Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 07-12-2016
Executado por ISAIAS (administrador) em ISAIAS-PC (14-12-2016 20:22:46)
Executando a partir de C:\Users\ISAIAS\Desktop
Perfis Carregados: ISAIAS (Perfis Disponíveis: ISAIAS)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE
() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Last.fm) C:\Program Files\Last.fm\Last.fm Scrobbler.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(ArcSoft, Inc.) C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll [2015-10-20] (Banco do Brasil)
Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll [2016-08-21] (Caixa Economica Federal)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2008-07-15] (Sony Corporation)
HKU\S-1-5-21-3892671904-924784273-1446608767-1000\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-3892671904-924784273-1446608767-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES\GbPlugin\gbieh.dll [1945472 2015-10-20] (Banco do Brasil)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES\GbPlugin\gbiehcef.dll [1903328 2016-08-21] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2005-03-05] (Autodesk)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-22]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 186.226.6.200 186.226.6.201
Tcpip\..\Interfaces\{658BD3FE-5E57-4930-85FE-EF18F637B1A7}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{658BD3FE-5E57-4930-85FE-EF18F637B1A7}: [DhcpNameServer] 186.226.6.200 186.226.6.201
Tcpip\..\Interfaces\{803A8E8F-63A9-4E12-AD24-5FC7651E7FD0}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3892671904-924784273-1446608767-1000 -> DefaultScope {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-02] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES\GBPLUGIN\gbieh.dll [2015-10-20] (Banco do Brasil)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\PROGRAM FILES\GBPLUGIN\gbiehcef.dll [2016-08-21] (Caixa Economica Federal)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-02] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-07] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 0c79ypmt.default-1409795981297
FF ProfilePath: C:\Users\ISAIAS\AppData\Roaming\Mozilla\Firefox\Profiles\0c79ypmt.default-1409795981297 [2016-12-14]
FF Homepage: Mozilla\Firefox\Profiles\0c79ypmt.default-1409795981297 -> about:home
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-25] [não assinado]
FF HKU\S-1-5-21-3892671904-924784273-1446608767-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: (GBBD Banco do Brasil) - C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2015-03-26] [não assinado]
FF HKU\S-1-5-21-3892671904-924784273-1446608767-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: (GBBD Caixa Economica Federal) - C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2015-10-01] [não assinado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2009-11-05] (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-02] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-12] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3892671904-924784273-1446608767-1000: gastecnologia.com.br/sf/bb -> C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-03-06] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3892671904-924784273-1446608767-1000: gastecnologia.com.br/sf/cef -> C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2010-02-02] (RealNetworks, Inc.)
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
"Warsaw Technology" => serviço foi desbloqueado. <===== ATENÇÃO
R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2008-10-03] (Macrovision Europe Ltd.) [Arquivo não assinado]
R2 GbpSv; C:\Program Files\GbPlugin\gbpsv.exe [631520 2016-08-22] (GAS Tecnologia)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2008-05-20] (Sony Corporation) [Arquivo não assinado]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [Arquivo não assinado]
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2008-05-20] (Sony Corporation) [Arquivo não assinado]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [Arquivo não assinado]
S3 SOHCImp; C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-05-20] (Sony Corporation)
S3 SOHDms; C:\Program Files\Sony\VAIO Media plus\SOHDms.exe [353568 2008-05-20] (Sony Corporation)
S3 SOHDs; C:\Program Files\Sony\VAIO Media plus\SOHDs.exe [62752 2008-05-20] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2008-05-20] (Sony Corporation) [Arquivo não assinado]
S2 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [104960 2008-03-25] (ArcSoft, Inc.)
S2 UI Assistant Service; C:\Program Files\Join Air\AssistantServices.exe [270672 2011-09-14] ()
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-05-22] (Sony Corporation) [Arquivo não assinado]
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182112 2008-07-15] (Sony Corporation)
R2 VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [411488 2008-08-06] (Sony Corporation)
R2 VCFw; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [415744 2008-06-20] (Sony Corporation) [Arquivo não assinado]
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [337184 2008-06-11] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-06-19] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-05-22] (Sony Corporation) [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [529632 2015-11-04] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
S2 ZAMSvc; "C:\Program Files\Zemana AntiMalware\ZAM.exe" /service [X]
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [17408 2008-01-30] (ArcSoft, Inc.)
