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0ByDyC0A0E0BtCtB0FtAtAtN0D0Tzu0StCtBtByCtN1L2XzutAtFtCtDtFyCtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StByEtA0E0FtA0ByEtG0EtCtCyBtG0D0DyE0DtGyE0E0E0EtGyC0ByDyBtAzytAtB0EyBzytA2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0DyDyDyBtB0D0EtAtG0C0DyC0EtGyEtA0F0BtG0BtBtByBtGtB0AyC0FtDtD0ByBtC0BzztD2QtN0A0LzuyE%26cr%3D296287213%26a%3Dwncy_bxi01_15_21%26os%3DWindows 7 Ultimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://br.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_bxi01_15_21¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1Qzu0B0C0E0EyB0ByDyC0A0E0BtCtB0FtAtAtN0D0Tzu0StCtBtByCtN1L2XzutAtFtCtDtFtBtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDtBzyzztB0B0BtBtGtCtBtAtBtG0A0A0AyCtGtAyBzyyEtGtByE0AyDyE0CyDtD0B0AtAyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0FyDyDtCtDyCyB0EtG0A0D0CtDtGyE0AyByCtGzy0BtC0DtG0F0AzzzztAyEyEyD0EyBtB0C2QtN0A0LzuyE%26cr%3D1190544784%26a%3Dwny_bxi01_15_21%26os%3DWindows 7 Ultimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1000 -> {a37187ba-df01-4b27-a7c9-a645524b0517} URL = hxxp://int.search.tb.ask.com/search/GGmain.jhtml?p2=^BYM^xdm102^YYA^br&ptb=FA3F9F3B-D476-4F83-A0EC-5E023C983D8D&ind=2016010707&n=7829e1d3&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1000 -> {EC931890-8275-45f0-90FD-307006855E4A} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=pt-BR&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1004 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.iminent.com/?appId=3F7B555A-7361-419A-BBB3-A8CA2114C16F&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1004 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.iminent.com/?appId=3F7B555A-7361-419A-BBB3-A8CA2114C16F&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1004 -> {31090377-0740-419E-BEFC-A56E50500D5B} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_ir_14_22_ch&cd=2XzuyEtN2Y1L1Qzu0B0C0E0EyB0ByDyC0A0E0BtCtB0FtAtAtN0D0Tzu0SzzyByBtN1L2XzutBtFtBtDtFtCzytFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StA0DyCtDzytAzzzztG0CyCyB0AtGzzyDtCzytGyB0A0BzytGtBtDtC0E0A0D0CyCtAtD0DyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0D0A0DyDtByBtCtGtD0C0E0AtGtA0Bzy0AtG0FyEyBtDtGyCyBzztAtCyEzy0FzztByCtA2Q&cr=1149616015&ir=
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1004 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1409240839&from=vit&uid=SAMSUNGXHD753LJ_S13UJDWQB09301&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1004 -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://br.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1004 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://br.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1669034011-631852397-235957565-1004 -> {EC931890-8275-45f0-90FD-307006855E4A} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=pt-BR&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-10-13] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-07] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-13] (Oracle Corporation)
BHO-x32: Sem Nome -> {5754a7f4-5cb7-4287-8354-170a8c185349} -> Nenhum Arquivo
BHO-x32: Sem Nome -> {589cd417-937b-4d56-bb76-55260209dc19} -> Nenhum Arquivo
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-10-13] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-07] (Avast Software s.r.o.)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2015-10-20] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehuni.dll [2015-07-06] (Banco Itaú Unibanco)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-13] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1669034011-631852397-235957565-1000 -> Sem Nome - {EA729DF7-FEA8-443C-8781-327FA3AB7529} - Nenhum Arquivo
IE Session Restore: HKU\S-1-5-21-1669034011-631852397-235957565-1004 -> está habilitado.
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\zjd7ucy7.default [2016-07-09]
FF user.js: detected! => C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\zjd7ucy7.default\user.js [2015-02-16]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\zjd7ucy7.default -> Search Provided by Yahoo
FF Homepage: Mozilla\Firefox\Profiles\zjd7ucy7.default -> hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=68c50e344e900c679e43168e06ac1aa6
FF Extension: (SaveerADdone) - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\zjd7ucy7.default\Extensions\6VAhZpI@E.edu [2015-08-14] [não assinado]
FF Extension: (Guardião - Itaú 30 horas) - C:\Users\USER\AppData\Local\GAS Tecnologia\GBBD\uni\xpi [2014-10-17] [não assinado]
FF Extension: (GBBD Banco do Brasil) - C:\Users\USER\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2015-03-26] [não assinado]
FF Extension: (E-Web Print) - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2015-06-19] [não assinado]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\zjd7ucy7.default\searchplugins\Astromenda.xml [2014-10-12]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\zjd7ucy7.default\searchplugins\search-provided-by-yahoo.xml [2015-05-11]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\zjd7ucy7.default\searchplugins\Speedial.xml [2014-05-28]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\zjd7ucy7.default\searchplugins\yahoo-avast.xml [2014-10-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-03-14]
FF HKLM-x32\...\Firefox\Extensions: [quiknowledge@quiknowledge.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\quiknowledge@quiknowledge.com => não encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-04-03] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox
FF Extension: (Bing Bar) - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\Firefox [2015-04-03] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: (Search Helper Extension) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2015-04-03] [não assinado]
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF HKU\S-1-5-21-1669034011-631852397-235957565-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8873}] - C:\Users\USER\AppData\Local\GAS Tecnologia\GBBD\uni\xpi
FF HKU\S-1-5-21-1669034011-631852397-235957565-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\USER\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF HKU\S-1-5-21-1669034011-631852397-235957565-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml [2014-08-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll [2016-10-11] ()
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [2016-10-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-26] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-13] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=5.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1449.0\npwinext.dll [2010-04-27] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1669034011-631852397-235957565-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\USER\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1669034011-631852397-235957565-1000: gastecnologia.com.br/sf/bb -> C:\Users\USER\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-03-31] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-1669034011-631852397-235957565-1000: gastecnologia.com.br/sf/bb64 -> C:\Users\USER\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [2015-06-12] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-1669034011-631852397-235957565-1000: gastecnologia.com.br/sf/uni -> C:\Users\USER\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll [2014-07-15] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-1669034011-631852397-235957565-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2014-07-10] (Sony Network Entertainment International LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\settings.js [2014-07-25] <==== ATENÇÃO (Aponta para arquivo *.cfg)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\mozilla.cfg [2014-07-25] <==== ATENÇÃO
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=68c50e344e900c679e43168e06ac1aa6
CHR StartupUrls: Default -> "hxxp://br.hao123.com/?tn=sdkw_inner_hp_09_hao123_br&guid=68c50e344e900c679e43168e06ac1aa6"
CHR DefaultSearchURL: Default -> hxxp://istartpageing.com/web/?type=ds&ts=1451130998&z=9fe255b44dd2da11dcb2ec8g4z9wbgag1cee5t5t1b&from=cornl&uid=samsungxhd753lj_s13ujdwqb09301&q={searchTerms}
