Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão: 18-07-2017
Executado por Administrador (administrador) em WEBMASTER (20-07-2017 14:14:36)
Executando a partir de E:\Programas Web\Novos 13\Indicado-imasters-forum
Perfis Carregados: Administrador (Perfis Disponíveis: Administrador)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\ARQUIV~1\GbPlugin\gbpsv.exe
(AVG Technologies CZ, s.r.o.) C:\Arquivos de programas\AVG\Antivirus\AVGSvc.exe
(GAS Tecnologia) C:\ARQUIV~1\GbPlugin\gbpsv.exe
(AVG Technologies CZ, s.r.o.) C:\Arquivos de programas\AVG\Framework\Common\avgsvcx.exe
(Scarlet.Crush Productions) C:\Arquivos de programas\ScpServer\bin\ScpService.exe
(VIA Technologies, Inc.) C:\WINDOWS\system32\KaraokeSer.exe
(Intel Corporation) C:\Arquivos de programas\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Safer-Networking Ltd.) C:\Arquivos de programas\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Microsoft Corporation) C:\Arquivos de programas\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Safer-Networking Ltd.) C:\Arquivos de programas\Spybot - Search & Destroy 2\SDTray.exe
(AVG Technologies CZ, s.r.o.) C:\Arquivos de programas\AVG\Framework\Common\avguix.exe
(SUPERAntiSpyware) C:\Arquivos de programas\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(AVG Technologies CZ, s.r.o.) C:\Arquivos de programas\AVG\Antivirus\AVGUI.exe
(Intel Corporation) C:\Arquivos de programas\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(GAS Tecnologia LTDA) C:\Arquivos de programas\Diebold\Warsaw\core.exe
(AVG Technologies CZ, s.r.o.) C:\Arquivos de programas\AVG\Antivirus\aswidsagent.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [XboxStat] => C:\Arquivos de programas\Microsoft Xbox 360 Accessories\XboxStat.exe [718688 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [AvgUi] => C:\Arquivos de programas\AVG\Framework\Common\avguirnx.exe [220288 2017-07-03] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [ISUSPM Startup] => C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe [249856 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [ISUSScheduler] => C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [AVGUI.exe] => C:\Arquivos de programas\AVG\Antivirus\AvLaunch.exe [263232 2017-07-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SDTray] => C:\Arquivos de programas\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\ GbPluginCef: C:\Arquivos de programas\GbPlugin\gbiehCef.dll [2016-09-13] (Caixa Economica Federal)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1214440339-1547161642-725345543-500\...\Run: [Google Update] => C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-1214440339-1547161642-725345543-500\...\Run: [SUPERAntiSpyware] => C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe [6699800 2015-01-31] (SUPERAntiSpyware)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\ARQUIVOS DE PROGRAMAS\GbPlugin\gbiehcef.dll [1903328 2016-09-13] (Caixa Economica Federal)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Arquivos de programas\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy: Restrição ? <==== ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 185.121.177.177 185.121.177.54
Tcpip\..\Interfaces\{9F4C93A1-2D9E-4FDE-AD1D-9C4302E11544}: [NameServer] 185.121.177.177,8.8.4.4
Tcpip\..\Interfaces\{9F4C93A1-2D9E-4FDE-AD1D-9C4302E11544}: [DhcpNameServer] 185.121.177.177 185.121.177.54
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_02¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1QzutCtDyBzz0DtB0BtA0FyE0DyCtDyCtDtDtN0D0Tzu0StCzztAyDtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtAtBzz0B0ByEyEtGtD0EyEyCtGtCzz0B0AtGyEyE0BzytGyEtDyEyEtDyC0Ezy0DyDyDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0CtA0ByByE0E0BtG0Czy0D0CtGyE0E0F0DtG0AyBzz0AtGyBtDtDtA0BtA0BtAyEtDzy0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEyDyC%26cr%3D1637499895%26a%3Dwbf_fsvideosft_17_02%26os_ver%3D5.1%26os%3DWindows%2BXP
HKU\S-1-5-21-1214440339-1547161642-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_02¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1QzutCtDyBzz0DtB0BtA0FyE0DyCtDyCtDtDtN0D0Tzu0StCzztAyDtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtAtBzz0B0ByEyEtGtD0EyEyCtGtCzz0B0AtGyEyE0BzytGyEtDyEyEtDyC0Ezy0DyDyDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0CtA0ByByE0E0BtG0Czy0D0CtGyE0E0F0DtG0AyBzz0AtGyBtDtDtA0BtA0BtAyEtDzy0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEyDyC%26cr%3D1637499895%26a%3Dwbf_fsvideosft_17_02%26os_ver%3D5.1%26os%3DWindows%2BXP
