Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 21-08-2016 01
Executado por ISAIAS (administrador) em ISAIAS-PC (25-08-2016 18:50:44)
Executando a partir de C:\Users\ISAIAS\Desktop
Perfis Carregados: ISAIAS (Perfis Disponíveis: ISAIAS)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE
() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(ArcSoft, Inc.) C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Zemana Ltd.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll [2015-10-20] (Banco do Brasil)
Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll [2016-08-21] (Caixa Economica Federal)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2008-07-15] (Sony Corporation)
HKU\S-1-5-21-3892671904-924784273-1446608767-1000\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-3892671904-924784273-1446608767-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3892671904-924784273-1446608767-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES\GbPlugin\gbieh.dll [1945472 2015-10-20] (Banco do Brasil)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES\GbPlugin\gbiehcef.dll [1903328 2016-08-21] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2005-03-05] (Autodesk)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-22]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 186.226.6.200 186.226.6.201
Tcpip\..\Interfaces\{658BD3FE-5E57-4930-85FE-EF18F637B1A7}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{658BD3FE-5E57-4930-85FE-EF18F637B1A7}: [DhcpNameServer] 186.226.6.200 186.226.6.201
Tcpip\..\Interfaces\{803A8E8F-63A9-4E12-AD24-5FC7651E7FD0}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3892671904-924784273-1446608767-1000 -> DefaultScope {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-20] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES\GBPLUGIN\gbieh.dll [2015-10-20] (Banco do Brasil)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\PROGRAM FILES\GBPLUGIN\gbiehcef.dll [2016-08-21] (Caixa Economica Federal)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-07] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\ISAIAS\AppData\Roaming\Mozilla\Firefox\Profiles\0c79ypmt.default-1409795981297
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2009-11-05] (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-12] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3892671904-924784273-1446608767-1000: gastecnologia.com.br/sf/bb -> C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-03-06] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3892671904-924784273-1446608767-1000: gastecnologia.com.br/sf/cef -> C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2010-02-02] (RealNetworks, Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-25] [não assinado]
FF HKU\S-1-5-21-3892671904-924784273-1446608767-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: (GBBD Banco do Brasil) - C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2015-03-26] [não assinado]
FF HKU\S-1-5-21-3892671904-924784273-1446608767-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: (GBBD Caixa Economica Federal) - C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2015-10-01] [não assinado]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
"Warsaw Technology" => serviço foi desbloqueado. <===== ATENÇÃO
R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2008-10-03] (Macrovision Europe Ltd.) [Arquivo não assinado]
R2 GbpSv; C:\Program Files\GbPlugin\gbpsv.exe [631520 2016-08-22] (GAS Tecnologia)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2008-05-20] (Sony Corporation) [Arquivo não assinado]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [Arquivo não assinado]
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2008-05-20] (Sony Corporation) [Arquivo não assinado]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [Arquivo não assinado]
S3 SOHCImp; C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-05-20] (Sony Corporation)
S3 SOHDms; C:\Program Files\Sony\VAIO Media plus\SOHDms.exe [353568 2008-05-20] (Sony Corporation)
S3 SOHDs; C:\Program Files\Sony\VAIO Media plus\SOHDs.exe [62752 2008-05-20] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2008-05-20] (Sony Corporation) [Arquivo não assinado]
R2 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [104960 2008-03-25] (ArcSoft, Inc.)
S2 UI Assistant Service; C:\Program Files\Join Air\AssistantServices.exe [270672 2011-09-14] ()
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-05-22] (Sony Corporation) [Arquivo não assinado]
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182112 2008-07-15] (Sony Corporation)
R2 VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [411488 2008-08-06] (Sony Corporation)
R2 VCFw; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [415744 2008-06-20] (Sony Corporation) [Arquivo não assinado]
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [337184 2008-06-11] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-06-19] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-05-22] (Sony Corporation) [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [529632 2015-11-04] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [12831984 2016-02-18] (Zemana Ltd.)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [17408 2008-01-30] (ArcSoft, Inc.)
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [49496 2015-08-26] (GAS Tecnologia)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [130936 2009-04-03] (PC Tools)
S3 s916bus; C:\Windows\System32\DRIVERS\s916bus.sys [83496 2007-11-02] (MCCI Corporation)
S3 s916mdfl; C:\Windows\System32\DRIVERS\s916mdfl.sys [15016 2007-11-02] (MCCI Corporation)
S3 s916mdm; C:\Windows\System32\DRIVERS\s916mdm.sys [109992 2007-11-02] (MCCI Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert32.sys [31448 2015-07-07] (Basil)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [80728 2016-08-25] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [79064 2015-03-18] (GAS Tecnologia)
R1 ZAM; C:\Windows\System32\drivers\zam32.sys [179448 2016-03-01] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard32.sys [179448 2016-03-01] (Zemana Ltd.)
