cjoint

Publicité


Publicité

Commentaire : Kamia FRST.txt

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05-2015
Ran by Felipe Kamia (administrator) on DUVA on 19-05-2015 19:40:06
Running from C:\Users\Felipe Kamia\Desktop
Loaded Profiles: Felipe Kamia (Available profiles: Felipe Kamia)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Português (Brasil)
Internet Explorer Version 10 (Default browser path: "%1" %*)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\SysWOW64\irstrtsv.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(GAS Tecnologia LTDA) C:\Program Files (x86)\Diebold\Warsaw\core.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Google Inc.) C:\Users\Felipe Kamia\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Dropbox, Inc.) C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDGesture.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpAgent.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\uaclauncher.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Google Inc.) C:\Users\Felipe Kamia\AppData\Local\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [192520 2011-05-21] (Trend Micro Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2894640 2012-03-14] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-14] (Raptr, Inc)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-03-10] (Banco do Brasil)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2013-11-22] (Banco Itaú Unibanco)
HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\Run: [MusicManager] => C:\Users\Felipe Kamia\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7475200 2015-03-31] (Google Inc.)
HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25700400 2015-04-28] (Google)
HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\Run: [Google Update] => C:\Users\Felipe Kamia\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-23] (Google Inc.)
HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671904 2012-08-28] (DT Soft Ltd)
HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\Run: [uTorrent] => C:\Users\Felipe Kamia\AppData\Roaming\uTorrent\uTorrent.exe [1694560 2015-05-14] (BitTorrent Inc.)
HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\MountPoints2: {e79fe302-145f-11e2-aac6-e006e6ddd7a0} - E:\setup.exe
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\Users\Felipe Kamia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-09-17]
ShortcutTarget: Dropbox.lnk -> C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Felipe Kamia\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-10] (Dropbox, Inc.)
CHR HKU\S-1-5-21-174019988-414781078-1319990136-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
SearchScopes: HKLM -> {8F59173F-37E0-4E35-95A1-38DB9D0B64A6} URL = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {8F59173F-37E0-4E35-95A1-38DB9D0B64A6} URL = http://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDR&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-174019988-414781078-1319990136-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1077\TmIEPlg.dll [2011-05-21] (Trend Micro Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll [2011-05-21] (Trend Micro Inc.)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1077\TmIEPlg32.dll [2011-05-21] (Trend Micro Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2012-01-19] (Atheros Commnucations)
BHO-x32: Auxiliar de Conexão do Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-14] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: TmBpIeBHO Class -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll [2011-05-21] (Trend Micro Inc.)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll [2015-03-10] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2013-11-22] (Banco Itaú Unibanco)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
DPF: HKLM-x32 {682C59F5-478C-4421-9070-AD170D143B77} http://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll [2011-05-21] (Trend Micro Inc.)