HKU\S-1-5-21-1214440339-1547161642-725345543-500\Software\Microsoft\Internet Explorer\Main,Search Page = &hxxp://home.microsoft.com/intl/br/access/allinone.asp
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_02¶m1=1¶m2=f%3D2%26b%3DIE%26cc%3Dbr%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1QzutCtDyBzz0DtB0BtA0FyE0DyCtDyCtDtDtN0D0Tzu0StCzztAyDtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtAtBzz0B0ByEyEtGtD0EyEyCtGtCzz0B0AtGyEyE0BzytGyEtDyEyEtDyC0Ezy0DyDyDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0CtA0ByByE0E0BtG0Czy0D0CtGyE0E0F0DtG0AyBzz0AtGyBtDtDtA0BtA0BtAyEtDzy0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEyDyC%26cr%3D1637499895%26a%3Dwbf_fsvideosft_17_02%26os_ver%3D5.1%26os%3DWindows%2BXP" <==== ATENÇÃO
HKU\S-1-5-21-1214440339-1547161642-725345543-500\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_02¶m1=1¶m2=f%3D2%26b%3DIE%26cc%3Dbr%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1QzutCtDyBzz0DtB0BtA0FyE0DyCtDyCtDtDtN0D0Tzu0StCzztAyDtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtAtBzz0B0ByEyEtGtD0EyEyCtGtCzz0B0AtGyEyE0BzytGyEtDyEyEtDyC0Ezy0DyDyDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0CtA0ByByE0E0BtG0Czy0D0CtGyE0E0F0DtG0AyBzz0AtGyBtDtDtA0BtA0BtAyEtDzy0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEyDyC%26cr%3D1637499895%26a%3Dwbf_fsvideosft_17_02%26os_ver%3D5.1%26os%3DWindows%2BXP" <==== ATENÇÃO
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_02¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1QzutCtDyBzz0DtB0BtA0FyE0DyCtDyCtDtDtN0D0Tzu0StCzztAyDtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtAtBzz0B0ByEyEtGtD0EyEyCtGtCzz0B0AtGyEyE0BzytGyEtDyEyEtDyC0Ezy0DyDyDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0CtA0ByByE0E0BtG0Czy0D0CtGyE0E0F0DtG0AyBzz0AtGyBtDtDtA0BtA0BtAyEtDzy0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEyDyC%26cr%3D1637499895%26a%3Dwbf_fsvideosft_17_02%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_02¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1QzutCtDyBzz0DtB0BtA0FyE0DyCtDyCtDtDtN0D0Tzu0StCzztAyDtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtAtBzz0B0ByEyEtGtD0EyEyCtGtCzz0B0AtGyEyE0BzytGyEtDyEyEtDyC0Ezy0DyDyDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0CtA0ByByE0E0BtG0Czy0D0CtGyE0E0F0DtG0AyBzz0AtGyBtDtDtA0BtA0BtAyEtDzy0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEyDyC%26cr%3D1637499895%26a%3Dwbf_fsvideosft_17_02%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1214440339-1547161642-725345543-500 -> {0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_02¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1QzutCtDyBzz0DtB0BtA0FyE0DyCtDyCtDtDtN0D0Tzu0StCzztAyDtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtAtBzz0B0ByEyEtGtD0EyEyCtGtCzz0B0AtGyEyE0BzytGyEtDyEyEtDyC0Ezy0DyDyDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0CtA0ByByE0E0BtG0Czy0D0CtGyE0E0F0DtG0AyBzz0AtGyBtDtDtA0BtA0BtAyEtDzy0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEyDyC%26cr%3D1637499895%26a%3Dwbf_fsvideosft_17_02%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1214440339-1547161642-725345543-500 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F4C1CA5F-7D91-49F0-9A37-1EDD3BFC154D}&mid=Unknown&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=1215av&pr=fr&d=2015-12-16 19:35:37&v=4.2.3.128&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: Add-on do navegador para desativação do Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Arquivos de programas\Google\Google Analytics Opt-Out\gaoptout.dll [2014-04-03] (Google, Inc.)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbiehcef.dll [2016-09-13] (Caixa Economica Federal)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default [2017-07-20]
FF NewTab: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default -> about:newtab
FF DefaultSearchEngine: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default -> Yahoo! Powered Search
FF SelectedSearchEngine: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default -> Yahoo! Powered Search
FF Homepage: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default -> hxxp://www.google.com.br
FF Keyword.URL: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default -> user_pref("keyword.URL", true);
FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2017-04-09]
FF Extension: (Download YouTube Videos as MP4) - C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-03-06]
FF Extension: (SearchStatus) - C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default\Extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a}.xpi [2016-05-15]
FF SearchPlugin: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default\searchplugins\yahoo! powered search.xml [2017-01-09]
FF Extension: (Application Update Service Helper) - C:\Arquivos de programas\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi [2017-04-18] [não assinado]
FF Extension: (Site Deployment Checker) - C:\Arquivos de programas\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-18] [não assinado]
FF Extension: (Multi-process staged rollout) - C:\Arquivos de programas\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi [2017-04-18] [não assinado]
FF Extension: (Pocket) - C:\Arquivos de programas\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi [2017-04-18] [não assinado]
FF Extension: (Web Compat) - C:\Arquivos de programas\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi [2017-04-18] [não assinado]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-13] [não assinado]
FF HKU\S-1-5-21-1214440339-1547161642-725345543-500\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\cef\xpi
FF Extension: (GBBD Caixa Economica Federal) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\cef\xpi [2015-01-10] [não assinado]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Arquivos de programas\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Arquivos de programas\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Arquivos de programas\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-1214440339-1547161642-725345543-500: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-1214440339-1547161642-725345543-500: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-1214440339-1547161642-725345543-500: gastecnologia.com.br/sf/cef -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\npsf_cef.dll [2015-01-10] (GAS Tecnologia)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default [2017-07-20]
CHR Extension: (Link to Google Analytics | Shortcut) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\cgbofdajbjpegicggccpealogclcdiap [2016-07-10]
CHR Extension: (MozBar) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2017-05-30]
CHR Extension: (Add-on para desativação do Google Analytics) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-10-04]
CHR Extension: (PageSpeed Insights (by Google)) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli [2014-07-22]
CHR Extension: (Better Battlelog (BBLog)) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma [2016-11-26]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Simet) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nnokjffnngdgfplfmimjioknefmkjfgc [2016-11-02]
CHR Extension: (Check My Links) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf [2017-05-29]
CHR Extension: (Google Publisher Toolbar) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\omioeahgfecgfpfldejlnideemfidnkc [2017-03-01]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1214440339-1547161642-725345543-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\cef\sf.crx [2014-07-26]
CHR HKU\S-1-5-21-1214440339-1547161642-725345543-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: chrome.exe - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.N7C5BFF5D4L4PGMMKU3GB4KAO4 - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S4 !SASCORE; C:\Arquivos de programas\SUPERAntiSpyware\SASCORE.EXE [142648 2014-10-28] (SUPERAntiSpyware.com)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-07-11] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 AVG Antivirus; C:\Arquivos de programas\AVG\Antivirus\AVGSvc.exe [264432 2017-07-19] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Arquivos de programas\AVG\Antivirus\aswidsagent.exe [5866488 2017-07-19] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Arquivos de programas\AVG\Framework\Common\avgsvcx.exe [1189720 2017-07-03] (AVG Technologies CZ, s.r.o.)
S4 DigitalWave.Update.Service; C:\Arquivos de programas\Arquivos comuns\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.) [Arquivo não assinado]
R2 Ds3Service; C:\Arquivos de programas\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [Arquivo não assinado]
R2 GbpSv; C:\Arquivos de programas\GbPlugin\gbpsv.exe [631520 2016-09-13] (GAS Tecnologia)
S2 gupdate; C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
S3 gupdatem; C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
R2 KaraokeService; C:\WINDOWS\system32\KaraokeSer.exe [88688 2010-12-14] (VIA Technologies, Inc.)