S3 zte_cdc_acm; C:\Windows\System32\DRIVERS\zte_cdc_acm.sys [67968 2011-09-17] (ZTE)
S3 zte_cpo; C:\Windows\System32\DRIVERS\zte_cpo.sys [9984 2011-09-17] (ZTE)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S0 gbpddreg; system32\drivers\gbpddreg32.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-25 18:50 - 2016-08-25 18:51 - 00016343 _____ C:\Users\ISAIAS\Desktop\FRST.txt
2016-08-25 18:47 - 2016-08-25 18:50 - 00000000 ____D C:\FRST
2016-08-25 18:46 - 2016-08-25 18:46 - 01746432 _____ (Farbar) C:\Users\ISAIAS\Desktop\FRST.exe
2016-08-24 22:48 - 2016-08-25 16:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-08-23 23:14 - 2016-08-24 04:44 - 00000000 ____D C:\Users\ISAIAS\Downloads\Dirty Grandpa 2016 1080p BluRay x264 DTS-JYK
2016-08-23 23:11 - 2016-08-23 23:22 - 00000000 ____D C:\Users\ISAIAS\Downloads\The Nice Guys 2016 1080p BluRay x264 DTS-JYK
2016-08-23 23:09 - 2016-08-23 23:14 - 00000000 ____D C:\Users\ISAIAS\Downloads\Money Monster 2016 1080p BluRay x264 DTS-JYK
2016-08-23 18:49 - 2016-08-23 18:51 - 00000000 ____D C:\Users\ISAIAS\Downloads\Fear.the.Walking.Dead.S02E08.WEB-DL.x264-FUM[ettv]
2016-08-22 19:52 - 2016-08-23 23:37 - 00212596 _____ C:\Windows\hpoins43.dat
2016-08-22 19:52 - 2010-01-30 10:11 - 00000601 ____N C:\Windows\hpomdl43.dat
2016-08-22 19:36 - 2009-02-11 08:03 - 00966656 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpost_p02c.dll
2016-08-22 19:36 - 2009-02-11 08:03 - 00712704 _____ (Hewlett-Packard) C:\Windows\system32\hposwia_p02c.dll
2016-08-22 19:36 - 2009-02-11 08:03 - 00315392 _____ (Hewlett-Packard Co.) C:\Windows\system32\hposc_p02a.dll
2016-08-22 19:36 - 2008-10-28 21:27 - 00372736 _____ (Hewlett-Packard) C:\Windows\system32\hppldcoi.dll
2016-08-22 19:33 - 2016-08-22 19:36 - 00000000 ____D C:\Users\ISAIAS\Downloads\PS_AIO_06_C4700_USW_Full_Win_WW_140_175-4(1)
2016-08-22 19:10 - 2016-08-22 19:10 - 00000000 ____D C:\Users\ISAIAS\Downloads\setup
2016-08-22 19:00 - 2016-08-22 19:13 - 156964432 _____ C:\Users\ISAIAS\Downloads\PS_AIO_06_C4700_USW_Full_Win_WW_140_175-4(1).exe
2016-08-20 23:31 - 2016-08-21 18:22 - 00000000 ____D C:\Users\ISAIAS\Downloads\The.Two.Faces.of.January.2014.1080p.BluRay.DTS.x264-tomcat12[ETRG]
2016-08-20 23:30 - 2016-08-21 00:41 - 00000000 ____D C:\Users\ISAIAS\Downloads\The Program 2015 1080p BluRay x264 DTS-JYK
2016-08-13 13:43 - 2016-08-13 12:23 - 00212568 ____N C:\Windows\hpoins43.dat.temp
2016-08-13 13:43 - 2010-01-30 10:11 - 00000601 ____N C:\Windows\hpomdl43.dat.temp
2016-08-13 12:04 - 2016-08-13 12:09 - 00000000 ____D C:\Users\ISAIAS\AppData\Roaming\HpUpdate
2016-08-13 12:01 - 2016-08-13 12:01 - 00001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Central de Soluções HP.lnk
2016-08-13 11:57 - 2016-08-22 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-08-13 11:54 - 2009-04-16 14:08 - 00123904 _____ (Hewlett-Packard Company) C:\Windows\system32\hpf3l70v.dll
2016-08-13 11:39 - 2009-04-16 08:53 - 00452408 _____ (Hewlett-Packard) C:\Windows\system32\hpzids01.dll
2016-08-06 17:29 - 2016-08-06 17:45 - 00000000 ____D C:\Users\ISAIAS\Downloads\In Secret (2013) [1080p]
2016-08-04 21:50 - 2016-08-06 22:52 - 00000000 ____D C:\Users\ISAIAS\Downloads\Wish.I.Was.Here.2014.1080p.BluRay.x264.anoXmous
2016-07-26 19:59 - 2016-07-26 22:18 - 00000000 ____D C:\Users\ISAIAS\Downloads\Draft.Day.2014.BRRip.720P.AAC.x264-Masta[ETRG]
2016-07-25 03:13 - 2016-06-10 11:19 - 02071040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-25 03:10 - 2016-06-25 12:37 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-25 03:10 - 2016-06-25 12:37 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-25 03:10 - 2016-06-25 12:37 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-25 03:10 - 2016-06-25 12:37 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-25 03:10 - 2016-06-25 11:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-24 22:13 - 2016-07-24 22:15 - 00000000 ____D C:\Users\ISAIAS\Downloads\When.the.Game.Stands.Tall.2014.HDRip.XviD.AC3-EVO
2016-07-24 14:01 - 2016-06-20 14:50 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-24 14:01 - 2016-06-20 14:48 - 12842496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-24 14:01 - 2016-06-20 14:46 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-24 14:01 - 2016-06-20 14:45 - 09755136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-24 14:01 - 2016-06-20 14:45 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-24 14:01 - 2016-06-20 14:44 - 01129984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-24 14:01 - 2016-06-20 14:43 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-24 14:01 - 2016-06-20 14:43 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-24 14:01 - 2016-06-20 14:43 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-24 