CHR DefaultSearchKeyword: Default -> istartpageing
CHR Profile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default [2016-10-14]
CHR Extension: (BestY NewTab) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajcmdlkeklfmbjffnlofgfkjcnpfckab [2015-12-23]
CHR Extension: (Speedial) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd [2014-11-23] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATENÇÃO
CHR Extension: (Avast Online Security) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-07-16] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATENÇÃO
CHR Extension: (Home Tab) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofkpgiaknijknhajbhnghkodiccblkg [2016-05-18]
CHR Extension: (Google Wallet) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-13] [UpdateUrl: hxxps://epicunitscan.info/00service/update2/crx] <==== ATENÇÃO
CHR Extension: (Chrome Media Router) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-05]
CHR Extension: (SnapMyScreen) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnacmlfckijnmogihjeaojfnfiplhhpj [2016-10-05]
CHR Extension: (ProductivityBoss) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\poickeeehimalfeceghopkmbjdbpbpie [2016-10-13]
CHR HKLM\...\Chrome\Extension: [ajcmdlkeklfmbjffnlofgfkjcnpfckab] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1669034011-631852397-235957565-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ajcmdlkeklfmbjffnlofgfkjcnpfckab] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1669034011-631852397-235957565-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bakijjialdiiboeaknfpmflphhmljfkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1669034011-631852397-235957565-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1669034011-631852397-235957565-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ajcmdlkeklfmbjffnlofgfkjcnpfckab] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-07]
CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx"
CHR HKLM-x32\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-03] (Advanced Micro Devices, Inc.) [Arquivo não assinado]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-07] (Avast Software s.r.o.)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-05-07] (Avast Software s.r.o.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [153352 2016-04-04] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-19] (McAfee, Inc.)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Arquivo não assinado]
S2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [Arquivo não assinado]
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [271920 2007-05-08] (Nero AG)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [Arquivo não assinado]
R2 postgresql-x64-9.1; C:\Program Files\PostgreSQL\9.1\bin\pg_ctl.exe [116224 2011-12-01] (PostgreSQL Global Development Group) [Arquivo não assinado]
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Arquivo não assinado]
S3 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [621632 2011-03-04] ()
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [167936 2005-08-07] () [Arquivo não assinado]
R2 TheDesktopWeatherService; C:\Program Files (x86)\WeatherTool\2.0.1.11280\WeatherService.exe [141960 2016-03-29] ()
R2 Warsaw Technology; C:\Program Files (x86)\Diebold\Warsaw\core.exe [518968 2014-07-12] (GAS Tecnologia LTDA)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-03] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-07] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-05-07] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-07] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-05-07] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-07] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-07] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-07] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-07] ()
R3 CLMirrorDriver; C:\Windows\System32\DRIVERS\CLMirrorDriver.sys [21264 2015-05-20] (CyberLink)
R3 clwvd7; C:\Windows\System32\DRIVERS\clwvd7.sys [49944 2016-06-02] (CyberLink Corporation)
S3 cmuda3; C:\Windows\System32\drivers\cmudax3.sys [1161216 2009-11-23] (C-Media Inc)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S1 gbpddfac; C:\Windows\SysWOW64\drivers\gbpddfac64.sys [28888 2015-07-03] (GAS Tecnologia)