R2 LMS; C:\Arquivos de programas\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656 2010-12-20] (Intel Corporation)
S3 MozillaMaintenance; C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe [172488 2017-04-18] (Mozilla Foundation)
S3 NBService; C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [Arquivo não assinado]
S3 ose; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 SDScannerService; C:\Arquivos de programas\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Arquivos de programas\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [Arquivo não assinado]
S2 SDWSCService; C:\Arquivos de programas\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [Arquivo não assinado]
R2 UNS; C:\Arquivos de programas\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280 2010-12-20] (Intel Corporation)
R2 Warsaw Technology; C:\Arquivos de programas\Diebold\Warsaw\core.exe [792112 2016-06-22] (GAS Tecnologia LTDA)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 avgbdisk; C:\WINDOWS\system32\drivers\avgbdiskx.sys [135872 2017-07-19] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdriverx.sys [260616 2017-07-19] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\system32\drivers\avgbidshx.sys [151024 2017-07-19] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\system32\drivers\avgblogx.sys [270344 2017-07-19] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\system32\drivers\avgbunivx.sys [43992 2017-07-19] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\system32\drivers\avgHwid.sys [35264 2017-07-19] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [116344 2017-07-19] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\system32\drivers\avgRdr.sys [62528 2017-07-19] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [63280 2017-07-19] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [766728 2017-07-19] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [489416 2017-07-19] (AVG Technologies CZ, s.r.o.)
R3 avgStmXP; C:\WINDOWS\system32\drivers\avgStmXP.sys [195128 2017-07-19] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [288728 2017-07-19] (AVG Technologies CZ, s.r.o.)
R0 GbpKm; C:\WINDOWS\System32\drivers\gbpkm.sys [49496 2015-09-03] (GAS Tecnologia)
R3 L1c; C:\WINDOWS\System32\DRIVERS\l1c51x86.sys [62576 2010-09-27] (Atheros Communications, Inc.)
R3 MEI; C:\WINDOWS\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
S3 Ndisrd; C:\WINDOWS\System32\DRIVERS\gbpndisrd.sys [31448 2017-07-20] (GAS Tecnologia)
R3 NdisrdMP; C:\WINDOWS\System32\DRIVERS\gbpndisrd.sys [31448 2017-07-20] (GAS Tecnologia)
R1 SASDIFSV; C:\Arquivos de programas\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Arquivos de programas\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 ScpVBus; C:\WINDOWS\System32\DRIVERS\ScpVBus.sys [33024 2013-05-19] (Scarlet.Crush Productions)
S3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [30720 2013-07-24] (Elaborate Bytes AG) [Arquivo não assinado]
R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [2152944 2010-12-14] (VIA Technologies, Inc.)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [80728 2017-07-20] (GAS Tecnologia)
S1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [79064 2015-03-18] (GAS Tecnologia)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-07-20 14:11 - 2017-07-20 14:14 - 00000000 ____D C:\FRST
2017-07-20 00:47 - 2017-07-20 00:47 - 00106496 _____ C:\WINDOWS\Minidump\Mini072017-01.dmp
2017-07-19 16:32 - 2017-07-20 11:31 - 00037473 _____ C:\Documents and Settings\Administrador\Desktop\treino-de-tiro-para-jogos-fps.php
2017-07-19 12:16 - 2017-07-19 12:16 - 00304400 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2017-07-19 00:07 - 2017-01-10 12:43 - 00000776 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20170719-000733.backup
2017-07-18 23:41 - 2017-07-18 23:41 - 00000000 ____D C:\Arquivos de programas\Arquivos comuns\AV
2017-07-18 23:40 - 2017-07-18 23:40 - 00000000 ____D C:\Documents and Settings\LocalService\Menu Iniciar\Programas
2017-07-18 23:40 - 2017-07-18 23:40 - 00000000 ____D C:\Documents and Settings\LocalService\Menu Iniciar
2017-07-18 23:38 - 2017-07-20 10:28 - 00000660 _____ C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2017-07-18 23:38 - 2017-07-19 00:30 - 00000632 _____ C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2017-07-18 23:38 - 2017-07-18 23:38 - 00000462 _____ C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
2017-07-18 23:36 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean.exe
2017-07-18 23:33 - 2017-07-18 23:33 - 00000087 _____ C:\WINDOWS\wininit.ini
2017-07-16 12:47 - 2017-07-17 21:16 - 00000018 _____ C:\Documents and Settings\Administrador\Desktop\reotimizando-imagens.txt
2017-07-16 11:30 - 2017-07-20 13:38 - 00003872 _____ C:\Documents and Settings\Administrador\Desktop\.htaccess
2017-07-16 02:06 - 2017-07-16 02:06 - 00000472 _____ C:\WINDOWS\alceia.zip