14:01 - 2016-06-20 14:43 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-24 14:01 - 2016-06-20 14:43 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-07-24 14:01 - 2016-06-20 14:43 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-24 14:01 - 2016-06-20 14:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-24 14:01 - 2016-06-20 14:42 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-24 14:01 - 2016-06-20 14:42 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-24 14:01 - 2016-06-20 14:42 - 00354304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-24 14:01 - 2016-06-20 14:42 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-24 14:01 - 2016-06-20 14:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-24 14:01 - 2016-06-20 14:42 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-24 14:01 - 2016-06-20 14:42 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-07-24 14:01 - 2016-06-20 14:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-07-24 14:01 - 2016-06-20 14:42 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-07-05 23:32 - 2016-07-05 23:32 - 00000000 ____D C:\Users\ISAIAS\Downloads\Words and Pictures (2013) [1080p]
2016-07-02 12:01 - 2016-07-02 12:01 - 00547520 _____ C:\Users\ISAIAS\Downloads\Edital Ret. CP-CSM-CD.pdf
2016-06-25 10:06 - 2016-06-25 11:18 - 00000000 ____D C:\Users\ISAIAS\Downloads\The.Good.Lie.2014.LIMITED.1080p.BluRay.H264.AAC-RARBG
2016-06-16 08:17 - 2016-05-18 12:33 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-16 08:15 - 2016-05-12 12:34 - 00582144 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-16 08:15 - 2016-05-12 12:34 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-16 08:15 - 2016-05-12 12:34 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-16 08:15 - 2016-05-12 12:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-16 08:15 - 2016-05-12 12:33 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-16 08:15 - 2016-05-12 12:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-16 08:15 - 2016-05-10 12:31 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-16 08:15 - 2016-05-10 12:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-16 08:15 - 2016-05-10 12:31 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-16 08:15 - 2016-05-10 11:28 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-16 08:15 - 2016-05-10 11:28 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-16 08:13 - 2016-05-12 11:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-16 08:09 - 2016-05-14 12:47 - 00306408 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-16 08:09 - 2016-05-14 12:41 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-16 08:09 - 2016-05-14 12:41 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-16 08:09 - 2016-05-14 12:41 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-06-16 08:09 - 2016-05-14 11:19 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-16 08:09 - 2016-05-14 11:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-16 08:09 - 2016-05-14 11:18 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-16 08:09 - 2016-05-11 10:09 - 00440552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-25 18:45 - 2015-07-10 12:00 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-25 18:18 - 2009-07-23 09:40 - 00000000 ___SD C:\Users\ISAIAS\AppData\LocalLow\Temp
2016-08-25 18:15 - 2009-03-15 15:32 - 00000000 ____D C:\Arquivos
2016-08-25 18:14 - 2015-07-27 00:25 - 00000000 ____D C:\ProgramData\GbPlugin
2016-08-25 17:11 - 2006-11-02 09:45 - 00003616 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-25 17:11 - 2006-11-02 09:45 - 00003616 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-25 16:52 - 2012-05-07 23:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-08-25 16:51 - 2015-04-12 00:30 - 00000000 ____D C:\ProgramData\MCShield
2016-08-25 15:13 - 2015-11-20 23:26 - 00080728 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-08-25 15:11 - 2010-06-03 14:03 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-08-25 15:11 - 2006-11-02 09:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-25 15:08 - 2016-03-01 15:37 - 00000620 _____ C:\Windows\ZAM.krnl.trace
2016-08-25 15:08 - 2016-03-01 15:37 - 00000119 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-08-24 23:04 - 2006-11-02 09:58 - 00032606 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-08-24 23:03 - 2016-02-15 15:35 - 00000000 ____D C:\Users\ISAIAS\Desktop\Marilene especialização
2016-08-24 07:23 - 2009-03-26 16:03 - 00000000 ____D C:\Users\ISAIAS\AppData\Roaming\uTorrent
2016-08-23 23:32 - 2009-03-15 16:03 - 00000000 ____D C:\Users\ISAIAS\AppData\Local\Last.fm
2016-08-23 22:59 - 2008-01-21 03:33 - 01588732 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-23 22:59 - 2008-01-21 03:32 - 00685792 _____ C:\Windows\system32\prfh0416.dat
2016-08-23 22:59 - 2008-01-21 03:32 - 00144846 _____ C:\Windows\system32\prfc0416.dat
2016-08-23 22:59 - 2006-11-02 08:18 - 00000000 ____D C:\Windows\inf
2016-08-23 20:28 - 2012-10-21 22:25 - 00000000 ____D C:\Users\ISAIAS\Downloads\legendas
2016-08-23 20:26 - 2013-01-11 14:23 - 00000000 ____D C:\Users\ISAIAS\AppData\Roaming\vlc
2016-08-23 20:19 - 2009-05-24 17:48 - 00000000 ____D C:\Users\ISAIAS\Desktop\Proteção; Limpadores
2016-08-23 18:43 - 2015-09-18 16:57 - 00000000 ____D C:\Users\ISAIAS\AppData\LocalLow\uTorrent
2016-08-22 20:25 - 2006-11-02 07:23 - 00000179 _____ C:\Windows\win.ini
2016-08-22 20:22 - 2010-03-11 15:04 - 00000000 ____D C:\Program Files\GbPlugin
2016-08-22 20:09 - 2009-03-29 17:52 - 00000000 ____D C:\Program Files\HP
2016-08-22 20:06 - 2009-03-29 15:31 - 00000000 ____D C:\ProgramData\HP
2016-08-22 20:03 - 2009-03-14 23:45 - 00000000 ____D C:\Users\ISAIAS
2016-08-17 16:55 - 2009-03-14 23:45 - 00080496 _____ C:\Users\ISAIAS\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-17 16:53 - 2006-11-02 09:44 - 00326512 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-17 00:06 - 2013-10-27 22:58 - 00000000 ____D C:\Users\ISAIAS\AppData\Roaming\Litecoin
2016-08-16 21:51 - 2014-01-16 22:00 - 00000000 ____D C:\Users\ISAIAS\Desktop\Documentacao ingrid
2016-08-16 21:41 - 2009-08-09 11:30 - 00000000 ____D C:\Users\ISAIAS\Desktop\como administrar suas finanças
2016-08-16 21:40 - 2008-10-03 14:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-16 21:22 - 2008-10-03 14:19 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-08-16 21:22 - 2008-10-03 14:16 - 00000000 ____D C:\Program Files\Microsoft Office
2016-08-16 21:22 - 2006-11-02 08:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-15 22:52 - 2009-03-15 15:35 - 00206336 _____ C:\Users\ISAIAS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-08 20:54 - 2015-08-18 21:49 - 00000000 ____D C:\Users\ISAIAS\AppData\Local\CutePDF Writer
2016-07-26 14:24 - 2010-08-07 17:59 - 00406184 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Arquivos na raiz de alguns diretórios =======
2015-03-24 19:36 - 2015-03-24 19:36 - 0017872 _____ () C:\Users\ISAIAS\AppData\Roaming\unins000.dat
2015-10-01 17:50 - 2015-10-01 17:50 - 0017580 _____ () C:\Users\ISAIAS\AppData\Roaming\unins001.dat
2015-10-01 17:50 - 2015-10-01 17:50 - 0730322 _____ () C:\Users\ISAIAS\AppData\Roaming\unins001.exe
2009-03-24 15:40 - 2012-01-30 20:18 - 0006648 _____ () C:\Users\ISAIAS\AppData\Local\d3d9caps.dat
2009-03-15 15:35 - 2016-08-15 22:52 - 0206336 _____ () C:\Users\ISAIAS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-03-29 16:14 - 2016-08-23 23:37 - 0021213 _____ () C:\ProgramData\hpzinstall.log
2011-11-05 20:55 - 2011-11-05 20:55 - 0001492 _____ () C:\ProgramData\ss.ini
ZeroAccess:
C:\Users\ISAIAS\AppData\Local\47df7cd1
C:\Users\ISAIAS\AppData\Local\47df7cd1\@
Alguns arquivos em TEMP:
====================
C:\Users\ISAIAS\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\ISAIAS\AppData\Local\Temp\jre-8u91-windows-au.exe
Alguns com tamanho de zero byte arquivos/pastas:
==========================
C:\Windows\System32\FunctionDiscoveryFolder.dll
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-08-25 16:56
==================== Fim de FRST.txt ============================
Executado por ISAIAS (administrador) em ISAIAS-PC (25-08-2016 18:50:44)
Executando a partir de C:\Users\ISAIAS\Desktop
Perfis Carregados: ISAIAS (Perfis Disponíveis: ISAIAS)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE
() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(ArcSoft, Inc.) C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Zemana Ltd.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll [2015-10-20] (Banco do Brasil)
Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll [2016-08-21] (Caixa Economica Federal)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2008-07-15] (Sony Corporation)
HKU\S-1-5-21-3892671904-924784273-1446608767-1000\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-3892671904-924784273-1446608767-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3892671904-924784273-1446608767-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES\GbPlugin\gbieh.dll [1945472 2015-10-20] (Banco do Brasil)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES\GbPlugin\gbiehcef.dll [1903328 2016-08-21] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2005-03-05] (Autodesk)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-22]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 186.226.6.200 186.226.6.201
Tcpip\..\Interfaces\{658BD3FE-5E57-4930-85FE-EF18F637B1A7}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{658BD3FE-5E57-4930-85FE-EF18F637B1A7}: [DhcpNameServer] 186.226.6.200 186.226.6.201
Tcpip\..\Interfaces\{803A8E8F-63A9-4E12-AD24-5FC7651E7FD0}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3892671904-924784273-1446608767-1000 -> DefaultScope {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-20] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES\GBPLUGIN\gbieh.dll [2015-10-20] (Banco do Brasil)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\PROGRAM FILES\GBPLUGIN\gbiehcef.dll [2016-08-21] (Caixa Economica Federal)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-20] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-07] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\ISAIAS\AppData\Roaming\Mozilla\Firefox\Profiles\0c79ypmt.default-1409795981297
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2009-11-05] (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-12] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3892671904-924784273-1446608767-1000: gastecnologia.com.br/sf/bb -> C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-03-06] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3892671904-924784273-1446608767-1000: gastecnologia.com.br/sf/cef -> C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2010-02-02] (RealNetworks, Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-25] [não assinado]
FF HKU\S-1-5-21-3892671904-924784273-1446608767-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: (GBBD Banco do Brasil) - C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2015-03-26] [não assinado]
FF HKU\S-1-5-21-3892671904-924784273-1446608767-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: (GBBD Caixa Economica Federal) - C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2015-10-01] [não assinado]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
"Warsaw Technology" => serviço foi desbloqueado. <===== ATENÇÃO
R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2008-10-03] (Macrovision Europe Ltd.) [Arquivo não assinado]
R2 GbpSv; C:\Program Files\GbPlugin\gbpsv.exe [631520 2016-08-22] (GAS Tecnologia)
S4 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2008-05-20] (Sony Corporation) [Arquivo não assinado]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [Arquivo não assinado]
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2008-05-20] (Sony Corporation) [Arquivo não assinado]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [Arquivo não assinado]
S3 SOHCImp; C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-05-20] (Sony Corporation)
S3 SOHDms; C:\Program Files\Sony\VAIO Media plus\SOHDms.exe [353568 2008-05-20] (Sony Corporation)
S3 SOHDs; C:\Program Files\Sony\VAIO Media plus\SOHDs.exe [62752 2008-05-20] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2008-05-20] (Sony Corporation) [Arquivo não assinado]
R2 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [104960 2008-03-25] (ArcSoft, Inc.)
S2 UI Assistant Service; C:\Program Files\Join Air\AssistantServices.exe [270672 2011-09-14] ()
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-05-22] (Sony Corporation) [Arquivo não assinado]
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182112 2008-07-15] (Sony Corporation)
R2 VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [411488 2008-08-06] (Sony Corporation)
R2 VCFw; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [415744 2008-06-20] (Sony Corporation) [Arquivo não assinado]
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [337184 2008-06-11] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-06-19] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-05-22] (Sony Corporation) [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [529632 2015-11-04] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [12831984 2016-02-18] (Zemana Ltd.)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [17408 2008-01-30] (ArcSoft, Inc.)
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [49496 2015-08-26] (GAS Tecnologia)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [130936 2009-04-03] (PC Tools)
S3 s916bus; C:\Windows\System32\DRIVERS\s916bus.sys [83496 2007-11-02] (MCCI Corporation)
S3 s916mdfl; C:\Windows\System32\DRIVERS\s916mdfl.sys [15016 2007-11-02] (MCCI Corporation)
S3 s916mdm; C:\Windows\System32\DRIVERS\s916mdm.sys [109992 2007-11-02] (MCCI Corporation)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert32.sys [31448 2015-07-07] (Basil)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [80728 2016-08-25] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [79064 2015-03-18] (GAS Tecnologia)
R1 ZAM; C:\Windows\System32\drivers\zam32.sys [179448 2016-03-01] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard32.sys [179448 2016-03-01] (Zemana Ltd.)
S3 zte_cdc_acm; C:\Windows\System32\DRIVERS\zte_cdc_acm.sys [67968 2011-09-17] (ZTE)
S3 zte_cpo; C:\Windows\System32\DRIVERS\zte_cpo.sys [9984 2011-09-17] (ZTE)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S0 gbpddreg; system32\drivers\gbpddreg32.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-25 18:50 - 2016-08-25 18:51 - 00016343 _____ C:\Users\ISAIAS\Desktop\FRST.txt
2016-08-25 18:47 - 2016-08-25 18:50 - 00000000 ____D C:\FRST
2016-08-25 18:46 - 2016-08-25 18:46 - 01746432 _____ (Farbar) C:\Users\ISAIAS\Desktop\FRST.exe
2016-08-24 22:48 - 2016-08-25 16:52 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-08-23 23:14 - 2016-08-24 04:44 - 00000000 ____D C:\Users\ISAIAS\Downloads\Dirty Grandpa 2016 1080p BluRay x264 DTS-JYK
2016-08-23 23:11 - 2016-08-23 23:22 - 00000000 ____D C:\Users\ISAIAS\Downloads\The Nice Guys 2016 1080p BluRay x264 DTS-JYK
2016-08-23 23:09 - 2016-08-23 23:14 - 00000000 ____D C:\Users\ISAIAS\Downloads\Money Monster 2016 1080p BluRay x264 DTS-JYK
2016-08-23 18:49 - 2016-08-23 18:51 - 00000000 ____D C:\Users\ISAIAS\Downloads\Fear.the.Walking.Dead.S02E08.WEB-DL.x264-FUM[ettv]
2016-08-22 19:52 - 2016-08-23 23:37 - 00212596 _____ C:\Windows\hpoins43.dat
2016-08-22 19:52 - 2010-01-30 10:11 - 00000601 ____N C:\Windows\hpomdl43.dat
2016-08-22 19:36 - 2009-02-11 08:03 - 00966656 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpost_p02c.dll
2016-08-22 19:36 - 2009-02-11 08:03 - 00712704 _____ (Hewlett-Packard) C:\Windows\system32\hposwia_p02c.dll
2016-08-22 19:36 - 2009-02-11 08:03 - 00315392 _____ (Hewlett-Packard Co.) C:\Windows\system32\hposc_p02a.dll
2016-08-22 19:36 - 2008-10-28 21:27 - 00372736 _____ (Hewlett-Packard) C:\Windows\system32\hppldcoi.dll
2016-08-22 19:33 - 2016-08-22 19:36 - 00000000 ____D C:\Users\ISAIAS\Downloads\PS_AIO_06_C4700_USW_Full_Win_WW_140_175-4(1)
2016-08-22 19:10 - 2016-08-22 19:10 - 00000000 ____D C:\Users\ISAIAS\Downloads\setup
2016-08-22 19:00 - 2016-08-22 19:13 - 156964432 _____ C:\Users\ISAIAS\Downloads\PS_AIO_06_C4700_USW_Full_Win_WW_140_175-4(1).exe
2016-08-20 23:31 - 2016-08-21 18:22 - 00000000 ____D C:\Users\ISAIAS\Downloads\The.Two.Faces.of.January.2014.1080p.BluRay.DTS.x264-tomcat12[ETRG]
2016-08-20 23:30 - 2016-08-21 00:41 - 00000000 ____D C:\Users\ISAIAS\Downloads\The Program 2015 1080p BluRay x264 DTS-JYK
2016-08-13 13:43 - 2016-08-13 12:23 - 00212568 ____N C:\Windows\hpoins43.dat.temp
2016-08-13 13:43 - 2010-01-30 10:11 - 00000601 ____N C:\Windows\hpomdl43.dat.temp
2016-08-13 12:04 - 2016-08-13 12:09 - 00000000 ____D C:\Users\ISAIAS\AppData\Roaming\HpUpdate
2016-08-13 12:01 - 2016-08-13 12:01 - 00001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Central de Soluções HP.lnk
2016-08-13 11:57 - 2016-08-22 20:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-08-13 11:54 - 2009-04-16 14:08 - 00123904 _____ (Hewlett-Packard Company) C:\Windows\system32\hpf3l70v.dll
2016-08-13 11:39 - 2009-04-16 08:53 - 00452408 _____ (Hewlett-Packard) C:\Windows\system32\hpzids01.dll
2016-08-06 17:29 - 2016-08-06 17:45 - 00000000 ____D C:\Users\ISAIAS\Downloads\In Secret (2013) [1080p]
2016-08-04 21:50 - 2016-08-06 22:52 - 00000000 ____D C:\Users\ISAIAS\Downloads\Wish.I.Was.Here.2014.1080p.BluRay.x264.anoXmous
2016-07-26 19:59 - 2016-07-26 22:18 - 00000000 ____D C:\Users\ISAIAS\Downloads\Draft.Day.2014.BRRip.720P.AAC.x264-Masta[ETRG]
2016-07-25 03:13 - 2016-06-10 11:19 - 02071040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-07-25 03:10 - 2016-06-25 12:37 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2016-07-25 03:10 - 2016-06-25 12:37 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-07-25 03:10 - 2016-06-25 12:37 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2016-07-25 03:10 - 2016-06-25 12:37 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2016-07-25 03:10 - 2016-06-25 11:40 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2016-07-24 22:13 - 2016-07-24 22:15 - 00000000 ____D C:\Users\ISAIAS\Downloads\When.the.Game.Stands.Tall.2014.HDRip.XviD.AC3-EVO
2016-07-24 14:01 - 2016-06-20 14:50 - 01815552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-07-24 14:01 - 2016-06-20 14:48 - 12842496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-07-24 14:01 - 2016-06-20 14:46 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-07-24 14:01 - 2016-06-20 14:45 - 09755136 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-07-24 14:01 - 2016-06-20 14:45 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-07-24 14:01 - 2016-06-20 14:44 - 01129984 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-07-24 14:01 - 2016-06-20 14:43 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-07-24 14:01 - 2016-06-20 14:43 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-07-24 14:01 - 2016-06-20 14:43 - 00719360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-07-24 14:01 - 2016-06-20 14:43 - 00425472 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-07-24 14:01 - 2016-06-20 14:43 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-07-24 14:01 - 2016-06-20 14:43 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-07-24 14:01 - 2016-06-20 14:43 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-07-24 14:01 - 2016-06-20 14:42 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-07-24 14:01 - 2016-06-20 14:42 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-07-24 14:01 - 2016-06-20 14:42 - 00354304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-07-24 14:01 - 2016-06-20 14:42 - 00223744 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-07-24 14:01 - 2016-06-20 14:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-07-24 14:01 - 2016-06-20 14:42 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-07-24 14:01 - 2016-06-20 14:42 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-07-24 14:01 - 2016-06-20 14:42 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-07-24 14:01 - 2016-06-20 14:42 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-07-05 23:32 - 2016-07-05 23:32 - 00000000 ____D C:\Users\ISAIAS\Downloads\Words and Pictures (2013) [1080p]
2016-07-02 12:01 - 2016-07-02 12:01 - 00547520 _____ C:\Users\ISAIAS\Downloads\Edital Ret. CP-CSM-CD.pdf
2016-06-25 10:06 - 2016-06-25 11:18 - 00000000 ____D C:\Users\ISAIAS\Downloads\The.Good.Lie.2014.LIMITED.1080p.BluRay.H264.AAC-RARBG
2016-06-16 08:17 - 2016-05-18 12:33 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-16 08:15 - 2016-05-12 12:34 - 00582144 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-16 08:15 - 2016-05-12 12:34 - 00365056 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-16 08:15 - 2016-05-12 12:34 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-16 08:15 - 2016-05-12 12:34 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-16 08:15 - 2016-05-12 12:33 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-16 08:15 - 2016-05-12 12:33 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-16 08:15 - 2016-05-10 12:31 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-16 08:15 - 2016-05-10 12:31 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-16 08:15 - 2016-05-10 12:31 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-16 08:15 - 2016-05-10 11:28 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-16 08:15 - 2016-05-10 11:28 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-16 08:13 - 2016-05-12 11:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-16 08:09 - 2016-05-14 12:47 - 00306408 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-16 08:09 - 2016-05-14 12:41 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-16 08:09 - 2016-05-14 12:41 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-16 08:09 - 2016-05-14 12:41 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2016-06-16 08:09 - 2016-05-14 11:19 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-16 08:09 - 2016-05-14 11:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-16 08:09 - 2016-05-14 11:18 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-16 08:09 - 2016-05-11 10:09 - 00440552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-08-25 18:45 - 2015-07-10 12:00 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-25 18:18 - 2009-07-23 09:40 - 00000000 ___SD C:\Users\ISAIAS\AppData\LocalLow\Temp
2016-08-25 18:15 - 2009-03-15 15:32 - 00000000 ____D C:\Arquivos
2016-08-25 18:14 - 2015-07-27 00:25 - 00000000 ____D C:\ProgramData\GbPlugin
2016-08-25 17:11 - 2006-11-02 09:45 - 00003616 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-25 17:11 - 2006-11-02 09:45 - 00003616 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-25 16:52 - 2012-05-07 23:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-08-25 16:51 - 2015-04-12 00:30 - 00000000 ____D C:\ProgramData\MCShield
2016-08-25 15:13 - 2015-11-20 23:26 - 00080728 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-08-25 15:11 - 2010-06-03 14:03 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-08-25 15:11 - 2006-11-02 09:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-25 15:08 - 2016-03-01 15:37 - 00000620 _____ C:\Windows\ZAM.krnl.trace
2016-08-25 15:08 - 2016-03-01 15:37 - 00000119 _____ C:\Windows\ZAM_Guard.krnl.trace
2016-08-24 23:04 - 2006-11-02 09:58 - 00032606 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-08-24 23:03 - 2016-02-15 15:35 - 00000000 ____D C:\Users\ISAIAS\Desktop\Marilene especialização
2016-08-24 07:23 - 2009-03-26 16:03 - 00000000 ____D C:\Users\ISAIAS\AppData\Roaming\uTorrent
2016-08-23 23:32 - 2009-03-15 16:03 - 00000000 ____D C:\Users\ISAIAS\AppData\Local\Last.fm
2016-08-23 22:59 - 2008-01-21 03:33 - 01588732 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-23 22:59 - 2008-01-21 03:32 - 00685792 _____ C:\Windows\system32\prfh0416.dat
2016-08-23 22:59 - 2008-01-21 03:32 - 00144846 _____ C:\Windows\system32\prfc0416.dat
2016-08-23 22:59 - 2006-11-02 08:18 - 00000000 ____D C:\Windows\inf
2016-08-23 20:28 - 2012-10-21 22:25 - 00000000 ____D C:\Users\ISAIAS\Downloads\legendas
2016-08-23 20:26 - 2013-01-11 14:23 - 00000000 ____D C:\Users\ISAIAS\AppData\Roaming\vlc
2016-08-23 20:19 - 2009-05-24 17:48 - 00000000 ____D C:\Users\ISAIAS\Desktop\Proteção; Limpadores
2016-08-23 18:43 - 2015-09-18 16:57 - 00000000 ____D C:\Users\ISAIAS\AppData\LocalLow\uTorrent
2016-08-22 20:25 - 2006-11-02 07:23 - 00000179 _____ C:\Windows\win.ini
2016-08-22 20:22 - 2010-03-11 15:04 - 00000000 ____D C:\Program Files\GbPlugin
2016-08-22 20:09 - 2009-03-29 17:52 - 00000000 ____D C:\Program Files\HP
2016-08-22 20:06 - 2009-03-29 15:31 - 00000000 ____D C:\ProgramData\HP
2016-08-22 20:03 - 2009-03-14 23:45 - 00000000 ____D C:\Users\ISAIAS
2016-08-17 16:55 - 2009-03-14 23:45 - 00080496 _____ C:\Users\ISAIAS\AppData\Local\GDIPFONTCACHEV1.DAT
2016-08-17 16:53 - 2006-11-02 09:44 - 00326512 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-17 00:06 - 2013-10-27 22:58 - 00000000 ____D C:\Users\ISAIAS\AppData\Roaming\Litecoin
2016-08-16 21:51 - 2014-01-16 22:00 - 00000000 ____D C:\Users\ISAIAS\Desktop\Documentacao ingrid
2016-08-16 21:41 - 2009-08-09 11:30 - 00000000 ____D C:\Users\ISAIAS\Desktop\como administrar suas finanças
2016-08-16 21:40 - 2008-10-03 14:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-16 21:22 - 2008-10-03 14:19 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-08-16 21:22 - 2008-10-03 14:16 - 00000000 ____D C:\Program Files\Microsoft Office
2016-08-16 21:22 - 2006-11-02 08:18 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-15 22:52 - 2009-03-15 15:35 - 00206336 _____ C:\Users\ISAIAS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-08 20:54 - 2015-08-18 21:49 - 00000000 ____D C:\Users\ISAIAS\AppData\Local\CutePDF Writer
2016-07-26 14:24 - 2010-08-07 17:59 - 00406184 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Arquivos na raiz de alguns diretórios =======
2015-03-24 19:36 - 2015-03-24 19:36 - 0017872 _____ () C:\Users\ISAIAS\AppData\Roaming\unins000.dat
2015-10-01 17:50 - 2015-10-01 17:50 - 0017580 _____ () C:\Users\ISAIAS\AppData\Roaming\unins001.dat
2015-10-01 17:50 - 2015-10-01 17:50 - 0730322 _____ () C:\Users\ISAIAS\AppData\Roaming\unins001.exe
2009-03-24 15:40 - 2012-01-30 20:18 - 0006648 _____ () C:\Users\ISAIAS\AppData\Local\d3d9caps.dat
2009-03-15 15:35 - 2016-08-15 22:52 - 0206336 _____ () C:\Users\ISAIAS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-03-29 16:14 - 2016-08-23 23:37 - 0021213 _____ () C:\ProgramData\hpzinstall.log
2011-11-05 20:55 - 2011-11-05 20:55 - 0001492 _____ () C:\ProgramData\ss.ini
ZeroAccess:
C:\Users\ISAIAS\AppData\Local\47df7cd1
C:\Users\ISAIAS\AppData\Local\47df7cd1\@
Alguns arquivos em TEMP:
====================
C:\Users\ISAIAS\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\ISAIAS\AppData\Local\Temp\jre-8u91-windows-au.exe
Alguns com tamanho de zero byte arquivos/pastas:
==========================
C:\Windows\System32\FunctionDiscoveryFolder.dll
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-08-25 16:56
==================== Fim de FRST.txt ============================