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [49496 2015-08-26] (GAS Tecnologia)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [130936 2009-04-03] (PC Tools)
S3 s916bus; C:\Windows\System32\DRIVERS\s916bus.sys [83496 2007-11-02] (MCCI Corporation)
S3 s916mdfl; C:\Windows\System32\DRIVERS\s916mdfl.sys [15016 2007-11-02] (MCCI Corporation)
S3 s916mdm; C:\Windows\System32\DRIVERS\s916mdm.sys [109992 2007-11-02] (MCCI Corporation)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [80728 2016-12-14] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [79064 2015-03-18] (GAS Tecnologia)
S3 zte_cdc_acm; C:\Windows\System32\DRIVERS\zte_cdc_acm.sys [67968 2011-09-17] (ZTE)
S3 zte_cpo; C:\Windows\System32\DRIVERS\zte_cpo.sys [9984 2011-09-17] (ZTE)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S0 gbpddreg; system32\drivers\gbpddreg32.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam32.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard32.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-14 20:22 - 2016-12-14 20:24 - 00015738 _____ C:\Users\ISAIAS\Desktop\FRST.txt
2016-12-14 20:20 - 2016-12-14 20:22 - 00000000 ____D C:\FRST
2016-12-14 20:18 - 2016-12-14 20:18 - 01761792 _____ (Farbar) C:\Users\ISAIAS\Desktop\FRST.exe
2016-12-13 20:13 - 2016-12-13 20:13 - 00000000 ____D C:\Users\ISAIAS\Downloads\Child 44 2015 1080p BRRip x264 DTS-JYK
2016-12-13 20:12 - 2016-12-13 23:18 - 00000000 ____D C:\Users\ISAIAS\Downloads\Black.Sea.2014.1080p.BluRay.AC3.x264-[ETRG]
2016-12-13 17:53 - 2016-12-13 17:53 - 00000000 ____D C:\4f85dc9e24d307f8190369da43865ba8
2016-12-13 17:51 - 2016-12-13 17:51 - 02361727 _____ C:\Users\ISAIAS\Downloads\Windows6.0-KB3145739-x86.msu
2016-12-12 16:46 - 2016-12-12 18:35 - 00000000 ____D C:\Users\ISAIAS\Downloads\The.Walking.Dead.S07E08.HDTV.x264-FUM[ettv]
2016-12-11 16:58 - 2016-12-11 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-12-11 16:57 - 2016-12-11 16:58 - 00000000 ___RD C:\Program Files\Skype
2016-12-11 16:57 - 2016-12-11 16:57 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-12-11 16:25 - 2016-12-11 16:28 - 43506136 _____ (Skype Technologies S.A.) C:\Users\ISAIAS\Downloads\SkypeSetupFullXp.exe
2016-12-11 13:59 - 2016-12-11 14:03 - 00000000 ____D C:\Users\ISAIAS\Downloads\Goodnight Mummy (2014) - 1080p
2016-12-11 13:57 - 2016-12-11 20:46 - 00000000 ____D C:\Users\ISAIAS\Downloads\Dumb And Dumber To 2014 1080p BRRip x264 DTS-JYK
2016-12-06 22:17 - 2016-12-06 22:28 - 00000000 ____D C:\Users\ISAIAS\Downloads\The.Diary.of.a.Teenage.Girl.2015.1080p.BluRay.x264.DTS-JYK
2016-12-04 21:22 - 2016-12-04 21:22 - 00000000 ____D C:\Users\ISAIAS\.android
2016-12-04 20:22 - 2016-12-04 20:22 - 00000000 ____D C:\Program Files\Debloater
2016-12-04 20:17 - 2016-12-04 22:09 - 00000000 ____D C:\Users\ISAIAS\AppData\Local\Downloaded Installations
2016-12-02 12:12 - 2016-12-02 12:12 - 00000000 ____D C:\Program Files\Common Files\Java
2016-12-01 19:38 - 2016-12-01 19:38 - 00000000 ____D C:\Users\ISAIAS\AppData\Local\WindowsUpdate
2016-11-28 19:32 - 2016-11-28 22:30 - 00000000 ____D C:\Users\ISAIAS\Downloads\Pawn Sacrifice 2014 1080p BluRay x264 DTS-JYK
2016-11-27 12:20 - 2016-11-27 17:45 - 00000000 ____D C:\Users\ISAIAS\Downloads\Truth 2015 1080p BluRay x264 DTS-JYK
2016-11-22 22:30 - 2016-11-27 00:05 - 00000000 ____D C:\Users\ISAIAS\Downloads\Horrible Bosses 2 2014 EXTENDED 1080p BRRip x264 DTS-JYK
2016-11-20 22:28 - 2016-11-20 23:17 - 00000000 ____D C:\Users\ISAIAS\Downloads\Learning.To.Drive.2014.1080p.BRRip.x264.AAC-ETRG
2016-11-18 12:17 - 2016-11-18 12:17 - 00143317 _____ C:\Users\ISAIAS\Downloads\Plano-Saude.pdf