2017-07-11 15:00 - 2017-07-11 15:00 - 00030906 _____ C:\Documents and Settings\Administrador\Desktop\template-imagem-grande-post-face.psd
2017-07-10 12:29 - 2017-07-10 12:29 - 01081528 _____ C:\Documents and Settings\Administrador\Meus documentos\favoritos_10_07_17.html
2017-06-30 10:28 - 2017-06-30 10:28 - 00000000 __SHD C:\Documents and Settings\Administrador\IECompatCache
2017-05-29 16:18 - 2017-07-17 17:30 - 00000000 ____D C:\Documents and Settings\All Users\Menu Iniciar\Programas\AVG
2017-05-26 20:06 - 2017-07-20 12:16 - 00000312 ____H C:\WINDOWS\Tasks\Antivirus Emergency Update.job
2017-05-26 20:06 - 2017-07-19 12:16 - 00766728 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2017-05-26 20:06 - 2017-07-19 12:16 - 00489416 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2017-05-26 20:06 - 2017-07-19 12:16 - 00288728 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2017-05-26 20:06 - 2017-07-19 12:16 - 00195128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStmXP.sys
2017-05-26 20:06 - 2017-07-19 12:16 - 00116344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmonflt.sys
2017-05-26 20:06 - 2017-07-19 12:16 - 00063280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2017-05-26 20:06 - 2017-07-19 12:16 - 00062528 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr.sys
2017-05-26 20:06 - 2017-07-19 12:16 - 00035264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2017-05-26 20:06 - 2017-07-19 12:15 - 00270344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgblogx.sys
2017-05-26 20:06 - 2017-07-19 12:15 - 00260616 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriverx.sys
2017-05-26 20:06 - 2017-07-19 12:15 - 00151024 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidshx.sys
2017-05-26 20:06 - 2017-07-19 12:15 - 00135872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiskx.sys
2017-05-26 20:06 - 2017-07-19 12:15 - 00043992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbunivx.sys
2017-05-26 19:47 - 2017-05-26 19:47 - 00000000 _____ C:\WINDOWS\system32\last.dump
2017-05-15 21:53 - 2017-05-15 21:53 - 00000084 _____ C:\Documents and Settings\Administrador\Meus documentos\protocolo-anatel.txt
2017-05-10 21:18 - 2017-07-12 00:36 - 00000000 ____D C:\Documents and Settings\Administrador\Desktop\imagens
2017-05-10 21:17 - 2017-07-14 21:34 - 00000000 ____D C:\Documents and Settings\Administrador\Desktop\TXT
2017-05-10 12:43 - 2017-05-10 12:43 - 00000253 _____ C:\Documents and Settings\Administrador\Meus documentos\texto-post-fixo-face.txt
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-07-20 14:14 - 2013-10-08 15:37 - 00000000 ____D C:\Documents and Settings\Administrador\Configurações locais\Temp
2017-07-20 13:59 - 2013-10-09 18:33 - 00001200 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-1547161642-725345543-500UA.job
2017-07-20 13:30 - 2014-01-05 10:41 - 00001072 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-07-20 13:27 - 2013-11-08 21:11 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-07-20 10:30 - 2016-01-13 20:29 - 00080728 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2017-07-20 10:30 - 2014-07-22 12:09 - 00000000 ____D C:\Arquivos de programas\SUPERAntiSpyware
2017-07-20 10:29 - 2013-10-10 08:31 - 00031448 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\GbpNdisrd.sys
2017-07-20 10:29 - 2013-10-10 08:30 - 00000000 ____D C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin
2017-07-20 10:28 - 2016-09-20 21:21 - 00000330 ____H C:\WINDOWS\Tasks\AVG EUpdate Task.job
2017-07-20 10:28 - 2014-03-09 17:37 - 00000238 _____ C:\WINDOWS\Tasks\Logon para Notificação de Término de Serviço do Microsoft Windows XP.job
2017-07-20 10:28 - 2014-01-05 10:41 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-07-20 10:28 - 2013-10-08 15:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-20 00:51 - 2013-10-08 15:37 - 00032448 _____ C:\WINDOWS\SchedLgU.Txt
2017-07-20 00:51 - 2013-10-08 15:37 - 00000210 ___SH C:\Documents and Settings\Administrador\ntuser.ini
2017-07-20 00:51 - 2013-10-08 15:37 - 00000000 ____D C:\Documents and Settings\Administrador
2017-07-20 00:47 - 2013-12-28 18:48 - 00000000 ____D C:\WINDOWS\Minidump
2017-07-19 23:59 - 2013-10-09 18:33 - 00001148 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-1547161642-725345543-500Core.job
2017-07-19 12:17 - 2013-10-08 12:18 - 00000000 ___HD C:\WINDOWS\inf
2017-07-19 00:02 - 2013-10-09 18:50 - 00000000 ____D C:\Documents and Settings\All Users\Menu Iniciar\Programas\ULTILITARIOS
2017-07-19 00:02 - 2013-10-08 12:23 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Iniciar\Programas
2017-07-18 23:42 - 2014-02-05 11:53 - 00000000 ____D C:\Arquivos de programas\Spybot - Search & Destroy 2
2017-07-18 23:41 - 2013-10-08 12:23 - 00000000 ____D C:\Arquivos de programas\Arquivos comuns
2017-07-18 23:40 - 2013-10-08 15:37 - 00000000 __SHD C:\Documents and Settings\LocalService