Handler-x32: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll [2011-05-21] (Trend Micro Inc.)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1077\TmIEPlg.dll [2011-05-21] (Trend Micro Inc.)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1077\TmIEPlg32.dll [2011-05-21] (Trend Micro Inc.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES (X86)\GbPlugin\gbieh.dll [1864576 2015-03-10] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1513528 2013-11-22] (Banco Itaú Unibanco)
Tcpip\Parameters: [DhcpNameServer] 200.218.176.7 200.218.176.8 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Felipe Kamia\AppData\Roaming\Mozilla\Firefox\Profiles\ng0a0zdc.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-05-08] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-05-08] ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-07-03] ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-174019988-414781078-1319990136-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Felipe Kamia\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-02-10] (Citrix Online)
FF Plugin HKU\S-1-5-21-174019988-414781078-1319990136-1000: @hola.org/vlc,version=1.6.64 -> C:\Users\Felipe Kamia\AppData\Local\Hola\firefox\app\vlc No File
FF Plugin HKU\S-1-5-21-174019988-414781078-1319990136-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Felipe Kamia\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-174019988-414781078-1319990136-1000: @talk.google.com/O1DPlugin -> C:\Users\Felipe Kamia\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-174019988-414781078-1319990136-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Felipe Kamia\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-174019988-414781078-1319990136-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Felipe Kamia\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-174019988-414781078-1319990136-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Felipe Kamia\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-02] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-174019988-414781078-1319990136-1000: electronicarts.com/GameFacePlugin -> C:\Users\Felipe Kamia\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll [2012-07-26] (Electronic Arts)
FF Plugin HKU\S-1-5-21-174019988-414781078-1319990136-1000: gastecnologia.com.br/sf/bb -> C:\Users\Felipe Kamia\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2014-08-15] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-174019988-414781078-1319990136-1000: gastecnologia.com.br/sf/cef -> C:\Users\Felipe Kamia\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2013-09-19] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-174019988-414781078-1319990136-1000: gastecnologia.com.br/sf/uni -> C:\Users\Felipe Kamia\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll [2014-08-26] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Users\Felipe Kamia\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Felipe Kamia\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF HKLM-x32\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1077\firefoxextension
FF Extension: Trend Micro NSC Firefox Extension - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1077\firefoxextension [2014-12-23]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2012-08-17]
FF HKU\S-1-5-21-174019988-414781078-1319990136-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8873}] - C:\Users\Felipe Kamia\AppData\Local\GAS Tecnologia\GBBD\uni\xpi
FF Extension: Guardião - Itaú 30 horas - C:\Users\Felipe Kamia\AppData\Local\GAS Tecnologia\GBBD\uni\xpi [2014-08-26]
FF Extension: No Name - C:\Users\Felipe Kamia\AppData\Roaming\Mozilla\Firefox\Profiles\ng0a0zdc.default\extensions\searchffv2@gmail.com [Not Found]
FF Extension: No Name - C:\Users\Felipe Kamia\AppData\Roaming\Mozilla\Firefox\Profiles\ng0a0zdc.default\extensions\sweetsearch@gmail.com [Not Found]
FF Extension: No Name - C:\Users\Felipe Kamia\AppData\Roaming\Mozilla\Firefox\Profiles\ng0a0zdc.default\extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [Not Found]

Chrome:
=======
CHR Profile: C:\Users\Felipe Kamia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Felipe Kamia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-17]
CHR Extension: (Google Docs) - C:\Users\Felipe Kamia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-17]
CHR Extension: (Google Drive) - C:\Users\Felipe Kamia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-17]
CHR Extension: (YouTube) - C:\Users\Felipe Kamia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-17]
CHR Extension: (Google Search) - C:\Users\Felipe Kamia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-17]
CHR Extension: (Google Sheets) - C:\Users\Felipe Kamia\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-17]
CHR Extension: (Bookmark Manager) - C:\Users\Felipe Kamia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Felipe Kamia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-18]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Felipe Kamia\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-05-18]
CHR Extension: (Google Wallet) - C:\Users\Felipe Kamia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-17]
CHR Extension: (Gmail) - C:\Users\Felipe Kamia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-17]
CHR HKU\S-1-5-21-174019988-414781078-1319990136-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.ABJFME4MKS7XEMUPMYRVJB77QM - C:\Users\Felipe Kamia\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [106144 2012-01-19] (Atheros Commnucations) [File not signed]
R2 CxUtilSvc; C:\Program Files\Conexant\SA3\CxUtilSvc.exe [109184 2011-10-11] (Conexant Systems, Inc.)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [565560 2015-01-20] (GAS Tecnologia)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-05] (Intel Corporation)
R2 irstrtsv; C:\Windows\SysWOW64\irstrtsv.exe [192856 2012-02-25] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-06-04] ()
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-03-04] (Dell Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Warsaw Technology; C:\Program Files (x86)\Diebold\Warsaw\core.exe [518968 2014-07-12] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-19] (Atheros) [File not signed]
R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [73728 2012-01-31] (Atheros) [File not signed]
U2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-10-12] (DT Soft Ltd)
S0 GbpKm; C:\Windows\SysWOW64\drivers\GbpKm.sys [49536 2013-05-08] (GAS Tecnologia)
S3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd64.sys [14745600 2012-03-19] (Intel Corporation) [File not signed]
R3 irstrtdv; C:\Windows\System32\DRIVERS\irstrtdv.sys [26504 2012-02-22] (Intel Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2010-04-28] (Marvell Semiconductor, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2011-04-08] (Realtek Semiconductor Corporation )
R3 stdriver; C:\Windows\System32\DRIVERS\stdriverx64.sys [34512 2014-10-16] ()
R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-01-03] (STMicroelectronics)
R2 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [90896 2011-05-21] (Trend Micro Inc.)