S0 GbpKm; C:\Windows\SysWOW64\drivers\GbpKm.sys [49536 2013-05-08] (GAS Tecnologia)
R3 GBPRCM; C:\PROGRAM FILES (X86)\GBPLUGIN\gbprcm64.sys [29912 2015-11-25] (GAS Tecnologia)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42224 2014-05-13] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R2 SSPORT; C:\Windows\SysWOW64\Drivers\SSPORT.sys [11576 2009-10-28] (Samsung Electronics)
S3 tapwp01; C:\Windows\System32\DRIVERS\tapwp01.sys [38216 2014-09-15] (The OpenVPN Project)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-11-25] (GAS Tecnologia LTDA)
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S1 qknfd; system32\drivers\qknfd.sys [X]
S1 wfdrvr_vt_1_10_0_28; system32\drivers\wfdrvr_vt_1_10_0_28.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-10-14 08:32 - 2016-10-14 08:33 - 00044101 _____ C:\Users\USER\Desktop\FRST.txt
2016-10-14 08:30 - 2016-10-14 08:32 - 00000000 ____D C:\FRST
2016-10-14 08:28 - 2016-10-14 08:28 - 02406912 _____ (Farbar) C:\Users\USER\Desktop\FRST64.exe
2016-10-14 08:16 - 2016-10-14 08:16 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
2016-10-13 18:21 - 2016-10-13 18:21 - 14572000 _____ (Microsoft Corporation) C:\Users\USER\Desktop\vc_redist.x64 (1).exe
2016-10-13 18:20 - 2016-10-13 18:20 - 01034556 _____ C:\Users\USER\Desktop\Windows6.1-KB2999226-x64.msu
2016-10-13 18:06 - 2016-10-13 18:11 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-10-13 18:06 - 2016-10-13 18:11 - 00000000 ____D C:\ProgramData\Package Cache
2016-10-13 17:47 - 2016-10-13 17:47 - 06503984 _____ (Microsoft Corporation) C:\Users\USER\Desktop\vcredist_x86.exe
2016-10-13 17:42 - 2016-10-13 17:43 - 15296656 _____ (Microsoft Corporation) C:\Users\USER\Desktop\vc_redist.x64.exe
2016-10-13 17:09 - 2016-10-13 17:09 - 00001199 _____ C:\Users\USER\Desktop\aomx.lnk
2016-10-13 17:05 - 2016-10-13 17:12 - 00000000 ____D C:\Users\USER\Documents\Visual Studio 2005
2016-10-13 16:58 - 2016-10-13 17:02 - 00000000 ____D C:\Users\USER\Desktop\ageofmythology
2016-10-01 10:05 - 2016-10-01 10:05 - 00026671 _____ C:\Users\USER\Downloads\Xray Ultimate 1.8 (1).zip
2016-10-01 10:04 - 2016-10-01 10:05 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2016-10-01 10:04 - 2016-10-01 10:04 - 00001048 _____ C:\Users\USER\Desktop\MEGAsync.lnk
2016-10-01 10:04 - 2016-10-01 10:04 - 00000000 ____D C:\Users\USER\AppData\Local\MEGAsync
2016-10-01 10:02 - 2016-10-01 10:04 - 12903336 _____ (MEGA Limited) C:\Users\USER\Downloads\MEGAsyncSetup.exe
2016-10-01 10:00 - 2016-10-01 10:00 - 00026671 _____ C:\Users\USER\Downloads\Xray Ultimate 1.8.zip
2016-10-01 09:54 - 2016-10-01 09:54 - 00502350 _____ C:\Users\USER\Downloads\Myz_Pack_20150121 (2).zip
2016-10-01 09:53 - 2016-10-01 09:53 - 00502350 _____ C:\Users\USER\Downloads\Myz_Pack_20150121 (1).zip
2016-10-01 09:52 - 2016-10-01 09:52 - 00502350 _____ C:\Users\USER\Downloads\Myz_Pack_20150121.zip
2016-09-23 13:27 - 2016-09-23 13:27 - 00000648 _____ C:\Users\USER\Desktop\Minecraft (1) - Atalho.lnk
2016-09-22 11:13 - 2016-09-22 11:13 - 00000000 ____D C:\Users\Todos os Usuários\gbas
2016-09-22 11:13 - 2016-09-22 11:13 - 00000000 ____D C:\ProgramData\gbas
2016-09-22 11:11 - 2016-09-22 11:11 - 00002161 _____ C:\Users\USER\Desktop\Itaú.lnk
2016-09-22 11:11 - 2016-09-22 11:11 - 00000000 ____D C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativo Itaú
2016-09-22 11:11 - 2016-09-22 11:11 - 00000000 ____D C:\Users\USER\AppData\Local\Aplicativo Itau
2016-08-16 16:41 - 2016-08-16 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-08-04 13:08 - 2016-08-04 13:08 - 00128779 _____ C:\Users\USER\Downloads\201681_14304_ROTEIRO+DE+ESTUDOS+PARA+TRIMESTRAL+6º+ANOS.pdf
2016-08-01 14:00 - 2016-08-01 16:00 - 00133632 _____ C:\Users\USER\Downloads\2016616_91324_TABULACAO_6ANO.xls
2016-08-01 13:37 - 2016-08-01 13:37 - 00152140 _____ C:\Users\USER\Downloads\2016616_8232_Orientações_Trabalho_6_8_9_Anos.pdf
2016-07-28 08:59 - 2016-07-28 08:59 - 00000000 ____D C:\Users\USER\AppData\Roaming\{0F0739BC-2A55-54CA-4163-73189DB18E26}