2017-07-18 23:36 - 2014-02-05 11:53 - 00000000 ____D C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy
2017-07-18 23:34 - 2014-02-05 11:53 - 00524288 _____ C:\WINDOWS\system32\config\SpybotSD.evt
2017-07-17 20:13 - 2013-10-08 12:22 - 00000000 __RHD C:\Documents and Settings\All Users\Dados de aplicativos
2017-07-15 23:30 - 2013-10-08 15:37 - 00000000 ___HD C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos
2017-07-13 10:15 - 2013-10-12 16:20 - 00000122 _____ C:\Documents and Settings\Administrador\default.pls
2017-07-13 10:11 - 2013-10-12 16:18 - 00000116 _____ C:\WINDOWS\NeroDigital.ini
2017-07-11 20:27 - 2013-11-08 21:11 - 00803328 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-07-11 20:27 - 2013-11-08 21:11 - 00144896 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-07-11 20:27 - 2013-10-08 15:31 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-07-10 12:29 - 2013-10-08 15:37 - 00000000 ___RD C:\Documents and Settings\Administrador\Meus documentos
2017-07-03 17:57 - 2015-05-21 12:47 - 00000000 ____D C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Avg
2017-06-27 11:57 - 2013-10-08 12:21 - 00000239 ___SH C:\boot.ini
2017-06-27 11:57 - 2001-10-28 15:07 - 00000615 _____ C:\WINDOWS\win.ini
2017-06-27 11:57 - 2001-10-28 15:07 - 00000227 _____ C:\WINDOWS\system.ini
2017-06-27 11:50 - 2015-12-01 20:36 - 00423680 _____ C:\WINDOWS\ntbtlog.txt
==================== Arquivos na raiz de alguns diretórios =======
2014-04-30 14:30 - 2014-04-30 14:30 - 0018019 _____ () C:\Documents and Settings\Administrador\Dados de aplicativos\unins000.dat
2014-04-30 14:30 - 2014-04-30 14:29 - 0730834 _____ () C:\Documents and Settings\Administrador\Dados de aplicativos\unins000.exe
2013-10-10 09:18 - 2017-01-10 14:14 - 0011776 _____ () C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
==================== Fim de FRST.txt ============================
Executado por Administrador (administrador) em WEBMASTER (20-07-2017 14:14:36)
Executando a partir de E:\Programas Web\Novos 13\Indicado-imasters-forum
Perfis Carregados: Administrador (Perfis Disponíveis: Administrador)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Idioma: Português (Brasil)
Internet Explorer Versão 8 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\ARQUIV~1\GbPlugin\gbpsv.exe
(AVG Technologies CZ, s.r.o.) C:\Arquivos de programas\AVG\Antivirus\AVGSvc.exe
(GAS Tecnologia) C:\ARQUIV~1\GbPlugin\gbpsv.exe
(AVG Technologies CZ, s.r.o.) C:\Arquivos de programas\AVG\Framework\Common\avgsvcx.exe
(Scarlet.Crush Productions) C:\Arquivos de programas\ScpServer\bin\ScpService.exe
(VIA Technologies, Inc.) C:\WINDOWS\system32\KaraokeSer.exe
(Intel Corporation) C:\Arquivos de programas\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Safer-Networking Ltd.) C:\Arquivos de programas\Spybot - Search & Destroy 2\SDFSSvc.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Microsoft Corporation) C:\Arquivos de programas\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Safer-Networking Ltd.) C:\Arquivos de programas\Spybot - Search & Destroy 2\SDTray.exe
(AVG Technologies CZ, s.r.o.) C:\Arquivos de programas\AVG\Framework\Common\avguix.exe
(SUPERAntiSpyware) C:\Arquivos de programas\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(AVG Technologies CZ, s.r.o.) C:\Arquivos de programas\AVG\Antivirus\AVGUI.exe
(Intel Corporation) C:\Arquivos de programas\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(GAS Tecnologia LTDA) C:\Arquivos de programas\Diebold\Warsaw\core.exe
(AVG Technologies CZ, s.r.o.) C:\Arquivos de programas\AVG\Antivirus\aswidsagent.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
==================== Registro (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [XboxStat] => C:\Arquivos de programas\Microsoft Xbox 360 Accessories\XboxStat.exe [718688 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [AvgUi] => C:\Arquivos de programas\AVG\Framework\Common\avguirnx.exe [220288 2017-07-03] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [ISUSPM Startup] => C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\isuspm.exe [249856 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [NeroFilterCheck] => C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [ISUSScheduler] => C:\Arquivos de programas\Arquivos comuns\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [AVGUI.exe] => C:\Arquivos de programas\AVG\Antivirus\AvLaunch.exe [263232 2017-07-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SDTray] => C:\Arquivos de programas\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\ GbPluginCef: C:\Arquivos de programas\GbPlugin\gbiehCef.dll [2016-09-13] (Caixa Economica Federal)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1214440339-1547161642-725345543-500\...\Run: [Google Update] => C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-04-28] (Google Inc.)