R2 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [144656 2011-05-21] (Trend Micro Inc.)
R2 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [69392 2011-05-21] (Trend Micro Inc.)
R1 tmtdi; C:\Windows\System32\DRIVERS\tmtdi.sys [105552 2011-05-21] (Trend Micro Inc.)
S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-19 19:40 - 2015-05-19 19:40 - 00028043 _____ () C:\Users\Felipe Kamia\Desktop\FRST.txt
2015-05-19 19:39 - 2015-05-19 19:40 - 00000000 ____D () C:\FRST
2015-05-19 19:39 - 2015-05-19 19:39 - 02107904 _____ (Farbar) C:\Users\Felipe Kamia\Downloads\FRST64.exe
2015-05-19 19:37 - 2015-05-19 19:38 - 02107904 _____ (Farbar) C:\Users\Felipe Kamia\Desktop\FRST64.exe
2015-05-18 23:01 - 2015-05-18 23:01 - 00000000 ____D () C:\Users\Todos os Usuários\Validity
2015-05-18 23:01 - 2015-05-18 23:01 - 00000000 ____D () C:\ProgramData\Validity
2015-05-18 22:42 - 2015-05-18 22:24 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-05-18 22:26 - 2015-05-18 23:02 - 00028527 _____ () C:\zoek-results.log
2015-05-18 22:24 - 2015-05-18 22:38 - 00000000 ____D () C:\zoek_backup
2015-05-18 22:23 - 2015-05-18 22:23 - 01308672 _____ () C:\Users\Felipe Kamia\Downloads\zoek.exe
2015-05-18 22:14 - 2015-05-18 22:14 - 00003344 ____N () C:\bootsqm.dat
2015-05-18 16:31 - 2015-05-18 16:31 - 00278588 _____ () C:\Users\Felipe Kamia\Downloads\lista 2 bárbara .zip
2015-05-18 15:10 - 2015-05-18 15:10 - 00018599 _____ () C:\Users\Felipe Kamia\Desktop\malw.txt
2015-05-18 13:24 - 2015-05-18 15:09 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-18 13:23 - 2015-05-18 13:23 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-18 13:23 - 2015-05-18 13:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-18 13:23 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-18 13:23 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-18 13:21 - 2015-05-18 13:21 - 00007873 _____ () C:\Users\Felipe Kamia\Desktop\rel 180515.txt
2015-05-18 13:18 - 2015-05-18 13:19 - 00007873 _____ () C:\Users\Felipe Kamia\Desktop\ZHPCleaner.txt
2015-05-18 13:12 - 2015-05-18 13:12 - 00000837 _____ () C:\Users\Felipe Kamia\Desktop\ZHPCleaner.lnk
2015-05-18 13:11 - 2015-05-18 13:12 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Felipe Kamia\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-18 13:11 - 2015-05-18 13:12 - 01835008 _____ () C:\Users\Felipe Kamia\Downloads\ZHPCleaner.exe
2015-05-18 11:30 - 2015-05-18 11:30 - 00028082 _____ () C:\Users\Felipe Kamia\Desktop\ZHPFixReport.txt
2015-05-17 23:25 - 2015-05-17 23:25 - 00184955 _____ () C:\Users\Felipe Kamia\Desktop\Relatório 17052015.txt
2015-05-17 23:24 - 2015-05-17 23:24 - 00184955 _____ () C:\Users\Felipe Kamia\Desktop\ZHPDiag.txt
2015-05-17 23:21 - 2015-05-17 23:23 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-05-17 23:18 - 2015-05-18 13:19 - 00000000 ____D () C:\Users\Felipe Kamia\AppData\Roaming\ZHP
2015-05-17 23:18 - 2015-05-17 23:23 - 00000234 _____ () C:\Users\Felipe
2015-05-17 23:18 - 2015-05-17 23:18 - 00001989 _____ () C:\Users\Felipe Kamia\Desktop\ZHPFix.lnk
2015-05-17 23:18 - 2015-05-17 23:18 - 00001862 _____ () C:\Users\Felipe Kamia\Desktop\ZHPDiag.lnk