2016-07-23 08:32 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2016-07-23 08:32 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2016-07-23 08:32 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2016-07-23 08:32 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2016-07-23 08:32 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2016-07-23 08:32 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2016-07-23 08:32 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2016-07-23 08:32 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2016-07-23 08:31 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2016-07-23 08:31 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2016-07-23 08:31 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2016-07-23 08:31 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2016-07-23 08:31 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2016-07-23 08:31 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2016-07-23 08:31 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2016-07-23 08:31 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2016-07-23 08:31 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2016-07-23 08:31 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2016-07-23 08:31 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2016-07-23 08:31 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2016-07-23 08:31 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2016-07-23 08:31 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2016-07-23 08:31 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2016-07-23 08:31 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2016-07-23 08:31 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2016-07-23 08:31 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2016-07-23 08:31 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2016-07-23 08:31 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2016-07-23 08:31 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2016-07-23 08:31 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2016-07-23 08:31 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-07-23 08:31 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-07-23 08:31 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-07-23 08:31 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2016-07-23 08:31 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-07-23 08:31 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-07-23 08:31 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-07-23 08:31 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-07-23 08:31 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-07-23 08:31 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2016-07-23 08:31 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2016-07-23 08:31 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2016-07-23 08:31 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2016-07-23 08:31 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2016-07-23 08:31 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2016-07-23 08:31 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2016-07-23 08:31 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2016-07-23 08:31 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2016-07-23 08:31 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2016-07-23 08:31 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2016-07-23 08:31 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2016-07-23 08:31 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2016-07-23 08:31 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2016-07-23 08:31 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2016-07-23 08:31 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2016-07-23 08:31 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2016-07-23 08:31 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2016-07-23 08:31 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2016-07-23 08:31 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2016-07-23 08:31 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2016-07-23 08:31 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2016-07-23 08:31 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2016-07-23 08:31 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2016-07-23 08:31 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2016-07-23 08:31 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2016-07-23 07:39 - 2016-07-23 07:39 - 00000000 ____D C:\Users\USER\Documents\WB Games