2016-11-16 17:16 - 2016-12-14 20:01 - 00000000 ____D C:\Users\ISAIAS\AppData\LocalLow\Mozilla
2016-11-16 17:15 - 2016-12-02 11:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-11-14 19:49 - 2016-11-14 22:48 - 00000000 ____D C:\Users\ISAIAS\Downloads\We Are Your Friends 2015 1080p BluRay x264 DTS-JYK
2016-11-10 20:46 - 2016-11-10 20:46 - 00109476 _____ C:\Users\ISAIAS\Downloads\PCCR RN LEI COMP. 333-2006 TABELA.pdf
2016-11-05 20:18 - 2016-11-06 00:41 - 00000000 ____D C:\Users\ISAIAS\Downloads\While.Were.Young.2014.1080p.BluRay.AC3.x264-ETRG
2016-10-13 21:09 - 2016-10-13 21:09 - 00071648 _____ C:\Users\ISAIAS\Desktop\PagSeguro UOL - Detalhes da transação.pdf
2016-10-09 12:31 - 2016-10-09 12:31 - 00000000 ____D C:\Users\ISAIAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Litecoin Core
2016-10-09 12:31 - 2016-10-09 12:31 - 00000000 ____D C:\Program Files\Litecoin
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-14 20:15 - 2009-07-23 09:40 - 00000000 ___SD C:\Users\ISAIAS\AppData\LocalLow\Temp
2016-12-14 19:45 - 2015-07-10 12:00 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-14 19:44 - 2009-03-15 16:03 - 00000000 ____D C:\Users\ISAIAS\AppData\Local\Last.fm
2016-12-14 19:43 - 2009-03-15 15:32 - 00000000 ____D C:\Arquivos
2016-12-14 19:43 - 2006-11-02 09:45 - 00003616 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-14 19:43 - 2006-11-02 09:45 - 00003616 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-14 17:58 - 2015-07-27 00:25 - 00000000 ____D C:\ProgramData\GbPlugin
2016-12-14 17:58 - 2015-04-12 00:30 - 00000000 ____D C:\ProgramData\MCShield
2016-12-14 17:45 - 2015-11-20 23:26 - 00080728 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-12-14 17:44 - 2010-06-03 14:03 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-12-14 17:44 - 2006-11-02 09:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-14 00:01 - 2006-11-02 09:58 - 00032616 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-13 23:41 - 2015-09-18 16:57 - 00000000 ____D C:\Users\ISAIAS\AppData\LocalLow\uTorrent
2016-12-13 23:41 - 2009-03-26 16:03 - 00000000 ____D C:\Users\ISAIAS\AppData\Roaming\uTorrent
2016-12-13 17:47 - 2015-07-10 12:00 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-12-13 17:47 - 2015-07-10 12:00 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-12-13 17:47 - 2008-09-03 13:56 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-12 19:19 - 2012-10-21 22:25 - 00000000 ____D C:\Users\ISAIAS\Downloads\legendas
2016-12-12 17:54 - 2010-06-12 23:36 - 00000000 ____D C:\DOSBox-0.74
2016-12-12 16:31 - 2013-05-28 20:24 - 00000000 ____D C:\Users\ISAIAS\AppData\Roaming\Skype
2016-12-11 19:57 - 2009-05-24 17:48 - 00000000 ____D C:\Users\ISAIAS\Desktop\Proteção; Limpadores
2016-12-11 19:50 - 2013-01-11 14:23 - 00000000 ____D C:\Users\ISAIAS\AppData\Roaming\vlc
2016-12-11 19:49 - 2009-03-29 16:03 - 00000000 ____D C:\Users\ISAIAS\Documents\Meus arquivos recebidos
2016-12-11 19:47 - 2009-04-08 10:02 - 00000000 ____D C:\Users\ISAIAS\Documents\Minhas digitalizações
2016-12-11 19:46 - 2010-08-10 09:40 - 00000000 ____D C:\Users\ISAIAS\Documents\4º ingrid
2016-12-11 19:44 - 2016-08-27 12:36 - 00027648 _____ C:\Users\ISAIAS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-11 18:59 - 2016-02-15 15:35 - 00000000 ____D C:\Users\ISAIAS\Desktop\Marilene especialização
2016-12-11 16:58 - 2013-05-28 20:23 - 00000000 ____D C:\ProgramData\Skype
2016-12-11 16:57 - 2016-01-14 21:21 - 00000000 ____D C:\Users\ISAIAS\AppData\Local\Skype
2016-12-09 21:57 - 2015-08-18 21:49 - 00000000 ____D C:\Users\ISAIAS\AppData\Local\CutePDF Writer
2016-12-04 21:22 - 2009-03-14 23:45 - 00000000 ____D C:\Users\ISAIAS
2016-12-02 12:13 - 2016-04-14 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-02 12:13 - 2008-09-03 13:57 - 00000000 ____D C:\Program Files\Java
2016-12-02 12:10 - 2016-04-14 21:14 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-12-02 11:48 - 2012-05-07 23:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-12-01 22:05 - 2008-09-03 16:42 - 00000000 ____D C:\Windows\Panther
2016-11-20 19:43 - 2008-01-21 03:33 - 01588732 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-20 19:43 - 2008-01-21 03:32 - 00685792 _____ C:\Windows\system32\prfh0416.dat
2016-11-20 19:43 - 2008-01-21 03:32 - 00144846 _____ C:\Windows\system32\prfc0416.dat
2016-11-20 19:42 - 2006-11-02 08:18 - 00000000 ____D C:\Windows\inf
2016-11-15 20:47 - 2014-01-16 22:00 - 00000000 ____D C:\Users\ISAIAS\Desktop\Documentacao ingrid
==================== Arquivos na raiz de alguns diretórios =======
2015-03-24 19:36 - 2015-03-24 19:36 - 0017872 _____ () C:\Users\ISAIAS\AppData\Roaming\unins000.dat
2015-10-01 17:50 - 2015-10-01 17:50 - 0017580 _____ () C:\Users\ISAIAS\AppData\Roaming\unins001.dat
2015-10-01 17:50 - 2015-10-01 17:50 - 0730322 _____ () C:\Users\ISAIAS\AppData\Roaming\unins001.exe
2009-03-24 15:40 - 2012-01-30 20:18 - 0006648 _____ () C:\Users\ISAIAS\AppData\Local\d3d9caps.dat
2016-08-27 12:36 - 2016-12-11 19:44 - 0027648 _____ () C:\Users\ISAIAS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-03-29 16:14 - 2016-08-23 23:37 - 0021213 _____ () C:\ProgramData\hpzinstall.log
2011-11-05 20:55 - 2011-11-05 20:55 - 0001492 _____ () C:\ProgramData\ss.ini
Alguns arquivos em TEMP:
====================
C:\Users\ISAIAS\AppData\Local\Temp\jre-8u111-windows-au.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-12-14 17:53
==================== Fim de FRST.txt ============================
Executado por ISAIAS (administrador) em ISAIAS-PC (14-12-2016 20:22:46)
Executando a partir de C:\Users\ISAIAS\Desktop
Perfis Carregados: ISAIAS (Perfis Disponíveis: ISAIAS)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Realtek Semiconductor) C:\Windows\RTKAUDIOSERVICE.EXE
() C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 4\VAIOUpdt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(MyCity) C:\Program Files\MCShield\MCShieldRTM.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Last.fm) C:\Program Files\Last.fm\Last.fm Scrobbler.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(ArcSoft, Inc.) C:\Program Files\ArcSoft\Magic-i Visual Effects\Magic-i Visual Effects.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll [2015-10-20] (Banco do Brasil)
Winlogon\Notify\ GbPluginCef: C:\Program Files\GbPlugin\gbiehCef.dll [2016-08-21] (Caixa Economica Federal)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2008-07-15] (Sony Corporation)
HKU\S-1-5-21-3892671904-924784273-1446608767-1000\...\Run: [MCShield Monitor] => C:\Program Files\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-3892671904-924784273-1446608767-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES\GbPlugin\gbieh.dll [1945472 2015-10-20] (Banco do Brasil)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\PROGRAM FILES\GbPlugin\gbiehcef.dll [1903328 2016-08-21] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2005-03-05] (Autodesk)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-08-22]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Tcpip\Parameters: [DhcpNameServer] 186.226.6.200 186.226.6.201
Tcpip\..\Interfaces\{658BD3FE-5E57-4930-85FE-EF18F637B1A7}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{658BD3FE-5E57-4930-85FE-EF18F637B1A7}: [DhcpNameServer] 186.226.6.200 186.226.6.201
Tcpip\..\Interfaces\{803A8E8F-63A9-4E12-AD24-5FC7651E7FD0}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3892671904-924784273-1446608767-1000 -> DefaultScope {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-12-02] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\PROGRAM FILES\GBPLUGIN\gbieh.dll [2015-10-20] (Banco do Brasil)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\PROGRAM FILES\GBPLUGIN\gbiehcef.dll [2016-08-21] (Caixa Economica Federal)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-02] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-07] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 0c79ypmt.default-1409795981297
FF ProfilePath: C:\Users\ISAIAS\AppData\Roaming\Mozilla\Firefox\Profiles\0c79ypmt.default-1409795981297 [2016-12-14]
FF Homepage: Mozilla\Firefox\Profiles\0c79ypmt.default-1409795981297 -> about:home
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-06-25] [não assinado]
FF HKU\S-1-5-21-3892671904-924784273-1446608767-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF Extension: (GBBD Banco do Brasil) - C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2015-03-26] [não assinado]
FF HKU\S-1-5-21-3892671904-924784273-1446608767-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: (GBBD Caixa Economica Federal) - C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2015-10-01] [não assinado]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-13] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2009-11-05] (GARMIN Corp.)
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-02] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-12-12] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3892671904-924784273-1446608767-1000: gastecnologia.com.br/sf/bb -> C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-03-06] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-3892671904-924784273-1446608767-1000: gastecnologia.com.br/sf/cef -> C:\Users\ISAIAS\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll [2010-02-02] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll [2010-02-02] (RealNetworks, Inc.)
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
"Warsaw Technology" => serviço foi desbloqueado. <===== ATENÇÃO
R2 AdobeActiveFileMonitor6.0; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832 2007-09-11] ()
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2008-10-03] (Macrovision Europe Ltd.) [Arquivo não assinado]
R2 GbpSv; C:\Program Files\GbPlugin\gbpsv.exe [631520 2016-08-22] (GAS Tecnologia)
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [53248 2008-05-20] (Sony Corporation) [Arquivo não assinado]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [Arquivo não assinado]
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [53248 2008-05-20] (Sony Corporation) [Arquivo não assinado]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [Arquivo não assinado]
S3 SOHCImp; C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe [103712 2008-05-20] (Sony Corporation)
S3 SOHDms; C:\Program Files\Sony\VAIO Media plus\SOHDms.exe [353568 2008-05-20] (Sony Corporation)
S3 SOHDs; C:\Program Files\Sony\VAIO Media plus\SOHDs.exe [62752 2008-05-20] (Sony Corporation)
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [77824 2008-05-20] (Sony Corporation) [Arquivo não assinado]
S2 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects\uCamMonitor.exe [104960 2008-03-25] (ArcSoft, Inc.)
S2 UI Assistant Service; C:\Program Files\Join Air\AssistantServices.exe [270672 2011-09-14] ()
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2008-05-22] (Sony Corporation) [Arquivo não assinado]
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182112 2008-07-15] (Sony Corporation)
R2 VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [411488 2008-08-06] (Sony Corporation)
R2 VCFw; C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [415744 2008-06-20] (Sony Corporation) [Arquivo não assinado]
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [337184 2008-06-11] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [279848 2008-06-19] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2008-05-22] (Sony Corporation) [Arquivo não assinado]
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [529632 2015-11-04] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
S2 ZAMSvc; "C:\Program Files\Zemana AntiMalware\ZAM.exe" /service [X]
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [17408 2008-01-30] (ArcSoft, Inc.)
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [49496 2015-08-26] (GAS Tecnologia)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [130936 2009-04-03] (PC Tools)
S3 s916bus; C:\Windows\System32\DRIVERS\s916bus.sys [83496 2007-11-02] (MCCI Corporation)
S3 s916mdfl; C:\Windows\System32\DRIVERS\s916mdfl.sys [15016 2007-11-02] (MCCI Corporation)
S3 s916mdm; C:\Windows\System32\DRIVERS\s916mdm.sys [109992 2007-11-02] (MCCI Corporation)
R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [80728 2016-12-14] (GAS Tecnologia)
R1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [79064 2015-03-18] (GAS Tecnologia)
S3 zte_cdc_acm; C:\Windows\System32\DRIVERS\zte_cdc_acm.sys [67968 2011-09-17] (ZTE)
S3 zte_cpo; C:\Windows\System32\DRIVERS\zte_cpo.sys [9984 2011-09-17] (ZTE)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S0 gbpddreg; system32\drivers\gbpddreg32.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam32.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard32.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-14 20:22 - 2016-12-14 20:24 - 00015738 _____ C:\Users\ISAIAS\Desktop\FRST.txt
2016-12-14 20:20 - 2016-12-14 20:22 - 00000000 ____D C:\FRST
2016-12-14 20:18 - 2016-12-14 20:18 - 01761792 _____ (Farbar) C:\Users\ISAIAS\Desktop\FRST.exe
2016-12-13 20:13 - 2016-12-13 20:13 - 00000000 ____D C:\Users\ISAIAS\Downloads\Child 44 2015 1080p BRRip x264 DTS-JYK
2016-12-13 20:12 - 2016-12-13 23:18 - 00000000 ____D C:\Users\ISAIAS\Downloads\Black.Sea.2014.1080p.BluRay.AC3.x264-[ETRG]
2016-12-13 17:53 - 2016-12-13 17:53 - 00000000 ____D C:\4f85dc9e24d307f8190369da43865ba8
2016-12-13 17:51 - 2016-12-13 17:51 - 02361727 _____ C:\Users\ISAIAS\Downloads\Windows6.0-KB3145739-x86.msu
2016-12-12 16:46 - 2016-12-12 18:35 - 00000000 ____D C:\Users\ISAIAS\Downloads\The.Walking.Dead.S07E08.HDTV.x264-FUM[ettv]
2016-12-11 16:58 - 2016-12-11 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-12-11 16:57 - 2016-12-11 16:58 - 00000000 ___RD C:\Program Files\Skype
2016-12-11 16:57 - 2016-12-11 16:57 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-12-11 16:25 - 2016-12-11 16:28 - 43506136 _____ (Skype Technologies S.A.) C:\Users\ISAIAS\Downloads\SkypeSetupFullXp.exe
2016-12-11 13:59 - 2016-12-11 14:03 - 00000000 ____D C:\Users\ISAIAS\Downloads\Goodnight Mummy (2014) - 1080p
2016-12-11 13:57 - 2016-12-11 20:46 - 00000000 ____D C:\Users\ISAIAS\Downloads\Dumb And Dumber To 2014 1080p BRRip x264 DTS-JYK
2016-12-06 22:17 - 2016-12-06 22:28 - 00000000 ____D C:\Users\ISAIAS\Downloads\The.Diary.of.a.Teenage.Girl.2015.1080p.BluRay.x264.DTS-JYK
2016-12-04 21:22 - 2016-12-04 21:22 - 00000000 ____D C:\Users\ISAIAS\.android
2016-12-04 20:22 - 2016-12-04 20:22 - 00000000 ____D C:\Program Files\Debloater
2016-12-04 20:17 - 2016-12-04 22:09 - 00000000 ____D C:\Users\ISAIAS\AppData\Local\Downloaded Installations
2016-12-02 12:12 - 2016-12-02 12:12 - 00000000 ____D C:\Program Files\Common Files\Java
2016-12-01 19:38 - 2016-12-01 19:38 - 00000000 ____D C:\Users\ISAIAS\AppData\Local\WindowsUpdate
2016-11-28 19:32 - 2016-11-28 22:30 - 00000000 ____D C:\Users\ISAIAS\Downloads\Pawn Sacrifice 2014 1080p BluRay x264 DTS-JYK
2016-11-27 12:20 - 2016-11-27 17:45 - 00000000 ____D C:\Users\ISAIAS\Downloads\Truth 2015 1080p BluRay x264 DTS-JYK
2016-11-22 22:30 - 2016-11-27 00:05 - 00000000 ____D C:\Users\ISAIAS\Downloads\Horrible Bosses 2 2014 EXTENDED 1080p BRRip x264 DTS-JYK
2016-11-20 22:28 - 2016-11-20 23:17 - 00000000 ____D C:\Users\ISAIAS\Downloads\Learning.To.Drive.2014.1080p.BRRip.x264.AAC-ETRG
2016-11-18 12:17 - 2016-11-18 12:17 - 00143317 _____ C:\Users\ISAIAS\Downloads\Plano-Saude.pdf
2016-11-16 17:16 - 2016-12-14 20:01 - 00000000 ____D C:\Users\ISAIAS\AppData\LocalLow\Mozilla
2016-11-16 17:15 - 2016-12-02 11:48 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-11-14 19:49 - 2016-11-14 22:48 - 00000000 ____D C:\Users\ISAIAS\Downloads\We Are Your Friends 2015 1080p BluRay x264 DTS-JYK
2016-11-10 20:46 - 2016-11-10 20:46 - 00109476 _____ C:\Users\ISAIAS\Downloads\PCCR RN LEI COMP. 333-2006 TABELA.pdf
2016-11-05 20:18 - 2016-11-06 00:41 - 00000000 ____D C:\Users\ISAIAS\Downloads\While.Were.Young.2014.1080p.BluRay.AC3.x264-ETRG
2016-10-13 21:09 - 2016-10-13 21:09 - 00071648 _____ C:\Users\ISAIAS\Desktop\PagSeguro UOL - Detalhes da transação.pdf
2016-10-09 12:31 - 2016-10-09 12:31 - 00000000 ____D C:\Users\ISAIAS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Litecoin Core
2016-10-09 12:31 - 2016-10-09 12:31 - 00000000 ____D C:\Program Files\Litecoin
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-12-14 20:15 - 2009-07-23 09:40 - 00000000 ___SD C:\Users\ISAIAS\AppData\LocalLow\Temp
2016-12-14 19:45 - 2015-07-10 12:00 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-14 19:44 - 2009-03-15 16:03 - 00000000 ____D C:\Users\ISAIAS\AppData\Local\Last.fm
2016-12-14 19:43 - 2009-03-15 15:32 - 00000000 ____D C:\Arquivos
2016-12-14 19:43 - 2006-11-02 09:45 - 00003616 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-14 19:43 - 2006-11-02 09:45 - 00003616 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-14 17:58 - 2015-07-27 00:25 - 00000000 ____D C:\ProgramData\GbPlugin
2016-12-14 17:58 - 2015-04-12 00:30 - 00000000 ____D C:\ProgramData\MCShield
2016-12-14 17:45 - 2015-11-20 23:26 - 00080728 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys
2016-12-14 17:44 - 2010-06-03 14:03 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2016-12-14 17:44 - 2006-11-02 09:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-14 00:01 - 2006-11-02 09:58 - 00032616 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-12-13 23:41 - 2015-09-18 16:57 - 00000000 ____D C:\Users\ISAIAS\AppData\LocalLow\uTorrent
2016-12-13 23:41 - 2009-03-26 16:03 - 00000000 ____D C:\Users\ISAIAS\AppData\Roaming\uTorrent
2016-12-13 17:47 - 2015-07-10 12:00 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-12-13 17:47 - 2015-07-10 12:00 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-12-13 17:47 - 2008-09-03 13:56 - 00000000 ____D C:\Windows\system32\Macromed
2016-12-12 19:19 - 2012-10-21 22:25 - 00000000 ____D C:\Users\ISAIAS\Downloads\legendas
2016-12-12 17:54 - 2010-06-12 23:36 - 00000000 ____D C:\DOSBox-0.74
2016-12-12 16:31 - 2013-05-28 20:24 - 00000000 ____D C:\Users\ISAIAS\AppData\Roaming\Skype
2016-12-11 19:57 - 2009-05-24 17:48 - 00000000 ____D C:\Users\ISAIAS\Desktop\Proteção; Limpadores
2016-12-11 19:50 - 2013-01-11 14:23 - 00000000 ____D C:\Users\ISAIAS\AppData\Roaming\vlc
2016-12-11 19:49 - 2009-03-29 16:03 - 00000000 ____D C:\Users\ISAIAS\Documents\Meus arquivos recebidos
2016-12-11 19:47 - 2009-04-08 10:02 - 00000000 ____D C:\Users\ISAIAS\Documents\Minhas digitalizações
2016-12-11 19:46 - 2010-08-10 09:40 - 00000000 ____D C:\Users\ISAIAS\Documents\4º ingrid
2016-12-11 19:44 - 2016-08-27 12:36 - 00027648 _____ C:\Users\ISAIAS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-12-11 18:59 - 2016-02-15 15:35 - 00000000 ____D C:\Users\ISAIAS\Desktop\Marilene especialização
2016-12-11 16:58 - 2013-05-28 20:23 - 00000000 ____D C:\ProgramData\Skype
2016-12-11 16:57 - 2016-01-14 21:21 - 00000000 ____D C:\Users\ISAIAS\AppData\Local\Skype
2016-12-09 21:57 - 2015-08-18 21:49 - 00000000 ____D C:\Users\ISAIAS\AppData\Local\CutePDF Writer
2016-12-04 21:22 - 2009-03-14 23:45 - 00000000 ____D C:\Users\ISAIAS
2016-12-02 12:13 - 2016-04-14 21:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-12-02 12:13 - 2008-09-03 13:57 - 00000000 ____D C:\Program Files\Java
2016-12-02 12:10 - 2016-04-14 21:14 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2016-12-02 11:48 - 2012-05-07 23:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-12-01 22:05 - 2008-09-03 16:42 - 00000000 ____D C:\Windows\Panther
2016-11-20 19:43 - 2008-01-21 03:33 - 01588732 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-20 19:43 - 2008-01-21 03:32 - 00685792 _____ C:\Windows\system32\prfh0416.dat
2016-11-20 19:43 - 2008-01-21 03:32 - 00144846 _____ C:\Windows\system32\prfc0416.dat
2016-11-20 19:42 - 2006-11-02 08:18 - 00000000 ____D C:\Windows\inf
2016-11-15 20:47 - 2014-01-16 22:00 - 00000000 ____D C:\Users\ISAIAS\Desktop\Documentacao ingrid
==================== Arquivos na raiz de alguns diretórios =======
2015-03-24 19:36 - 2015-03-24 19:36 - 0017872 _____ () C:\Users\ISAIAS\AppData\Roaming\unins000.dat
2015-10-01 17:50 - 2015-10-01 17:50 - 0017580 _____ () C:\Users\ISAIAS\AppData\Roaming\unins001.dat
2015-10-01 17:50 - 2015-10-01 17:50 - 0730322 _____ () C:\Users\ISAIAS\AppData\Roaming\unins001.exe
2009-03-24 15:40 - 2012-01-30 20:18 - 0006648 _____ () C:\Users\ISAIAS\AppData\Local\d3d9caps.dat
2016-08-27 12:36 - 2016-12-11 19:44 - 0027648 _____ () C:\Users\ISAIAS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2009-03-29 16:14 - 2016-08-23 23:37 - 0021213 _____ () C:\ProgramData\hpzinstall.log
2011-11-05 20:55 - 2011-11-05 20:55 - 0001492 _____ () C:\ProgramData\ss.ini
Alguns arquivos em TEMP:
====================
C:\Users\ISAIAS\AppData\Local\Temp\jre-8u111-windows-au.exe
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-12-14 17:53
==================== Fim de FRST.txt ============================