2015-05-17 23:18 - 2015-05-17 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-05-17 23:18 - 2015-05-17 23:18 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2015-05-17 23:17 - 2015-05-17 23:17 - 06880230 _____ (Nicolas Coolman ) C:\Users\Felipe Kamia\Downloads\ZHPDiag2.exe
2015-05-17 16:55 - 2015-05-17 16:55 - 00001548 _____ () C:\Users\Felipe Kamia\Desktop\Google Chrome.lnk
2015-05-17 16:49 - 2015-05-17 16:49 - 01125626 _____ () C:\Users\Felipe Kamia\Downloads\process-explorer-16-05-32-bits [1].exe
2015-05-17 16:31 - 2015-05-18 23:01 - 00000008 __RSH () C:\Users\Todos os Usuários\ntuser.pol
2015-05-17 16:31 - 2015-05-18 23:01 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2015-05-17 16:31 - 2015-05-17 16:31 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-17 16:30 - 2015-05-17 16:30 - 00000000 _____ () C:\Windows\SysWOW64\Number of results
2015-05-16 16:09 - 2015-05-16 16:09 - 00003037 _____ () C:\Users\Felipe Kamia\Downloads\extrato (8).ofx
2015-05-16 15:54 - 2015-05-17 17:06 - 00000000 ____D () C:\AdwCleaner
2015-05-16 15:54 - 2015-05-16 15:53 - 02209792 _____ () C:\Users\Felipe Kamia\Desktop\adwcleaner_4.204.exe
2015-05-16 15:53 - 2015-05-16 15:53 - 02209792 _____ () C:\Users\Felipe Kamia\Downloads\adwcleaner_4.204.exe
2015-05-16 15:09 - 2015-05-16 15:09 - 00134472 _____ () C:\Users\Felipe Kamia\Downloads\YNAB Reactivator v1.0.jar
2015-05-16 15:03 - 2015-05-18 23:01 - 00044738 _____ () C:\Windows\PFRO.log
2015-05-16 13:50 - 2015-03-17 14:56 - 00000879 _____ () C:\Windows\system32\Drivers\etc\hp.bak
2015-05-14 01:17 - 2015-05-14 10:40 - 00000000 ____D () C:\Users\Felipe Kamia\Downloads\Marx e marxismos [AK]
2015-05-13 13:28 - 2015-05-13 13:28 - 03090968 _____ () C:\Users\Felipe Kamia\Downloads\Programas_2_semestre_2014_-_PPGE.zip
2015-05-10 19:14 - 2015-05-10 19:15 - 23315064 _____ (Popcorn Official) C:\Users\Felipe Kamia\Downloads\Popcorn-Time-0.3.7.2-Setup.exe
2015-05-10 17:19 - 2015-05-18 15:42 - 00003484 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2015-05-10 17:19 - 2015-05-10 17:19 - 00004036 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask
2015-05-10 17:19 - 2015-05-10 17:19 - 00003224 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-05-10 17:19 - 2015-05-10 17:19 - 00000000 ____D () C:\Users\Todos os Usuários\PC-Doctor for Windows
2015-05-10 17:19 - 2015-05-10 17:19 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows
2015-05-10 17:19 - 2015-05-10 17:19 - 00000000 ____D () C:\Program Files\Dell Support Center
2015-05-09 13:56 - 2015-05-12 00:58 - 00000000 ____D () C:\Users\Felipe Kamia\Desktop\Diversos
2015-05-09 12:58 - 2015-05-09 12:58 - 00159080 _____ () C:\Users\Felipe Kamia\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-09 12:41 - 2015-05-19 18:48 - 00003566 _____ () C:\Windows\setupact.log
2015-05-09 12:41 - 2015-05-09 12:41 - 05145104 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-09 12:41 - 2015-05-09 12:41 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-09 00:46 - 2015-05-09 00:46 - 00000000 ____D () C:\Users\Felipe Kamia\Documents\Backup

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-19 19:40 - 2012-08-23 12:31 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-174019988-414781078-1319990136-1000UA.job
2015-05-19 19:39 - 2012-09-10 01:55 - 00000000 ____D () C:\Users\Felipe Kamia\AppData\Roaming\uTorrent
2015-05-19 19:18 - 2012-08-17 19:49 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-19 18:56 - 2009-07-14 01:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-19 18:56 - 2009-07-14 01:45 - 00031312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-19 18:54 - 2014-08-30 19:27 - 00000000 ____D () C:\Users\Felipe Kamia\AppData\Roaming\Raptr
2015-05-19 18:53 - 2014-08-30 19:27 - 00000000 ____D () C:\Program Files (x86)\Raptr
2015-05-19 18:53 - 2012-09-14 14:37 - 00000000 ___RD () C:\Users\Felipe Kamia\Dropbox
2015-05-19 18:53 - 2012-09-14 14:34 - 00000000 ____D () C:\Users\Felipe Kamia\AppData\Roaming\Dropbox
2015-05-19 18:53 - 2012-08-28 10:53 - 00000000 ___RD () C:\Users\Felipe Kamia\Google Drive
2015-05-19 18:53 - 2012-08-28 10:44 - 00001066 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-19 18:53 - 2012-08-17 20:22 - 00000000 ____D () C:\Users\Usuário Padrão\AppData\Local\SoftThinks
2015-05-19 18:53 - 2012-08-17 20:22 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-05-19 18:53 - 2012-08-17 20:22 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-05-19 18:53 - 2012-08-17 20:16 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-05-19 18:52 - 2012-08-17 19:48 - 01308387 _____ () C:\Windows\WindowsUpdate.log
2015-05-19 18:51 - 2010-11-21 06:37 - 01164274 _____ () C:\Windows\system32\prfh0416.dat
2015-05-19 18:51 - 2010-11-21 06:37 - 00586804 _____ () C:\Windows\system32\prfc0416.dat
2015-05-19 18:51 - 2009-07-14 02:13 - 00006462 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-19 18:48 - 2013-07-16 10:22 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\SysWOW64\Drivers\gbpndisrd.sys
2015-05-19 18:48 - 2013-07-16 10:22 - 00010266 _____ () C:\Windows\SysWOW64\Drivers\ndisrd.cat
2015-05-19 18:48 - 2013-07-16 10:22 - 00001402 _____ () C:\Windows\SysWOW64\Drivers\gas.cer
2015-05-19 18:48 - 2013-07-16 10:21 - 00000000 ____D () C:\Users\Todos os Usuários\boost_interprocess
2015-05-19 18:48 - 2013-07-16 10:21 - 00000000 ____D () C:\ProgramData\boost_interprocess
2015-05-19 18:48 - 2009-07-14 02:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-19 00:47 - 2012-08-28 10:44 - 00001070 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-18 22:38 - 2009-07-14 00:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-05-18 22:38 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2015-05-18 22:20 - 2009-07-14 00:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-18 17:40 - 2012-08-23 12:31 - 00001054 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-174019988-414781078-1319990136-1000Core.job
2015-05-18 15:07 - 2012-12-23 22:14 - 00000000 ____D () C:\Program Files (x86)\AIMP3
2015-05-18 13:23 - 2013-04-30 11:13 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2015-05-18 13:23 - 2013-04-30 11:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-18 11:07 - 2013-07-16 10:21 - 00000000 ____D () C:\Program Files (x86)\GbPlugin
2015-05-17 17:04 - 2013-07-16 10:21 - 00000000 ____D () C:\Users\Todos os Usuários\GbPlugin
2015-05-17 17:04 - 2013-07-16 10:21 - 00000000 ____D () C:\ProgramData\GbPlugin
2015-05-17 16:49 - 2012-08-28 15:49 - 00000000 ____D () C:\Users\Felipe Kamia\AppData\Local\CrashDumps
2015-05-17 16:37 - 2014-04-15 12:43 - 00000000 ____D () C:\Users\Felipe Kamia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome
2015-05-17 16:37 - 2013-10-28 21:05 - 00001063 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-17 16:37 - 2013-10-28 21:05 - 00001051 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-17 16:37 - 2012-08-23 12:33 - 00000000 ____D () C:\Users\Felipe Kamia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-17 16:37 - 2012-08-22 08:56 - 00000981 _____ () C:\Users\Felipe Kamia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-16 15:22 - 2012-08-22 15:52 - 00000000 ____D () C:\Users\Todos os Usuários\PCDr
2015-05-16 15:22 - 2012-08-22 15:52 - 00000000 ____D () C:\ProgramData\PCDr
2015-05-15 23:42 - 2012-08-28 10:44 - 00004066 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 23:42 - 2012-08-28 10:44 - 00003814 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-15 17:35 - 2012-08-23 12:31 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-174019988-414781078-1319990136-1000UA
2015-05-15 17:35 - 2012-08-23 12:31 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-174019988-414781078-1319990136-1000Core
2015-05-15 11:09 - 2014-12-07 03:34 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-10 19:14 - 2014-11-17 14:07 - 00000000 ____D () C:\Users\Felipe Kamia\AppData\Local\Popcorn-Time
2015-05-10 17:19 - 2013-03-14 01:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2015-05-09 00:43 - 2013-11-08 09:42 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-09 00:43 - 2012-10-12 12:03 - 00000000 ____D () C:\Users\Felipe Kamia\AppData\Roaming\DAEMON Tools Lite
2015-05-08 19:45 - 2012-08-28 10:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-05-08 18:31 - 2012-10-22 06:34 - 00000000 ____D () C:\Windows\Minidump
2015-05-08 15:18 - 2012-08-17 19:49 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-08 15:18 - 2012-08-17 19:49 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-08 15:18 - 2012-08-17 19:49 - 00003840 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-08 15:10 - 2013-10-28 21:05 - 00000000 ____D () C:\Users\Felipe Kamia\AppData\Roaming\Mozilla
2015-05-08 15:09 - 2012-09-14 14:36 - 00000000 ____D () C:\Users\Felipe Kamia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Files in the root of some directories =======

2013-08-12 10:57 - 2013-08-12 10:57 - 0000065 _____ () C:\Users\Felipe Kamia\AppData\Roaming\mbam.context.scan
2013-07-16 10:21 - 2014-09-17 10:50 - 0016934 _____ () C:\Users\Felipe Kamia\AppData\Roaming\unins000.dat
2013-10-20 12:26 - 2013-10-20 12:26 - 0016244 _____ () C:\Users\Felipe Kamia\AppData\Roaming\unins001.dat
2013-12-19 08:51 - 2013-12-19 08:51 - 0019574 _____ () C:\Users\Felipe Kamia\AppData\Roaming\unins002.dat
2012-10-08 18:27 - 2015-02-02 16:51 - 0009728 _____ () C:\Users\Felipe Kamia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some content of TEMP:
====================
C:\Users\Felipe Kamia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp68gmav.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-15 12:39

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité