cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:18-04-2016
Executado por WALLACE (administrador) em WALLACE-PC (24-04-2016 13:10:16)
Executando a partir de C:\Users\WALLACE\Desktop
Perfis Carregados: WALLACE (Perfis Disponíveis: WALLACE)
Platform: Windows 7 Ultimate (X64) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Banco Bradesco S.A.) C:\Program Files (x86)\Scpad\scpVista.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\WALLACE\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\xampp\mysql\bin\mysqld.exe
(FileZilla Project) C:\xampp\FileZillaFTP\FileZillaServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
() C:\xampp\xampp-control.exe
(Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
(Google Inc.) C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe
(Google Inc.) C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\WALLACE\AppData\Local\Dropbox\Update\DropboxUpdate.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [904928 2016-03-04] (GAS Tecnologia LTDA)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ApnUpdater] => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKU\S-1-5-21-3721557081-392497480-4232120922-1000\...\Run: [Jewawj] => C:\Users\WALLACE\AppData\Roaming\Jewawj.exe
HKU\S-1-5-21-3721557081-392497480-4232120922-1000\...\Run: [Google Update] => C:\Users\WALLACE\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-3721557081-392497480-4232120922-1000\...\Run: [Wfwaww] => C:\Users\WALLACE\AppData\Roaming\Wfwaww.exe
HKU\S-1-5-21-3721557081-392497480-4232120922-1000\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-3721557081-392497480-4232120922-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718208 2010-03-16] (Microsoft Corporation)
HKU\S-1-5-21-3721557081-392497480-4232120922-1000\...\Run: [Facebook Update] => C:\Users\WALLACE\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-08-17] (Facebook Inc.)
HKU\S-1-5-21-3721557081-392497480-4232120922-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [19876968 2013-06-21] (Skype Technologies S.A.)
HKU\S-1-5-21-3721557081-392497480-4232120922-1000\...\Run: [2289C1DC77CFC0158EBA5DE9855F674CB15E48BC._service_run] => C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\chrome.exe [874648 2016-04-06] (Google Inc.)
HKU\S-1-5-21-3721557081-392497480-4232120922-1000\...\Run: [GoogleChromeAutoLaunch_51F5186FBC79400DD31AD51CF5F6F40F] => C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\chrome.exe [874648 2016-04-06] (Google Inc.)
HKU\S-1-5-21-3721557081-392497480-4232120922-1000\...\Run: [Dropbox Update] => C:\Users\WALLACE\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.)
HKU\S-1-5-21-3721557081-392497480-4232120922-1000\...\MountPoints2: {47f221ca-8bdb-11e0-83eb-806e6f6e6963} - E:\Bin\Assetup.exe
HKU\S-1-5-21-3721557081-392497480-4232120922-1000\...\MountPoints2: {ab5f6745-21f0-11e2-90d5-f46d049fa20b} - G:\PhotoViewer.exe
SSODL-x32: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files (x86)\Scpad\scpLIB.dll (Banco Bradesco S.A.)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES (X86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\WALLACE\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\WALLACE\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\WALLACE\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\WALLACE\AppData\Roaming\Dropbox\bin\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\WALLACE\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\WALLACE\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\WALLACE\AppData\Roaming\Dropbox\bin\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
Startup: C:\Users\WALLACE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-04-15]
ShortcutTarget: Dropbox.lnk -> C:\Users\WALLACE\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
GroupPolicyScripts: Restrição <======= ATENÇÃO
GroupPolicyScripts\User: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{EA32E5E2-2AD2-4A79-8504-2DE431DF2884}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3721557081-392497480-4232120922-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
HKU\S-1-5-21-3721557081-392497480-4232120922-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119352&tt=gc_&babsrc=HP_ss&mntrId=B67EF46D049FA20B
URLSearchHook: HKU\S-1-5-21-3721557081-392497480-4232120922-1000 - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll Nenhum Arquivo
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKU\S-1-5-21-3721557081-392497480-4232120922-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3721557081-392497480-4232120922-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3721557081-392497480-4232120922-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-14] (Oracle Corporation)
BHO-x32: ssh2 Class -> {2E3C3651-B19C-4DD9-A979-901EC3E930AF} -> C:\Program Files (x86)\Scpad\scpsssh2.dll [2013-02-14] (Banco Bradesco S.A.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-14] (Oracle Corporation)
BHO-x32: Auxiliar de Conexão do Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
BHO-x32: Ask Toolbar -> {D4027C7F-154A-4066-A1AD-4243D8127440} -> C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll => Nenhum Arquivo
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-14] (Oracle Corporation)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll Nenhum Arquivo
Toolbar: HKU\S-1-5-21-3721557081-392497480-4232120922-1000 -> Sem Nome - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Nenhum Arquivo
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {E37CB5F0-51F5-4395-A808-5FA49E399003} hxxps://imagem.caixa.gov.br/cab/GBPCEF.CAB
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Nenhum Arquivo
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Nenhum Arquivo
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\WALLACE\AppData\Roaming\Mozilla\Firefox\Profiles\09xrozxj.default-1392854782758
FF Homepage: hxxps://www.google.com.br/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-08] ()
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_73\bin\new_plugin\npjp2.dll [Nenhum Arquivo]
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-14] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-08] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll [2014-01-29] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll [2012-04-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin HKU\S-1-5-21-3721557081-392497480-4232120922-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\WALLACE\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3721557081-392497480-4232120922-1000: @tools.google.com/Google Update;version=3 -> C:\Users\WALLACE\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-3721557081-392497480-4232120922-1000: @tools.google.com/Google Update;version=9 -> C:\Users\WALLACE\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-3721557081-392497480-4232120922-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\WALLACE\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-02-14] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3721557081-392497480-4232120922-1000: gastecnologia.com.br/sf/cef -> C:\Users\WALLACE\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3721557081-392497480-4232120922-1000: gastecnologia.com.br/sf/cef64 -> C:\Users\WALLACE\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [2014-12-09] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Extension: YouTube mp3 - C:\Users\WALLACE\AppData\Roaming\Mozilla\Firefox\Profiles\09xrozxj.default-1392854782758\Extensions\info@youtube-mp3.org.xpi [2015-06-02]
FF Extension: Video DownloadHelper - C:\Users\WALLACE\AppData\Roaming\Mozilla\Firefox\Profiles\09xrozxj.default-1392854782758\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-04-12]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-04-11] [não assinado]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.delta-search.com/?affID=119352&tt=gc_&babsrc=HP_ss&mntrId=B67EF46D049FA20B
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR Plugin: (Native Client) - C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\49.0.2623.112\ppGoogleNaClPluginChrome.dll => Nenhum Arquivo
CHR Plugin: (Chrome PDF Viewer) - C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\49.0.2623.112\pdf.dll => Nenhum Arquivo
CHR Plugin: (Shockwave Flash) - C:\Users\WALLACE\AppData\Local\Google\Chrome\Application\49.0.2623.112\gcswf32.dll => Nenhum Arquivo
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll => Nenhum Arquivo
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll => Nenhum Arquivo
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll => Nenhum Arquivo
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll => Nenhum Arquivo
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (Google Update) - C:\Users\WALLACE\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Nenhum Arquivo
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll => Nenhum Arquivo
CHR Profile: C:\Users\WALLACE\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Tradutor) - C:\Users\WALLACE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-11-18]
CHR Extension: (YouTube Center) - C:\Users\WALLACE\AppData\Local\Google\Chrome\User Data\Default\Extensions\gabnjlibfmlilpljjkkbkebfaopgpjmk [2014-04-10]
CHR Extension: (Google Keep - notas e listas) - C:\Users\WALLACE\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-04-20]
CHR Extension: (Tradutor Instantâneo) - C:\Users\WALLACE\AppData\Local\Google\Chrome\User Data\Default\Extensions\llbgemcdagkgoadleloeknekmleipabh [2014-04-08]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\WALLACE\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2016-04-21]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\WALLACE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Auto-Translate) - C:\Users\WALLACE\AppData\Local\Google\Chrome\User Data\Default\Extensions\obgoiaeapddkeekbocomnjlckbbfapmk [2016-01-11]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\WALLACE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2014-12-12]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S4 Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376 2006-02-28] (Apple Computer, Inc.) [Arquivo não assinado]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-06-02] (Macrovision Europe Ltd.) [Arquivo não assinado]
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [593120 2015-09-22] (GAS Tecnologia)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2011-06-02] () [Arquivo não assinado]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [12784 2011-04-27] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [288272 2011-04-27] (Microsoft Corporation)
R2 scpVista; C:\Program Files (x86)\Scpad\scpVista.exe [360640 2013-02-14] (Banco Bradesco S.A.) [Arquivo não assinado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 wampapache; c:\wamp\bin\apache\apache2.4.9\bin\httpd.exe [22016 2014-05-01] (Apache Software Foundation) [Arquivo não assinado]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.6.17\bin\mysqld.exe [10959360 2014-05-01] () [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [904928 2016-03-04] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [52032 2013-12-17] (Baidu, Inc.)
R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [34624 2013-12-17] (Baidu, Inc.)
R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [128448 2013-12-18] (Baidu, Inc.)
S3 CA561; C:\Windows\System32\Drivers\SPCA561.SYS [141056 2006-05-23] (SP)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S0 GbpKm; C:\Windows\SysWOW64\drivers\gbpkm.sys [47720 2012-10-04] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-03] (GAS Tecnologia)
R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [189440 2011-04-18] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
R3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-09-27] (Marvell Semiconductor, Inc.)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [84864 2011-04-27] (Microsoft Corporation)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-09-02] (GAS Tecnologia LTDA)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert64.sys [38104 2016-03-04] (Basil)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2016-04-24] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [103640 2015-03-18] (GAS Tecnologia)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S1 sajsjcdu; \??\C:\Windows\system32\drivers\sajsjcdu.sys [X]
S1 SASDIFSV; \??\C:\Users\WALLACE\AppData\Local\Temp\SuperAntiSpyware\SASDIFSV.SYS [X]
S1 SASKUTIL; \??\C:\Users\WALLACE\AppData\Local\Temp\SuperAntiSpyware\SASKUTIL.SYS [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-04-24 13:10 - 2016-04-24 13:11 - 00024426 _____ C:\Users\WALLACE\Desktop\FRST.txt
2016-04-24 13:07 - 2016-04-24 13:10 - 00000000 ____D C:\FRST
2016-04-24 13:07 - 2016-04-24 13:06 - 02375680 _____ (Farbar) C:\Users\WALLACE\Desktop\FRST64.exe
2016-04-22 13:51 - 2016-04-22 13:51 - 00094120 _____ C:\Users\WALLACE\Documents\machadoadvogados.com.br_2016_03_01_imposto-de-renda-como.pdf
2016-04-22 09:39 - 2016-04-22 11:39 - 00077899 _____ C:\Users\WALLACE\Desktop\Extrato para Imposto de Renda - v1.3.pdf
2016-04-21 20:19 - 2016-04-21 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2016-04-21 19:57 - 2016-04-21 20:54 - 00000000 ____D C:\xampp
2016-04-21 19:53 - 2016-04-21 19:53 - 00000000 ____D C:\Users\WALLACE\Desktop\winrar
2016-04-21 19:27 - 2016-04-21 19:28 - 00000000 ____D C:\Users\WALLACE\Desktop\PDF
2016-04-20 19:47 - 2016-04-20 19:47 - 00000000 ____D C:\Users\WALLACE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicativos do Google Chrome
2016-04-15 19:13 - 2016-04-15 19:13 - 00000000 ____D C:\Users\WALLACE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-14 19:24 - 2016-04-14 19:49 - 00000000 ____D C:\Users\WALLACE\Desktop\fotos
2016-04-13 22:28 - 2016-04-13 22:28 - 10631336 _____ (MEGA Limited) C:\Users\WALLACE\Downloads\MEGAsyncSetup.exe
2016-04-11 19:13 - 2016-04-13 05:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-11 18:30 - 2016-04-11 18:30 - 00012391 _____ C:\Users\WALLACE\Documents\Relatorio.pdf
2016-04-10 16:43 - 2016-04-10 16:43 - 00280196 _____ C:\Users\WALLACE\Desktop\PORTAL 012016 CSV.csv
2016-04-10 13:09 - 2016-04-10 13:09 - 00000589 _____ C:\Users\WALLACE\Desktop\WampServer.lnk
2016-04-10 13:09 - 2016-04-10 13:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WampServer
2016-04-10 13:05 - 2016-04-10 13:14 - 00000000 ____D C:\wamp
2016-04-10 13:04 - 2013-09-05 16:18 - 00875472 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr110.dll
2016-04-10 13:03 - 2015-09-22 21:33 - 00000937 _____ C:\Users\WALLACE\Desktop\readme.txt
2016-04-10 13:03 - 2013-09-05 16:18 - 00875472 _____ (Microsoft Corporation) C:\Windows\msvcr110.dll
2016-04-10 13:03 - 2013-09-05 16:18 - 00875472 _____ (Microsoft Corporation) C:\msvcr110.dll
2016-04-10 10:45 - 2013-11-25 14:44 - 00019392 _____ (Dll-Files.com) C:\Windows\system32\roboot64.exe
2016-04-08 20:35 - 2016-04-09 10:51 - 00000000 ____D C:\Users\WALLACE\Desktop\lante uff
2016-04-06 20:19 - 2016-04-06 20:19 - 00000000 ____D C:\Users\WALLACE\Desktop\DESLIGAMENTO AUTOMÁTICO DO PC
2016-03-29 14:54 - 2016-03-29 15:54 - 00000000 ____D C:\Users\WALLACE\Desktop\Hirens.BootCD.15.2
2016-03-29 08:33 - 2016-03-29 14:54 - 00000000 ____D C:\Users\WALLACE\Desktop\grub4dos
2016-03-15 16:00 - 2016-03-22 15:57 - 00056583 _____ C:\Users\WALLACE\Desktop\esquema de rede PBO.xlsx
2016-03-14 13:16 - 2016-03-14 13:16 - 00041491 _____ C:\Users\WALLACE\Desktop\Cadastro-de-Clientes.xlsb
2016-03-05 13:45 - 2016-03-05 13:45 - 00002221 _____ C:\Users\Public\Desktop\Receitanet 1.07 .lnk
2016-03-05 13:45 - 2016-03-05 13:45 - 00000176 _____ C:\Windows\REC-NET.INI
2016-03-05 13:45 - 2016-03-05 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB
2016-03-04 09:27 - 2016-04-24 09:23 - 00101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-03-04 09:27 - 2015-05-05 09:02 - 00522040 _____ (GAS Tecnologia) C:\Windows\system32\gbpdist.exe
2016-03-04 09:27 - 2015-03-18 10:23 - 00103640 ____N (GAS Tecnologia) C:\Windows\system32\Drivers\wsddpp.sys
2016-03-03 09:27 - 2016-03-05 13:43 - 00001724 _____ C:\Users\WALLACE\Desktop\IRPF2016 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk
2016-03-03 09:27 - 2016-03-03 09:27 - 00000000 ____D C:\Users\WALLACE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2016
2016-02-27 23:15 - 2016-02-27 23:15 - 02040945 _____ C:\Users\WALLACE\Desktop\9-passos-para-viver-em-Alta-Performance.epub
2016-02-27 21:50 - 2016-02-27 22:51 - 02613430 _____ C:\Users\WALLACE\Desktop\21_sacadas.epub
2016-02-26 15:50 - 2016-02-26 15:50 - 00001250 _____ C:\Users\WALLACE\Desktop\On-Screen Keyboard.lnk
2016-02-14 14:28 - 2016-02-14 14:24 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-02-14 14:26 - 2016-02-14 14:26 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-02-14 14:25 - 2016-02-14 14:27 - 00000000 ____D C:\Users\WALLACE\.oracle_jre_usage
2016-02-14 14:25 - 2016-02-14 14:25 - 00000000 ____D C:\Users\WALLACE\AppData\Roaming\Sun
2016-02-14 14:23 - 2016-02-14 14:30 - 00000000 ____D C:\Users\Todos os Usuários\Oracle
2016-02-14 14:23 - 2016-02-14 14:30 - 00000000 ____D C:\ProgramData\Oracle
2016-02-14 13:50 - 2016-02-14 13:50 - 00000000 ____D C:\Users\WALLACE\AppData\LocalLow\Oracle
2016-02-04 08:44 - 2016-02-04 08:44 - 00106529 _____ C:\Users\WALLACE\Documents\file.download.pdf
2016-02-03 13:15 - 2016-02-03 13:15 - 24453672 _____ (Receita Federal do Brasil) C:\Users\WALLACE\Desktop\IRPF2015win32v1.3.exe
2016-02-03 13:00 - 2016-02-03 13:01 - 00012394 _____ C:\Users\WALLACE\Documents\Relatorio (1).pdf
2016-02-01 20:43 - 2016-02-01 20:43 - 07836556 _____ C:\Users\WALLACE\Documents\QUIMICA_livro.pdf
2016-02-01 20:40 - 2016-02-01 20:41 - 00467470 _____ C:\Users\WALLACE\Documents\cm_10_11__0.zip

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-04-24 13:10 - 2015-06-18 16:57 - 00001038 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3721557081-392497480-4232120922-1000UA.job
2016-04-24 12:22 - 2014-02-23 22:34 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-24 12:21 - 2011-11-11 21:44 - 00001086 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3721557081-392497480-4232120922-1000UA.job
2016-04-24 11:22 - 2013-08-17 20:17 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3721557081-392497480-4232120922-1000UA.job
2016-04-24 10:43 - 2009-07-14 01:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-24 10:43 - 2009-07-14 01:45 - 00016944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-24 09:26 - 2012-11-22 10:27 - 00000000 ___RD C:\Users\WALLACE\Dropbox
2016-04-24 09:22 - 2011-11-12 09:08 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-04-24 09:22 - 2009-07-14 02:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-23 21:10 - 2015-06-18 16:57 - 00000986 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3721557081-392497480-4232120922-1000Core.job
2016-04-23 20:22 - 2013-08-17 20:17 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3721557081-392497480-4232120922-1000Core.job
2016-04-22 14:21 - 2011-11-11 21:44 - 00001034 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3721557081-392497480-4232120922-1000Core.job
2016-04-22 14:09 - 2012-03-05 22:49 - 00000000 ____D C:\Users\WALLACE\.receitanet
2016-04-22 09:30 - 2013-09-17 18:24 - 00000000 ____D C:\Users\WALLACE\AppData\Roaming\Skype
2016-04-22 04:57 - 2011-11-11 06:01 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-21 20:57 - 2015-04-15 21:04 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-04-21 20:57 - 2015-04-15 21:04 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-21 19:55 - 2013-08-18 22:41 - 00000000 ____D C:\Users\WALLACE\Desktop\site
2016-04-18 16:12 - 2013-09-09 16:21 - 00129024 ___SH C:\Users\WALLACE\Documents\Thumbs.db
2016-04-17 09:12 - 2011-11-25 06:22 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-04-16 09:43 - 2011-11-12 09:08 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-04-16 09:43 - 2011-11-12 09:08 - 00000000 ____D C:\ProgramData\GbPlugin
2016-04-15 19:14 - 2013-04-25 09:31 - 00000000 ____D C:\Users\WALLACE\AppData\Roaming\Dropbox
2016-04-14 16:09 - 2015-11-02 20:25 - 00000000 ____D C:\Users\WALLACE\Desktop\LIVROS
2016-04-13 05:54 - 2012-05-10 17:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-10 14:19 - 2011-06-11 16:28 - 00018742 _____ C:\Windows\Ascd_tmp.ini
2016-04-10 14:19 - 2011-06-01 19:20 - 00001769 _____ C:\Windows\Language_trs.ini
2016-04-10 10:45 - 2013-04-08 10:56 - 00000000 ____D C:\Users\Todos os Usuários\TEMP
2016-04-10 10:45 - 2013-04-08 10:56 - 00000000 ____D C:\ProgramData\TEMP
2016-04-08 18:22 - 2014-02-23 22:34 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-08 18:22 - 2012-04-28 15:42 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-08 18:22 - 2011-11-12 09:41 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-05 20:38 - 2013-02-28 23:44 - 00000000 ____D C:\Users\WALLACE\Desktop\MARI EXERCICIOS
2016-04-03 09:31 - 2009-07-14 02:08 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-03-29 08:02 - 2009-07-29 13:08 - 00704982 _____ C:\Windows\system32\prfh0416.dat
2016-03-29 08:02 - 2009-07-29 13:08 - 00146668 _____ C:\Windows\system32\prfc0416.dat
2016-03-29 08:02 - 2009-07-14 02:13 - 01633428 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-29 08:02 - 2009-07-14 00:20 - 00000000 ____D C:\Windows\inf

==================== Arquivos na raiz de alguns diretórios =======

2016-04-10 13:04 - 2013-09-05 16:18 - 0875472 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr110.dll
2012-01-10 20:35 - 2012-01-10 20:35 - 0013035 _____ () C:\Users\WALLACE\AppData\Roaming\1EE6.exe
2012-01-02 19:01 - 2012-01-02 19:01 - 0000000 _____ () C:\Users\WALLACE\AppData\Roaming\9CEB.exe
2012-01-06 12:16 - 2012-01-06 12:16 - 0013054 _____ () C:\Users\WALLACE\AppData\Roaming\BCA9.exe
2012-01-10 20:35 - 2012-01-10 20:35 - 0012959 _____ () C:\Users\WALLACE\AppData\Roaming\F095.exe
2015-11-30 07:56 - 2015-11-30 07:56 - 0016702 _____ () C:\Users\WALLACE\AppData\Roaming\unins000.dat
2015-11-30 07:56 - 2015-11-30 07:56 - 0730322 _____ () C:\Users\WALLACE\AppData\Roaming\unins000.exe
2013-02-22 14:57 - 2013-02-22 14:57 - 0000000 _____ () C:\Users\WALLACE\AppData\Local\90DBB05Cw.txt
2013-02-22 14:56 - 2013-02-22 14:57 - 4003840 _____ () C:\Users\WALLACE\AppData\Local\libmysql.dll
2013-02-22 14:57 - 2013-02-23 05:59 - 0000122 _____ () C:\Users\WALLACE\AppData\Local\new.txt
2013-02-22 14:57 - 2013-02-22 14:57 - 0731136 _____ () C:\Users\WALLACE\AppData\Local\resolver.exe
2013-02-22 14:57 - 2013-02-22 14:57 - 0000000 _____ () C:\Users\WALLACE\AppData\Local\sql.txt
2013-02-22 14:57 - 2013-02-22 14:57 - 0000283 _____ () C:\Users\WALLACE\AppData\Local\uber.txt
2013-11-22 08:40 - 2013-11-22 08:40 - 0170344 _____ (Baidu, Inc.) C:\ProgramData\FileSplitUpLoad.dll
2013-06-13 11:08 - 2011-02-23 13:22 - 0024772 _____ () C:\ProgramData\P1100DEF.css
2013-06-13 11:08 - 2013-06-13 11:08 - 0004151 _____ () C:\ProgramData\P1100OS.HTM
2013-06-13 11:08 - 2011-02-23 13:22 - 0002944 _____ () C:\ProgramData\P1100SIG.GIF

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\FileSplitUpLoad.dll
C:\Users\Todos os Usuários\FileSplitUpLoad.dll


Alguns arquivos em TEMP:
====================
C:\Users\WALLACE\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfl90lz.dll
C:\Users\WALLACE\AppData\Local\Temp\GUR4124.exe
C:\Users\WALLACE\AppData\Local\Temp\GUR51F6.exe
C:\Users\WALLACE\AppData\Local\Temp\GUR5205.exe
C:\Users\WALLACE\AppData\Local\Temp\GUR5724.exe
C:\Users\WALLACE\AppData\Local\Temp\GUR9146.exe
C:\Users\WALLACE\AppData\Local\Temp\GURBB04.exe
C:\Users\WALLACE\AppData\Local\Temp\GUREA1F.exe
C:\Users\WALLACE\AppData\Local\Temp\HPPSdr.exe
C:\Users\WALLACE\AppData\Local\Temp\jre-8u73-windows-au.exe
C:\Users\WALLACE\AppData\Local\Temp\restorer1.0.0.1.exe
C:\Users\WALLACE\AppData\Local\Temp\{397E31AA-0D78-4649-A01C-339D73A2ED35}_NSS_15429.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-04-18 11:11

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité