Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 18-01-2017
Executado por Vinicius (administrador) em VINICIUS-PC (20-01-2017 16:47:13)
Executando a partir de C:\Users\Vinicius\Desktop
Perfis Carregados: Vinicius (Perfis Disponíveis: Vinicius)
Platform: Windows 7 Professional (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TweakBit) C:\Program Files (x86)\TweakBit\FixMyPC\FixMyPC.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe
(The Chromium Authors) C:\Users\Vinicius\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Vinicius\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Vinicius\AppData\Local\chromium\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [Bufano] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Vinicius\AppData\Roaming\7A4B15~1\Gosaceced.dat"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\...\Run: [ares] => "C:\Program Files (x86)\Ares\Ares.exe" -h
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\...\Run: [GoogleChromeAutoLaunch_B02B518C2BFF9DC144F30A00124BC2CD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [935768 2016-12-08] (Google Inc.)
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\...\Run: [Chromium] => c:\users\vinicius\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\...\Run: [GoogleChromeAutoLaunch_4A7039663618B72104271B1863689235] => C:\Users\Vinicius\AppData\Local\chromium\Application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\...\RunOnce: [Uninstall C:\Users\Vinicius\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vinicius\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Vinicius\AppData\Local\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Vinicius\AppData\Local\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Vinicius\AppData\Local\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Vinicius\AppData\Local\MEGAsync\ShellExtX32.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Vinicius\AppData\Local\MEGAsync\ShellExtX32.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Vinicius\AppData\Local\MEGAsync\ShellExtX32.dll -> Nenhum Arquivo
Startup: C:\Users\Vinicius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 2540 series.lnk [2017-01-20]
ShortcutTarget: Monitorar alertas de tinta - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restrição <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 10.50.0.1 8.8.8.8
Tcpip\..\Interfaces\{7ABB4BA0-EAB0-4217-96C3-49F578E161F8}: [DhcpNameServer] 10.50.0.1 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_04¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCyEzzyDtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyD0F0DtDyD0A0EyEtGtD0Ezy0AtGtBtD0BtBtGtCzztD0CtGyD0FtC0FyE0EyEyCtCzyzy0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D500179387%26a%3Dwbf_ir_16_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3572718170-2842050574-1815482537-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3572718170-2842050574-1815482537-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3572718170-2842050574-1815482537-1000 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_04¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCyEzzyDtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyD0F0DtDyD0A0EyEtGtD0Ezy0AtGtBtD0BtBtGtCzztD0CtGyD0FtC0FyE0EyEyCtCzyzy0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D500179387%26a%3Dwbf_ir_16_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3572718170-2842050574-1815482537-1000 -> {6F42AF21-E83F-495C-BCDB-91BF7553F0C6} URL = hxxps://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=502468&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3572718170-2842050574-1815482537-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://br.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_160502__yaie&p={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3572718170-2842050574-1815482537-1000 -> Sem Nome - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Nenhum Arquivo
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3572718170-2842050574-1815482537-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Vinicius\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/chrome
CHR Profile: C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default [2017-01-20]
CHR Extension: (Google Apresentações) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-21]
CHR Extension: (Google Docs) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-21]
CHR Extension: (Google Drive) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-21]
CHR Extension: (YouTube) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-21]
CHR Extension: (Google Search) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-17]
CHR Extension: (Planilhas do Google) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-21]
CHR Extension: (Pinterest Save Button) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-11-01]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Gmail) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-21]
CHR Extension: (Chrome Media Router) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-19]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [146400 2016-12-18] (Byte Technologies LLC)
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2015-12-07] () [Arquivo não assinado]
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2016-05-10] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 NMSAccessU; C:\Program Files (x86)\Super_DVD_Creator_9.8\NMSAccessU.exe [X]
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [61656 2014-01-23] (Realtek Semiconductor Corporation )
S3 AIDA64Driver; \??\C:\Users\Vinicius\AppData\Local\Temp\RarSFX0\kerneld.x64 [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-01-20 16:44 - 2017-01-20 16:45 - 00038104 _____ C:\Users\Vinicius\Desktop\Addition.txt
2017-01-20 16:43 - 2017-01-20 16:47 - 00023856 _____ C:\Users\Vinicius\Desktop\FRST.txt
2017-01-20 16:43 - 2017-01-20 16:47 - 00000000 ____D C:\FRST
2017-01-20 16:41 - 2017-01-20 16:42 - 02419712 _____ (Farbar) C:\Users\Vinicius\Desktop\FRST64.exe
2017-01-20 16:41 - 2017-01-20 16:41 - 00002279 _____ C:\Users\Vinicius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2017-01-20 16:41 - 2017-01-20 16:41 - 00000000 ____D C:\Users\Vinicius\AppData\Local\chromium
2017-01-20 16:40 - 2017-01-20 16:40 - 00004352 _____ C:\Windows\System32\Tasks\Yahoo! Powered ridir
2017-01-20 16:40 - 2017-01-20 16:40 - 00003396 _____ C:\Windows\System32\Tasks\ByteFence
2017-01-20 16:40 - 2017-01-20 16:40 - 00003238 _____ C:\Windows\System32\Tasks\{7A4B1516-FE26-F1D4-4749-687742AC1443}
2017-01-20 16:40 - 2017-01-20 16:40 - 00001506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2017-01-20 16:40 - 2017-01-20 16:40 - 00000286 _____ C:\Windows\Tasks\{7A4B1516-FE26-F1D4-4749-687742AC1443}.job
2017-01-20 16:40 - 2017-01-20 16:40 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\7a4b1516fe26f1d44749687742ac1443
2017-01-20 16:40 - 2017-01-20 16:40 - 00000000 ____D C:\Users\Todos os Usuários\{49BB8CD8-C3F9-061E-453F-985CDF7D1392}
2017-01-20 16:40 - 2017-01-20 16:40 - 00000000 ____D C:\ProgramData\{49BB8CD8-C3F9-061E-453F-985CDF7D1392}
2017-01-20 16:39 - 2017-01-20 16:42 - 00000000 ____D C:\Users\Vinicius\AppData\Local\{20F916A5-0451-7A1D-69C9-5FF54DA1A36D}
2017-01-20 16:39 - 2017-01-20 16:40 - 00000000 ____D C:\Program Files\ByteFence
2017-01-20 16:38 - 2017-01-20 16:38 - 01761792 _____ (Farbar) C:\Users\Vinicius\Downloads\FRST.exe
2017-01-20 16:38 - 2017-01-20 16:38 - 00000000 ____D C:\Windows\System32\Tasks\TweakBit
2017-01-20 16:38 - 2017-01-20 16:38 - 00000000 ____D C:\Users\Todos os Usuários\TweakBit
2017-01-20 16:38 - 2017-01-20 16:38 - 00000000 ____D C:\ProgramData\TweakBit
2017-01-20 16:38 - 2017-01-20 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2017-01-20 16:38 - 2017-01-20 16:38 - 00000000 ____D C:\Program Files (x86)\TweakBit
2017-01-20 16:37 - 2017-01-20 16:37 - 00407784 _____ (TweakBit) C:\Users\Vinicius\Downloads\fix_api-ms-win-crt-runtime-l1-1-0.dll-setup.exe
2017-01-20 15:56 - 2017-01-20 15:56 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\DLL-files.com
2017-01-20 15:56 - 2017-01-20 15:56 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\DFXCT
2017-01-20 15:56 - 2017-01-20 15:56 - 00000000 ____D C:\Program Files (x86)\DLL-Files.com Client
2017-01-20 14:59 - 2017-01-20 14:59 - 00001225 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-01-20 14:59 - 2017-01-20 14:59 - 00001213 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2017-01-20 14:48 - 2017-01-20 14:49 - 00804440 _____ (Adobe Systems Incorporated) C:\Users\Vinicius\Downloads\CreativeCloudSet-Up.exe
2017-01-20 14:45 - 2017-01-20 14:46 - 02030344 _____ (Adobe Systems Incorporated) C:\Users\Vinicius\Downloads\Photoshop_Set-Up.exe
2017-01-20 14:33 - 2017-01-20 14:33 - 00003182 _____ C:\Windows\System32\Tasks\{ABED48B4-19C5-491C-BB8C-A132ACA935AB}
2017-01-17 10:58 - 2017-01-17 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-01-17 10:56 - 2017-01-17 11:11 - 1072186514 _____ C:\Users\Vinicius\Downloads\100CANON-20170117T125503Z.zip
2017-01-17 10:50 - 2017-01-20 16:19 - 00000000 ___RD C:\Users\Vinicius\Google Drive
2017-01-16 20:50 - 2017-01-16 20:50 - 00038967 _____ C:\Users\Vinicius\Downloads\rf00068_espelho_iptu.pdf
2017-01-16 20:50 - 2017-01-16 20:50 - 00038967 _____ C:\Users\Vinicius\Downloads\rf00068_espelho_iptu (1).pdf
2016-12-19 21:34 - 2016-12-19 21:34 - 00017873 _____ C:\Users\Vinicius\Downloads\Atividade avaliativa final_Crstina Alves.docx
2016-12-19 21:33 - 2016-12-19 21:33 - 00016055 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação (3) (2).docx
2016-12-19 21:33 - 2016-12-19 21:33 - 00016055 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação (3) (1).docx
2016-12-19 21:18 - 2016-12-19 21:18 - 02451564 _____ C:\Users\Vinicius\Downloads\Manual_Inscricao.pdf
2016-12-19 21:10 - 2016-12-19 21:10 - 00012129 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação (6).docx
2016-12-19 16:32 - 2016-12-19 16:32 - 00012129 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação (5).docx
2016-12-19 16:32 - 2016-12-19 16:32 - 00012129 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação (4).docx
2016-12-19 15:53 - 2016-12-19 16:27 - 00016055 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação (3).docx
2016-12-10 20:16 - 2016-12-10 20:16 - 00012129 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação (2).docx
2016-12-10 20:13 - 2016-12-10 20:13 - 00012129 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação.docx
2016-12-10 20:13 - 2016-12-10 20:13 - 00012129 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação (1).docx
2016-12-09 09:33 - 2016-12-09 11:06 - 00000000 ____D C:\Users\Vinicius\Desktop\slide
2016-12-07 21:45 - 2016-12-07 21:45 - 00055659 _____ C:\Users\Vinicius\Downloads\boleto.pdf
2016-12-04 14:21 - 2016-12-30 13:52 - 00000000 ____D C:\Users\Vinicius\AppData\LocalLow\BitTorrent
2016-12-02 16:54 - 2016-12-02 16:54 - 00000000 ____D C:\Users\Vinicius\Desktop\slide1
2016-12-02 14:46 - 2016-12-02 14:46 - 00410112 _____ (SupportSys) C:\Users\Vinicius\Downloads\AtualizacaoFL Player Win64xWin32 2016.exe
2016-11-30 09:47 - 2016-11-30 09:47 - 00103991 _____ C:\Users\Vinicius\Desktop\Sem Título-1.jpg
2016-11-26 20:15 - 2016-11-26 20:15 - 00002313 _____ C:\Users\Vinicius\Downloads\P365-361.zip
2016-11-24 10:06 - 2016-11-24 10:06 - 02114888 _____ C:\Users\Vinicius\Downloads\Adobe-F-Player_2016_.exe
2016-11-23 21:04 - 2016-12-07 21:33 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\D-Book
2016-11-23 21:04 - 2016-12-07 18:28 - 00000000 ____D C:\Users\Vinicius\Documents\D-Book
2016-11-23 21:02 - 2016-11-23 21:02 - 00001123 _____ C:\Users\Vinicius\Desktop\D-Book.lnk
2016-11-23 21:02 - 2016-11-23 21:02 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\D-Book
2016-11-23 21:01 - 2016-11-23 21:04 - 00000000 ____D C:\Program Files (x86)\Digipix D-Book
2016-11-23 20:55 - 2016-11-23 20:56 - 75335088 _____ C:\Users\Vinicius\Downloads\D-Book-PRO-Full-Instalar.exe
2016-11-22 09:05 - 2016-11-22 09:05 - 00014139 _____ C:\Users\Vinicius\Downloads\Relatorio workflow.docx
2016-11-06 22:56 - 2016-11-06 22:56 - 00097153 _____ C:\Users\Vinicius\Downloads\atividades-com-descritores-matematica-proeb-5-ano-5-638.jpg
2016-11-04 16:19 - 2016-11-04 16:19 - 00140488 _____ C:\Users\Vinicius\Downloads\A Caixa DVDRip.rar
2016-11-04 14:47 - 2016-11-04 14:47 - 04572438 _____ C:\Users\Vinicius\Downloads\torrent.rar
2016-10-26 21:16 - 2013-12-29 13:16 - 00002977 _____ C:\Users\Vinicius\Downloads\P365-364.lrtemplate
2016-10-26 21:03 - 2016-10-26 21:02 - 59802513 ____N C:\Users\Vinicius\Desktop\Vídeo Aula - Formatação trabalhos Normas ABNT ( 360 X 640 ).mp4
2016-10-26 09:23 - 2016-10-26 09:23 - 00026611 _____ C:\Users\Vinicius\Downloads\CAPA CD.xlsx
2016-10-26 09:22 - 2016-10-26 09:22 - 00131072 _____ C:\Users\Vinicius\Downloads\Artigo - João Batista.doc
2016-10-25 22:38 - 2013-03-29 20:59 - 00001619 _____ C:\Users\Vinicius\Downloads\readme.rtf
2016-10-23 22:20 - 2016-10-23 22:20 - 00870912 _____ C:\Users\Vinicius\Downloads\MAT 3º BIM.doc
2016-10-23 20:06 - 2016-10-23 20:06 - 00311220 _____ C:\Users\Vinicius\Downloads\Matemática avaliação.docx
2016-10-23 19:54 - 2016-10-23 19:54 - 00000153 _____ C:\Users\Vinicius\Downloads\EMAI_23_11_12.wmv
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-01-20 16:41 - 2009-07-14 02:45 - 00014752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-20 16:41 - 2009-07-14 02:45 - 00014752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-20 16:40 - 2016-01-25 15:40 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2017-01-20 16:40 - 2016-01-25 15:40 - 00000372 __RSH C:\ProgramData\ntuser.pol
2017-01-20 16:32 - 2016-01-25 19:22 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-01-20 16:32 - 2016-01-25 19:22 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-20 16:26 - 2016-10-05 21:50 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2017-01-20 16:20 - 2016-01-29 13:46 - 00000000 ___RD C:\Users\Vinicius\Creative Cloud Files
2017-01-20 16:20 - 2016-01-29 13:46 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2017-01-20 16:20 - 2016-01-29 13:46 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-01-20 16:20 - 2016-01-29 13:21 - 00000000 ____D C:\Users\Vinicius\AppData\Local\Adobe
2017-01-20 16:18 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-20 16:09 - 2015-11-11 19:16 - 00000000 ____D C:\Users\Vinicius
2017-01-20 16:08 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\registration
2017-01-20 15:03 - 2016-01-29 13:25 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2017-01-20 15:03 - 2016-01-29 13:25 - 00000000 ____D C:\ProgramData\Adobe
2017-01-20 15:01 - 2016-03-02 23:59 - 00000000 ____D C:\Users\Vinicius\Desktop\Adobe
2017-01-20 15:01 - 2016-01-29 13:28 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\Adobe
2017-01-20 14:55 - 2015-12-10 14:24 - 00000000 ____D C:\Users\Vinicius\Desktop\FILMES
2017-01-20 14:54 - 2016-03-09 20:38 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-01-20 14:37 - 2016-03-09 21:24 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-01-20 14:10 - 2016-04-22 22:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-17 11:08 - 2016-03-27 19:32 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\vlc
2017-01-17 10:56 - 2015-12-28 12:46 - 00000000 ____D C:\Windows\system32\appmgmt
2017-01-17 10:46 - 2015-11-21 15:01 - 00000000 ____D C:\Users\Vinicius\AppData\Local\Google
2017-01-17 10:46 - 2015-11-21 15:01 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-13 12:04 - 2016-04-22 22:58 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-10 20:03 - 2016-10-14 15:21 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\BitTorrent
2016-12-30 14:21 - 2016-02-07 13:35 - 00000000 ____D C:\Users\Vinicius\Documents\Vinicius
2016-12-30 14:21 - 2015-11-11 19:16 - 00000000 ___RD C:\Users\Vinicius\Documents
2016-12-30 14:21 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-12-29 15:02 - 2009-07-14 15:55 - 00703370 _____ C:\Windows\system32\prfh0416.dat
2016-12-29 15:02 - 2009-07-14 15:55 - 00146156 _____ C:\Windows\system32\prfc0416.dat
2016-12-29 15:02 - 2009-07-14 03:13 - 01628224 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-29 15:02 - 2009-07-14 00:36 - 00651938 _____ C:\Windows\system32\perfh009.dat
2016-12-29 15:02 - 2009-07-14 00:36 - 00120870 _____ C:\Windows\system32\perfc009.dat
2016-12-26 20:34 - 2016-03-28 21:04 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\dvdcss
2016-12-25 00:28 - 2015-11-11 19:16 - 00000000 ___RD C:\Users\Vinicius\Pictures
==================== Arquivos na raiz de alguns diretórios =======
2016-01-25 16:40 - 2016-01-26 10:40 - 0000065 _____ () C:\Users\Vinicius\AppData\Roaming\WB.CFG
2015-11-11 19:21 - 2015-11-11 19:21 - 0000017 _____ () C:\Users\Vinicius\AppData\Local\resmon.resmoncfg
2016-04-22 22:52 - 2016-04-22 22:52 - 0000057 _____ () C:\ProgramData\Ament.ini
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{7A4B1516-FE26-F1D4-4749-687742AC1443}.job
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-01-17 11:42
==================== Fim de FRST.txt ============================
Executado por Vinicius (administrador) em VINICIUS-PC (20-01-2017 16:47:13)
Executando a partir de C:\Users\Vinicius\Desktop
Perfis Carregados: Vinicius (Perfis Disponíveis: Vinicius)
Platform: Windows 7 Professional (X64) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: IE)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TweakBit) C:\Program Files (x86)\TweakBit\FixMyPC\FixMyPC.exe
(Byte Technologies LLC) C:\Program Files\ByteFence\ByteFenceService.exe
(The Chromium Authors) C:\Users\Vinicius\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Vinicius\AppData\Local\chromium\Application\chrome.exe
(The Chromium Authors) C:\Users\Vinicius\AppData\Local\chromium\Application\chrome.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2384984 2016-12-09] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [Bufano] => C:\Windows\SysWOW64\wscript.exe /E:vbscript /B "C:\Users\Vinicius\AppData\Roaming\7A4B15~1\Gosaceced.dat"
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\...\Run: [ares] => "C:\Program Files (x86)\Ares\Ares.exe" -h
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\...\Run: [GoogleChromeAutoLaunch_B02B518C2BFF9DC144F30A00124BC2CD] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [935768 2016-12-08] (Google Inc.)
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23818360 2016-11-30] (Google)
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\...\Run: [Chromium] => c:\users\vinicius\appdata\local\chromium\application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\...\Run: [GoogleChromeAutoLaunch_4A7039663618B72104271B1863689235] => C:\Users\Vinicius\AppData\Local\chromium\Application\chrome.exe [1068544 2016-03-18] (The Chromium Authors)
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\...\RunOnce: [Uninstall C:\Users\Vinicius\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vinicius\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-10-25] ()
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Vinicius\AppData\Local\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Vinicius\AppData\Local\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Vinicius\AppData\Local\MEGAsync\ShellExtX64.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Vinicius\AppData\Local\MEGAsync\ShellExtX32.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Vinicius\AppData\Local\MEGAsync\ShellExtX32.dll -> Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Vinicius\AppData\Local\MEGAsync\ShellExtX32.dll -> Nenhum Arquivo
Startup: C:\Users\Vinicius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 2540 series.lnk [2017-01-20]
ShortcutTarget: Monitorar alertas de tinta - HP Deskjet 2540 series.lnk -> C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restrição <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 10.50.0.1 8.8.8.8
Tcpip\..\Interfaces\{7ABB4BA0-EAB0-4217-96C3-49F578E161F8}: [DhcpNameServer] 10.50.0.1 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional
HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/pt-br/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_04¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCyEzzyDtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyD0F0DtDyD0A0EyEtGtD0Ezy0AtGtBtD0BtBtGtCzztD0CtGyD0FtC0FyE0EyEyCtCzyzy0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D500179387%26a%3Dwbf_ir_16_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3572718170-2842050574-1815482537-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3572718170-2842050574-1815482537-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_aslgsfs_17_03¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCzzyEyCtN1L2XzutAtFtByDtFtCtFtCtDzztN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyDtByEtBtAzytDtCtGtBtD0F0CtG0AtAtC0FtGtCtA0DyEtGyBzyzztByDtC0EtC0Azyzz0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D1718309136%26a%3Dwbf_aslgsfs_17_03%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3572718170-2842050574-1815482537-1000 -> {2211d4a5-48d0-47f5-a7cd-81e861470f7f} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ir_16_04¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDtBtB0A0D0EtA0A0FtAyB0EyDtAtN0D0Tzu0StCyEzzyDtN1L2XzutAtFtCyBtFzytFtDtN1L1Czu1TtN1L1G1B1V1N2Y1L1Qzu2SyD0F0DtDyD0A0EyEtGtD0Ezy0AtGtBtD0BtBtGtCzztD0CtGyD0FtC0FyE0EyEyCtCzyzy0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0DtCzz0A0DyBzytGzyyEtCyBtGyE0EzztCtGzztDyEtDtG0F0B0EyB0EtBtDyE0B0FtDyB2QtN0A0LzuyE%26cr%3D500179387%26a%3Dwbf_ir_16_04%26os_ver%3D6.1%26os%3DWindows%2B7%2BProfessional&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3572718170-2842050574-1815482537-1000 -> {6F42AF21-E83F-495C-BCDB-91BF7553F0C6} URL = hxxps://br.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=502468&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3572718170-2842050574-1815482537-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://br.search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_160502__yaie&p={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Auxiliar de Conexão de Conta da Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-3572718170-2842050574-1815482537-1000 -> Sem Nome - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Nenhum Arquivo
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-13] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-13] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-12-09] (Adobe Systems)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-12-09] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3572718170-2842050574-1815482537-1000: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\Vinicius\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-05-13] (RocketLife, LLP)
Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/chrome
CHR Profile: C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default [2017-01-20]
CHR Extension: (Google Apresentações) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-21]
CHR Extension: (Google Docs) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-21]
CHR Extension: (Google Drive) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-21]
CHR Extension: (YouTube) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-21]
CHR Extension: (Google Search) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-17]
CHR Extension: (Planilhas do Google) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-21]
CHR Extension: (Pinterest Save Button) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-11-01]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (Gmail) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-21]
CHR Extension: (Chrome Media Router) - C:\Users\Vinicius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-19]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3572718170-2842050574-1815482537-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [753240 2016-12-09] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2207960 2016-09-26] (Adobe Systems, Incorporated)
R2 ByteFenceService; C:\Program Files\ByteFence\ByteFenceService.exe [146400 2016-12-18] (Byte Technologies LLC)
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2015-12-07] () [Arquivo não assinado]
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2016-05-10] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S2 NMSAccessU; C:\Program Files (x86)\Super_DVD_Creator_9.8\NMSAccessU.exe [X]
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [61656 2014-01-23] (Realtek Semiconductor Corporation )
S3 AIDA64Driver; \??\C:\Users\Vinicius\AppData\Local\Temp\RarSFX0\kerneld.x64 [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-01-20 16:44 - 2017-01-20 16:45 - 00038104 _____ C:\Users\Vinicius\Desktop\Addition.txt
2017-01-20 16:43 - 2017-01-20 16:47 - 00023856 _____ C:\Users\Vinicius\Desktop\FRST.txt
2017-01-20 16:43 - 2017-01-20 16:47 - 00000000 ____D C:\FRST
2017-01-20 16:41 - 2017-01-20 16:42 - 02419712 _____ (Farbar) C:\Users\Vinicius\Desktop\FRST64.exe
2017-01-20 16:41 - 2017-01-20 16:41 - 00002279 _____ C:\Users\Vinicius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium.lnk
2017-01-20 16:41 - 2017-01-20 16:41 - 00000000 ____D C:\Users\Vinicius\AppData\Local\chromium
2017-01-20 16:40 - 2017-01-20 16:40 - 00004352 _____ C:\Windows\System32\Tasks\Yahoo! Powered ridir
2017-01-20 16:40 - 2017-01-20 16:40 - 00003396 _____ C:\Windows\System32\Tasks\ByteFence
2017-01-20 16:40 - 2017-01-20 16:40 - 00003238 _____ C:\Windows\System32\Tasks\{7A4B1516-FE26-F1D4-4749-687742AC1443}
2017-01-20 16:40 - 2017-01-20 16:40 - 00001506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2017-01-20 16:40 - 2017-01-20 16:40 - 00000286 _____ C:\Windows\Tasks\{7A4B1516-FE26-F1D4-4749-687742AC1443}.job
2017-01-20 16:40 - 2017-01-20 16:40 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\7a4b1516fe26f1d44749687742ac1443
2017-01-20 16:40 - 2017-01-20 16:40 - 00000000 ____D C:\Users\Todos os Usuários\{49BB8CD8-C3F9-061E-453F-985CDF7D1392}
2017-01-20 16:40 - 2017-01-20 16:40 - 00000000 ____D C:\ProgramData\{49BB8CD8-C3F9-061E-453F-985CDF7D1392}
2017-01-20 16:39 - 2017-01-20 16:42 - 00000000 ____D C:\Users\Vinicius\AppData\Local\{20F916A5-0451-7A1D-69C9-5FF54DA1A36D}
2017-01-20 16:39 - 2017-01-20 16:40 - 00000000 ____D C:\Program Files\ByteFence
2017-01-20 16:38 - 2017-01-20 16:38 - 01761792 _____ (Farbar) C:\Users\Vinicius\Downloads\FRST.exe
2017-01-20 16:38 - 2017-01-20 16:38 - 00000000 ____D C:\Windows\System32\Tasks\TweakBit
2017-01-20 16:38 - 2017-01-20 16:38 - 00000000 ____D C:\Users\Todos os Usuários\TweakBit
2017-01-20 16:38 - 2017-01-20 16:38 - 00000000 ____D C:\ProgramData\TweakBit
2017-01-20 16:38 - 2017-01-20 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit
2017-01-20 16:38 - 2017-01-20 16:38 - 00000000 ____D C:\Program Files (x86)\TweakBit
2017-01-20 16:37 - 2017-01-20 16:37 - 00407784 _____ (TweakBit) C:\Users\Vinicius\Downloads\fix_api-ms-win-crt-runtime-l1-1-0.dll-setup.exe
2017-01-20 15:56 - 2017-01-20 15:56 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\DLL-files.com
2017-01-20 15:56 - 2017-01-20 15:56 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\DFXCT
2017-01-20 15:56 - 2017-01-20 15:56 - 00000000 ____D C:\Program Files (x86)\DLL-Files.com Client
2017-01-20 14:59 - 2017-01-20 14:59 - 00001225 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-01-20 14:59 - 2017-01-20 14:59 - 00001213 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2017-01-20 14:48 - 2017-01-20 14:49 - 00804440 _____ (Adobe Systems Incorporated) C:\Users\Vinicius\Downloads\CreativeCloudSet-Up.exe
2017-01-20 14:45 - 2017-01-20 14:46 - 02030344 _____ (Adobe Systems Incorporated) C:\Users\Vinicius\Downloads\Photoshop_Set-Up.exe
2017-01-20 14:33 - 2017-01-20 14:33 - 00003182 _____ C:\Windows\System32\Tasks\{ABED48B4-19C5-491C-BB8C-A132ACA935AB}
2017-01-17 10:58 - 2017-01-17 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-01-17 10:56 - 2017-01-17 11:11 - 1072186514 _____ C:\Users\Vinicius\Downloads\100CANON-20170117T125503Z.zip
2017-01-17 10:50 - 2017-01-20 16:19 - 00000000 ___RD C:\Users\Vinicius\Google Drive
2017-01-16 20:50 - 2017-01-16 20:50 - 00038967 _____ C:\Users\Vinicius\Downloads\rf00068_espelho_iptu.pdf
2017-01-16 20:50 - 2017-01-16 20:50 - 00038967 _____ C:\Users\Vinicius\Downloads\rf00068_espelho_iptu (1).pdf
2016-12-19 21:34 - 2016-12-19 21:34 - 00017873 _____ C:\Users\Vinicius\Downloads\Atividade avaliativa final_Crstina Alves.docx
2016-12-19 21:33 - 2016-12-19 21:33 - 00016055 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação (3) (2).docx
2016-12-19 21:33 - 2016-12-19 21:33 - 00016055 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação (3) (1).docx
2016-12-19 21:18 - 2016-12-19 21:18 - 02451564 _____ C:\Users\Vinicius\Downloads\Manual_Inscricao.pdf
2016-12-19 21:10 - 2016-12-19 21:10 - 00012129 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação (6).docx
2016-12-19 16:32 - 2016-12-19 16:32 - 00012129 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação (5).docx
2016-12-19 16:32 - 2016-12-19 16:32 - 00012129 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação (4).docx
2016-12-19 15:53 - 2016-12-19 16:27 - 00016055 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação (3).docx
2016-12-10 20:16 - 2016-12-10 20:16 - 00012129 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação (2).docx
2016-12-10 20:13 - 2016-12-10 20:13 - 00012129 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação.docx
2016-12-10 20:13 - 2016-12-10 20:13 - 00012129 _____ C:\Users\Vinicius\Downloads\Avaliação final do Curso e Autoavaliação (1).docx
2016-12-09 09:33 - 2016-12-09 11:06 - 00000000 ____D C:\Users\Vinicius\Desktop\slide
2016-12-07 21:45 - 2016-12-07 21:45 - 00055659 _____ C:\Users\Vinicius\Downloads\boleto.pdf
2016-12-04 14:21 - 2016-12-30 13:52 - 00000000 ____D C:\Users\Vinicius\AppData\LocalLow\BitTorrent
2016-12-02 16:54 - 2016-12-02 16:54 - 00000000 ____D C:\Users\Vinicius\Desktop\slide1
2016-12-02 14:46 - 2016-12-02 14:46 - 00410112 _____ (SupportSys) C:\Users\Vinicius\Downloads\AtualizacaoFL Player Win64xWin32 2016.exe
2016-11-30 09:47 - 2016-11-30 09:47 - 00103991 _____ C:\Users\Vinicius\Desktop\Sem Título-1.jpg
2016-11-26 20:15 - 2016-11-26 20:15 - 00002313 _____ C:\Users\Vinicius\Downloads\P365-361.zip
2016-11-24 10:06 - 2016-11-24 10:06 - 02114888 _____ C:\Users\Vinicius\Downloads\Adobe-F-Player_2016_.exe
2016-11-23 21:04 - 2016-12-07 21:33 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\D-Book
2016-11-23 21:04 - 2016-12-07 18:28 - 00000000 ____D C:\Users\Vinicius\Documents\D-Book
2016-11-23 21:02 - 2016-11-23 21:02 - 00001123 _____ C:\Users\Vinicius\Desktop\D-Book.lnk
2016-11-23 21:02 - 2016-11-23 21:02 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\D-Book
2016-11-23 21:01 - 2016-11-23 21:04 - 00000000 ____D C:\Program Files (x86)\Digipix D-Book
2016-11-23 20:55 - 2016-11-23 20:56 - 75335088 _____ C:\Users\Vinicius\Downloads\D-Book-PRO-Full-Instalar.exe
2016-11-22 09:05 - 2016-11-22 09:05 - 00014139 _____ C:\Users\Vinicius\Downloads\Relatorio workflow.docx
2016-11-06 22:56 - 2016-11-06 22:56 - 00097153 _____ C:\Users\Vinicius\Downloads\atividades-com-descritores-matematica-proeb-5-ano-5-638.jpg
2016-11-04 16:19 - 2016-11-04 16:19 - 00140488 _____ C:\Users\Vinicius\Downloads\A Caixa DVDRip.rar
2016-11-04 14:47 - 2016-11-04 14:47 - 04572438 _____ C:\Users\Vinicius\Downloads\torrent.rar
2016-10-26 21:16 - 2013-12-29 13:16 - 00002977 _____ C:\Users\Vinicius\Downloads\P365-364.lrtemplate
2016-10-26 21:03 - 2016-10-26 21:02 - 59802513 ____N C:\Users\Vinicius\Desktop\Vídeo Aula - Formatação trabalhos Normas ABNT ( 360 X 640 ).mp4
2016-10-26 09:23 - 2016-10-26 09:23 - 00026611 _____ C:\Users\Vinicius\Downloads\CAPA CD.xlsx
2016-10-26 09:22 - 2016-10-26 09:22 - 00131072 _____ C:\Users\Vinicius\Downloads\Artigo - João Batista.doc
2016-10-25 22:38 - 2013-03-29 20:59 - 00001619 _____ C:\Users\Vinicius\Downloads\readme.rtf
2016-10-23 22:20 - 2016-10-23 22:20 - 00870912 _____ C:\Users\Vinicius\Downloads\MAT 3º BIM.doc
2016-10-23 20:06 - 2016-10-23 20:06 - 00311220 _____ C:\Users\Vinicius\Downloads\Matemática avaliação.docx
2016-10-23 19:54 - 2016-10-23 19:54 - 00000153 _____ C:\Users\Vinicius\Downloads\EMAI_23_11_12.wmv
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-01-20 16:41 - 2009-07-14 02:45 - 00014752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-01-20 16:41 - 2009-07-14 02:45 - 00014752 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-01-20 16:40 - 2016-01-25 15:40 - 00000372 __RSH C:\Users\Todos os Usuários\ntuser.pol
2017-01-20 16:40 - 2016-01-25 15:40 - 00000372 __RSH C:\ProgramData\ntuser.pol
2017-01-20 16:32 - 2016-01-25 19:22 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2017-01-20 16:32 - 2016-01-25 19:22 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-20 16:26 - 2016-10-05 21:50 - 00000000 ____D C:\Users\Public\Documents\AdobeGC
2017-01-20 16:20 - 2016-01-29 13:46 - 00000000 ___RD C:\Users\Vinicius\Creative Cloud Files
2017-01-20 16:20 - 2016-01-29 13:46 - 00000000 ____D C:\Users\Todos os Usuários\boost_interprocess
2017-01-20 16:20 - 2016-01-29 13:46 - 00000000 ____D C:\ProgramData\boost_interprocess
2017-01-20 16:20 - 2016-01-29 13:21 - 00000000 ____D C:\Users\Vinicius\AppData\Local\Adobe
2017-01-20 16:18 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-20 16:09 - 2015-11-11 19:16 - 00000000 ____D C:\Users\Vinicius
2017-01-20 16:08 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\registration
2017-01-20 15:03 - 2016-01-29 13:25 - 00000000 ____D C:\Users\Todos os Usuários\Adobe
2017-01-20 15:03 - 2016-01-29 13:25 - 00000000 ____D C:\ProgramData\Adobe
2017-01-20 15:01 - 2016-03-02 23:59 - 00000000 ____D C:\Users\Vinicius\Desktop\Adobe
2017-01-20 15:01 - 2016-01-29 13:28 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\Adobe
2017-01-20 14:55 - 2015-12-10 14:24 - 00000000 ____D C:\Users\Vinicius\Desktop\FILMES
2017-01-20 14:54 - 2016-03-09 20:38 - 00000000 ____D C:\Program Files (x86)\Adobe
2017-01-20 14:37 - 2016-03-09 21:24 - 00000000 ____D C:\Program Files\Common Files\Adobe
2017-01-20 14:10 - 2016-04-22 22:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-01-17 11:08 - 2016-03-27 19:32 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\vlc
2017-01-17 10:56 - 2015-12-28 12:46 - 00000000 ____D C:\Windows\system32\appmgmt
2017-01-17 10:46 - 2015-11-21 15:01 - 00000000 ____D C:\Users\Vinicius\AppData\Local\Google
2017-01-17 10:46 - 2015-11-21 15:01 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-13 12:04 - 2016-04-22 22:58 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-10 20:03 - 2016-10-14 15:21 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\BitTorrent
2016-12-30 14:21 - 2016-02-07 13:35 - 00000000 ____D C:\Users\Vinicius\Documents\Vinicius
2016-12-30 14:21 - 2015-11-11 19:16 - 00000000 ___RD C:\Users\Vinicius\Documents
2016-12-30 14:21 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2016-12-29 15:02 - 2009-07-14 15:55 - 00703370 _____ C:\Windows\system32\prfh0416.dat
2016-12-29 15:02 - 2009-07-14 15:55 - 00146156 _____ C:\Windows\system32\prfc0416.dat
2016-12-29 15:02 - 2009-07-14 03:13 - 01628224 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-29 15:02 - 2009-07-14 00:36 - 00651938 _____ C:\Windows\system32\perfh009.dat
2016-12-29 15:02 - 2009-07-14 00:36 - 00120870 _____ C:\Windows\system32\perfc009.dat
2016-12-26 20:34 - 2016-03-28 21:04 - 00000000 ____D C:\Users\Vinicius\AppData\Roaming\dvdcss
2016-12-25 00:28 - 2015-11-11 19:16 - 00000000 ___RD C:\Users\Vinicius\Pictures
==================== Arquivos na raiz de alguns diretórios =======
2016-01-25 16:40 - 2016-01-26 10:40 - 0000065 _____ () C:\Users\Vinicius\AppData\Roaming\WB.CFG
2015-11-11 19:21 - 2015-11-11 19:21 - 0000017 _____ () C:\Users\Vinicius\AppData\Local\resmon.resmoncfg
2016-04-22 22:52 - 2016-04-22 22:52 - 0000057 _____ () C:\ProgramData\Ament.ini
Arquivos para serem movidos ou deletados:
====================
C:\Windows\Tasks\{7A4B1516-FE26-F1D4-4749-687742AC1443}.job
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2017-01-17 11:42
==================== Fim de FRST.txt ============================