2016-07-23 07:34 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2016-07-23 07:33 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2016-07-23 07:33 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2016-07-23 07:33 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2016-07-23 07:33 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2016-07-23 07:33 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2016-07-23 07:33 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2016-07-23 07:33 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2016-07-23 07:33 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2016-07-23 07:33 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2016-07-23 07:33 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2016-07-23 07:33 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2016-07-23 07:33 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2016-07-23 07:33 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2016-07-23 07:33 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2016-07-23 07:33 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2016-07-23 07:33 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2016-07-23 07:33 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2016-07-23 07:33 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2016-07-23 07:33 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2016-07-23 07:32 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2016-07-23 07:32 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2016-07-23 07:32 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2016-07-23 07:32 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2016-07-22 18:12 - 2016-07-22 18:12 - 00000000 ____D C:\Users\USER\AppData\Local\CEF
2016-07-22 18:11 - 2016-07-22 18:11 - 00000000 ____D C:\Users\USER\AppData\Local\Steam
2016-07-22 18:07 - 2016-07-22 18:07 - 00000963 _____ C:\Users\Public\Desktop\Steam.lnk
2016-07-22 18:07 - 2016-07-22 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-10-14 08:28 - 2014-08-28 12:47 - 00000000 ____D C:\Users\USER\AppData\Local\CrashDumps
2016-10-14 08:27 - 2015-11-30 06:21 - 00000000 ____D C:\Users\USER\AppData\Roaming\WeatherTool
2016-10-14 08:24 - 2014-05-18 06:08 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-14 08:24 - 2009-07-14 01:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-10-14 08:24 - 2009-07-14 01:45 - 00014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-10-14 08:16 - 2014-03-07 06:05 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-10-14 08:15 - 2016-02-01 16:12 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-10-14 08:15 - 2015-12-08 04:15 - 00000304 _____ C:\Windows\Tasks\{85CE2933-5841-4FFE-9F21-55BB3ECD8F70}.job
2016-10-14 08:15 - 2015-09-17 14:17 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-14 08:15 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-13 18:36 - 2014-04-03 09:31 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1669034011-631852397-235957565-1000UA.job
2016-10-13 18:13 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\tracing
2016-10-13 18:05 - 2009-07-14 00:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-10-13 18:00 - 2015-09-17 14:17 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-13 17:57 - 2014-10-12 18:57 - 00000288 _____ C:\Windows\Tasks\WSE_Astromenda.job
2016-10-13 17:52 - 2014-02-28 16:45 - 00000000 ____D C:\Temp
2016-10-13 17:27 - 2014-06-19 01:37 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-10-13 17:27 - 2014-06-19 01:37 - 00000000 ____D C:\ProgramData\Oracle
2016-10-13 17:26 - 2015-06-30 18:39 - 00000000 ____D C:\Program Files (x86)\Java
2016-10-13 17:26 - 2014-11-04 07:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-10-13 17:26 - 2014-05-09 23:02 - 00000000 ____D C:\Program Files\Java
2016-10-13 17:25 - 2015-09-01 10:21 - 00000000 ____D C:\Users\USER\.oracle_jre_usage
2016-10-13 17:24 - 2016-03-02 08:16 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-10-13 17:24 - 2015-04-28 07:48 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-10-13 17:05 - 2014-02-27 12:40 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-10-13 16:43 - 2016-01-22 10:53 - 00000000 ____D C:\Users\USER\AppData\Roaming\.minecraft
2016-10-13 13:57 - 2014-02-27 12:50 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2016-10-12 09:36 - 2014-04-03 09:31 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1669034011-631852397-235957565-1000Core.job
2016-10-12 07:30 - 2014-02-27 13:00 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-10-11 16:31 - 2014-05-18 06:08 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-10-11 16:31 - 2014-02-27 12:53 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-10-11 16:31 - 2014-02-27 12:53 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-11 16:30 - 2014-02-27 12:53 - 00000000 ____D C:\Windows\system32\Macromed
2016-10-11 16:29 - 2014-02-27 12:53 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-10-11 13:14 - 2015-02-24 10:00 - 00003728 _____ C:\Windows\System32\Tasks\DriverWhiz_ScheduledScan
2016-10-11 13:14 - 2015-02-24 10:00 - 00000000 ____D C:\Program Files (x86)\DriverWhiz
2016-10-11 12:59 - 2014-10-12 19:55 - 00000501 _____ C:\Users\USER\AppData\Roaming\WB.CFG
2016-10-10 16:39 - 2009-07-14 14:55 - 00707974 _____ C:\Windows\system32\prfh0416.dat
2016-10-10 16:39 - 2009-07-14 14:55 - 00147754 _____ C:\Windows\system32\prfc0416.dat
2016-10-10 16:39 - 2009-07-14 02:13 - 01641426 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-10 16:39 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf
2016-10-06 15:38 - 2014-03-10 13:36 - 00000000 ____D C:\Users\USER\Desktop\CassioVinicius
2016-10-04 14:15 - 2014-02-27 12:50 - 00002479 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-01 09:55 - 2016-01-22 11:19 - 00001130 _____ C:\Users\USER\Desktop\nativelog.txt
2016-09-29 15:07 - 2014-12-27 11:20 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-09-29 11:01 - 2015-06-06 08:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2016-09-24 17:02 - 2016-05-29 17:58 - 00000000 ____D C:\Users\USER\AppData\Local\{0F5A3906-2BF2-55BE-466A-705662028CCE}
2016-09-24 17:02 - 2015-11-30 06:03 - 00002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-09-24 17:01 - 2015-11-30 06:03 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-09-24 17:01 - 2015-11-30 06:03 - 00000372 __RSH C:\ProgramData\ntuser.pol
2016-09-23 13:27 - 2016-03-20 10:43 - 00000000 ____D C:\Users\USER\Desktop\My Shared Folder
2016-09-23 13:23 - 2015-12-19 07:17 - 00000000 ____D C:\Windows\system32\data
2016-09-22 13:10 - 2015-10-03 18:07 - 00001130 _____ C:\Windows\SysWOW64\nativelog.txt
2016-09-21 16:37 - 2015-05-10 14:24 - 00000000 ____D C:\Users\USER\Desktop\DocsVarios
2016-09-20 18:43 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Arquivos na raiz de alguns diretórios =======
2014-06-17 00:25 - 2014-06-17 00:25 - 9602110 _____ () C:\Program Files\0207-driver.zip
2014-05-20 22:50 - 2014-05-20 22:51 - 173275148 _____ (Biblivre.org.br) C:\Program Files\Instalador_Biblivre_3.0.23.exe
2014-06-19 01:35 - 2014-06-19 01:35 - 0918952 _____ (Oracle Corporation) C:\Program Files\jxpiinstall.exe
2014-06-14 04:57 - 2014-06-14 04:57 - 38157960 _____ (Amazon.com) C:\Program Files\KindleForPC-installer.exe
2014-05-06 08:36 - 2014-05-06 08:36 - 0639696 _____ () C:\Program Files\mozilla-firefox-290-32-bits.exe
2014-05-23 10:27 - 2014-05-23 10:27 - 10940797 _____ () C:\Program Files\psw-upz-3-1-23-47-r7-u01-9l.zip
2014-05-23 10:29 - 2014-05-23 10:29 - 64382400 _____ (CANON INC.) C:\Program Files\zb651vistaupd-en.exe
2015-03-04 10:40 - 2015-08-12 16:01 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2014-07-25 09:53 - 2014-07-25 09:53 - 0000001 ____H () C:\Users\USER\AppData\Roaming\0.gif
2015-06-24 14:48 - 2015-08-11 09:37 - 0000020 _____ () C:\Users\USER\AppData\Roaming\appdataFr2.bin
2015-07-06 13:48 - 2015-07-16 20:41 - 0000024 _____ () C:\Users\USER\AppData\Roaming\appdataFr25.bin
2015-02-13 06:45 - 2015-04-16 06:03 - 0000020 _____ () C:\Users\USER\AppData\Roaming\appdataFr3.bin
2015-04-03 15:59 - 2015-04-03 15:59 - 0000700 _____ () C:\Users\USER\AppData\Roaming\ConvAPIPlugin.log
2016-06-25 05:59 - 2016-06-25 05:59 - 3146772 _____ () C:\Users\USER\AppData\Roaming\sb795.dat
2016-04-30 08:58 - 2016-04-30 08:58 - 2482196 _____ () C:\Users\USER\AppData\Roaming\sb905.dat
2016-04-30 08:58 - 2016-04-30 08:58 - 0425912 _____ () C:\Users\USER\AppData\Roaming\Setup32384.exe
2014-03-07 06:04 - 2015-02-16 17:38 - 0034111 _____ () C:\Users\USER\AppData\Roaming\unins000.dat
2015-02-16 17:38 - 2015-02-16 17:37 - 0815826 _____ () C:\Users\USER\AppData\Roaming\unins000.exe
2014-04-29 17:53 - 2014-10-17 12:57 - 0032240 _____ () C:\Users\USER\AppData\Roaming\unins001.dat
2014-10-17 12:57 - 2014-10-17 12:57 - 0720082 _____ () C:\Users\USER\AppData\Roaming\unins001.exe
2014-10-12 19:55 - 2016-10-11 12:59 - 0000501 _____ () C:\Users\USER\AppData\Roaming\WB.CFG
2014-11-06 03:57 - 2014-11-06 03:57 - 0022528 _____ () C:\Users\USER\AppData\Local\2612829extsetup26175561.exe
2014-11-06 03:57 - 2014-11-06 03:57 - 0643948 _____ () C:\Users\USER\AppData\Local\2612829extsq.dll
2015-10-10 14:23 - 2015-10-10 14:23 - 0007168 _____ () C:\Users\USER\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-14 08:57 - 2014-12-17 09:57 - 0000001 _____ () C:\Users\USER\AppData\Local\DSI.DAT
2014-11-22 02:57 - 2014-11-22 02:57 - 0022528 _____ () C:\Users\USER\AppData\Local\dsisetup16162482.exe
2014-12-02 06:57 - 2014-12-02 06:57 - 0022528 _____ () C:\Users\USER\AppData\Local\dsisetup32547732.exe
2014-12-17 09:57 - 2014-12-17 09:57 - 0022528 _____ () C:\Users\USER\AppData\Local\dsisetup36168512.exe
2014-11-06 03:57 - 2014-11-06 03:57 - 0000001 _____ () C:\Users\USER\AppData\Local\ext.dat
2015-05-10 10:36 - 2015-05-10 10:36 - 0000017 _____ () C:\Users\USER\AppData\Local\resmon.resmoncfg
2016-02-08 08:55 - 2016-02-08 08:55 - 0000000 _____ () C:\Users\USER\AppData\Local\{111EF1DC-6FD4-4C49-8608-CA1D0BF028AC}
2015-09-26 09:15 - 2015-09-26 09:15 - 0000000 _____ () C:\Users\USER\AppData\Local\{82B96CB3-952F-4C35-8E07-BC28AFAB3817}
2014-11-16 10:27 - 2014-11-16 10:27 - 0000020 _____ () C:\ProgramData\bc.ini
2015-04-03 15:54 - 2015-05-10 14:15 - 0002043 _____ () C:\ProgramData\hpzinstall.log
2015-11-30 06:21 - 2015-11-30 06:21 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Users\Todos os Usuários\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
C:\Windows\Tasks\{85CE2933-5841-4FFE-9F21-55BB3ECD8F70}.job
Alguns arquivos em TEMP:
====================
C:\Users\USER\AppData\Local\Temp\1hadki2m.dll
C:\Users\USER\AppData\Local\Temp\38900-674427-java-runtime-environment-jre.exe
C:\Users\USER\AppData\Local\Temp\7gou5qco.dll
C:\Users\USER\AppData\Local\Temp\aplicativoitau.exe
C:\Users\USER\AppData\Local\Temp\BackupSetup.exe
C:\Users\USER\AppData\Local\Temp\bdg480C.exe
C:\Users\USER\AppData\Local\Temp\bs6ioyih.dll
C:\Users\USER\AppData\Local\Temp\cabex.dll
C:\Users\USER\AppData\Local\Temp\cash_n_back_installer_sl_1.exe
C:\Users\USER\AppData\Local\Temp\cbgffgor.dll
C:\Users\USER\AppData\Local\Temp\cct.dll
C:\Users\USER\AppData\Local\Temp\ci_i0tei.dll
C:\Users\USER\AppData\Local\Temp\DRHelper_installFinish.exe
C:\Users\USER\AppData\Local\Temp\DRHelper_installStart.exe
C:\Users\USER\AppData\Local\Temp\driverscanner.exe
C:\Users\USER\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmem1dy.dll
C:\Users\USER\AppData\Local\Temp\Easy_WebCam_Recording.exe
C:\Users\USER\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\USER\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\USER\AppData\Local\Temp\gtvrninp.dll
C:\Users\USER\AppData\Local\Temp\ICReinstall_anime-character-maker-2-0-32-bits.exe
C:\Users\USER\AppData\Local\Temp\ICReinstall_Minecraft-1-9-Pc.exe
C:\Users\USER\AppData\Local\Temp\ICReinstall_Popcorntime-3-8-1-Beta-Setup.exe
C:\Users\USER\AppData\Local\Temp\ICReinstall_xpadder-32-bits.exe
C:\Users\USER\AppData\Local\Temp\ICSW_0A1O1O.exe
C:\Users\USER\AppData\Local\Temp\instloffer.exe
C:\Users\USER\AppData\Local\Temp\jansi-64.dll
C:\Users\USER\AppData\Local\Temp\JavaIC.dll
C:\Users\USER\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\USER\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\USER\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\USER\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\USER\AppData\Local\Temp\justcloud.exe
C:\Users\USER\AppData\Local\Temp\kpxn9dzg.dll
C:\Users\USER\AppData\Local\Temp\msscct32.dll
C:\Users\USER\AppData\Local\Temp\ohvqapwd.dll
C:\Users\USER\AppData\Local\Temp\PartnerInstallerYTAi.exe
C:\Users\USER\AppData\Local\Temp\pkzq91js.dll
C:\Users\USER\AppData\Local\Temp\qcvjt08v.dll
C:\Users\USER\AppData\Local\Temp\roxnpx62.dll
C:\Users\USER\AppData\Local\Temp\saveclicker_developer.exe
C:\Users\USER\AppData\Local\Temp\SkypeSetup.exe
C:\Users\USER\AppData\Local\Temp\Spark_Setup_26.5.9998.729_BR_SMT-BDF_32_3313.exe
C:\Users\USER\AppData\Local\Temp\update.exe
C:\Users\USER\AppData\Local\Temp\vcredist_x64.exe
C:\Users\USER\AppData\Local\Temp\YSearchUtil.dll
C:\Users\USER\AppData\Local\Temp\zbjjlsq0.dll
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-09-28 14:17
==================== Fim de FRST.txt ============================