HKU\S-1-5-21-1214440339-1547161642-725345543-500\...\Run: [SUPERAntiSpyware] => C:\Arquivos de programas\SUPERAntiSpyware\SUPERAntiSpyware.exe [6699800 2015-01-31] (SUPERAntiSpyware)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\ARQUIVOS DE PROGRAMAS\GbPlugin\gbiehcef.dll [1903328 2016-09-13] (Caixa Economica Federal)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Arquivos de programas\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy: Restrição ? <==== ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <==== ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 185.121.177.177 185.121.177.54
Tcpip\..\Interfaces\{9F4C93A1-2D9E-4FDE-AD1D-9C4302E11544}: [NameServer] 185.121.177.177,8.8.4.4
Tcpip\..\Interfaces\{9F4C93A1-2D9E-4FDE-AD1D-9C4302E11544}: [DhcpNameServer] 185.121.177.177 185.121.177.54
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_02¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1QzutCtDyBzz0DtB0BtA0FyE0DyCtDyCtDtDtN0D0Tzu0StCzztAyDtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtAtBzz0B0ByEyEtGtD0EyEyCtGtCzz0B0AtGyEyE0BzytGyEtDyEyEtDyC0Ezy0DyDyDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0CtA0ByByE0E0BtG0Czy0D0CtGyE0E0F0DtG0AyBzz0AtGyBtDtDtA0BtA0BtAyEtDzy0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEyDyC%26cr%3D1637499895%26a%3Dwbf_fsvideosft_17_02%26os_ver%3D5.1%26os%3DWindows%2BXP
HKU\S-1-5-21-1214440339-1547161642-725345543-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_02¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1QzutCtDyBzz0DtB0BtA0FyE0DyCtDyCtDtDtN0D0Tzu0StCzztAyDtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtAtBzz0B0ByEyEtGtD0EyEyCtGtCzz0B0AtGyEyE0BzytGyEtDyEyEtDyC0Ezy0DyDyDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0CtA0ByByE0E0BtG0Czy0D0CtGyE0E0F0DtG0AyBzz0AtGyBtDtDtA0BtA0BtAyEtDzy0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEyDyC%26cr%3D1637499895%26a%3Dwbf_fsvideosft_17_02%26os_ver%3D5.1%26os%3DWindows%2BXP
HKU\S-1-5-21-1214440339-1547161642-725345543-500\Software\Microsoft\Internet Explorer\Main,Search Page = &hxxp://home.microsoft.com/intl/br/access/allinone.asp
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_02¶m1=1¶m2=f%3D2%26b%3DIE%26cc%3Dbr%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1QzutCtDyBzz0DtB0BtA0FyE0DyCtDyCtDtDtN0D0Tzu0StCzztAyDtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtAtBzz0B0ByEyEtGtD0EyEyCtGtCzz0B0AtGyEyE0BzytGyEtDyEyEtDyC0Ezy0DyDyDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0CtA0ByByE0E0BtG0Czy0D0CtGyE0E0F0DtG0AyBzz0AtGyBtDtDtA0BtA0BtAyEtDzy0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEyDyC%26cr%3D1637499895%26a%3Dwbf_fsvideosft_17_02%26os_ver%3D5.1%26os%3DWindows%2BXP" <==== ATENÇÃO
HKU\S-1-5-21-1214440339-1547161642-725345543-500\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_02¶m1=1¶m2=f%3D2%26b%3DIE%26cc%3Dbr%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1QzutCtDyBzz0DtB0BtA0FyE0DyCtDyCtDtDtN0D0Tzu0StCzztAyDtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtAtBzz0B0ByEyEtGtD0EyEyCtGtCzz0B0AtGyEyE0BzytGyEtDyEyEtDyC0Ezy0DyDyDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0CtA0ByByE0E0BtG0Czy0D0CtGyE0E0F0DtG0AyBzz0AtGyBtDtDtA0BtA0BtAyEtDzy0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEyDyC%26cr%3D1637499895%26a%3Dwbf_fsvideosft_17_02%26os_ver%3D5.1%26os%3DWindows%2BXP" <==== ATENÇÃO
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_02¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1QzutCtDyBzz0DtB0BtA0FyE0DyCtDyCtDtDtN0D0Tzu0StCzztAyDtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtAtBzz0B0ByEyEtGtD0EyEyCtGtCzz0B0AtGyEyE0BzytGyEtDyEyEtDyC0Ezy0DyDyDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0CtA0ByByE0E0BtG0Czy0D0CtGyE0E0F0DtG0AyBzz0AtGyBtDtDtA0BtA0BtAyEtDzy0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEyDyC%26cr%3D1637499895%26a%3Dwbf_fsvideosft_17_02%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_02¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1QzutCtDyBzz0DtB0BtA0FyE0DyCtDyCtDtDtN0D0Tzu0StCzztAyDtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtAtBzz0B0ByEyEtGtD0EyEyCtGtCzz0B0AtGyEyE0BzytGyEtDyEyEtDyC0Ezy0DyDyDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0CtA0ByByE0E0BtG0Czy0D0CtGyE0E0F0DtG0AyBzz0AtGyBtDtDtA0BtA0BtAyEtDzy0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEyDyC%26cr%3D1637499895%26a%3Dwbf_fsvideosft_17_02%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1214440339-1547161642-725345543-500 -> {0CE02FFA-A6B0-46F6-BA2F-BD32C3630126} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_17_02¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3Dwinyahoo%26cd%3D2XzuyEtN2Y1L1QzutCtDyBzz0DtB0BtA0FyE0DyCtDyCtDtDtN0D0Tzu0StCzztAyDtN1L2XzutAtFtByEtFtByBtFyDtDtN1L1Czu1BtBtN1L1G1B1V1N2Y1L1Qzu2SyEtAtBzz0B0ByEyEtGtD0EyEyCtGtCzz0B0AtGyEyE0BzytGyEtDyEyEtDyC0Ezy0DyDyDzy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0CtA0ByByE0E0BtG0Czy0D0CtGyE0E0F0DtG0AyBzz0AtGyBtDtDtA0BtA0BtAyEtDzy0F2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtCyEyDyC%26cr%3D1637499895%26a%3Dwbf_fsvideosft_17_02%26os_ver%3D5.1%26os%3DWindows%2BXP&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1214440339-1547161642-725345543-500 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={F4C1CA5F-7D91-49F0-9A37-1EDD3BFC154D}&mid=Unknown&lang=pt-br&ds=AVG&coid=avgtbavg&cmpid=1215av&pr=fr&d=2015-12-16 19:35:37&v=4.2.3.128&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO: Add-on do navegador para desativação do Google Analytics -> {75EF13CE-B59E-41ba-8A5A-A944031BD8B4} -> C:\Arquivos de programas\Google\Google Analytics Opt-Out\gaoptout.dll [2014-04-03] (Google, Inc.)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\ARQUIVOS DE PROGRAMAS\GBPLUGIN\gbiehcef.dll [2016-09-13] (Caixa Economica Federal)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default [2017-07-20]
FF NewTab: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default -> about:newtab
FF DefaultSearchEngine: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default -> Yahoo! Powered Search
FF SelectedSearchEngine: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default -> Yahoo! Powered Search
FF Homepage: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default -> hxxp://www.google.com.br
FF Keyword.URL: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default -> user_pref("keyword.URL", true);
FF Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default\Extensions\{6d96bb5e-1175-4ebf-8ab5-5f56f1c79f65}.xpi [2017-04-09]
FF Extension: (Download YouTube Videos as MP4) - C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2017-03-06]
FF Extension: (SearchStatus) - C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default\Extensions\{d57c9ff1-6389-48fc-b770-f78bd89b6e8a}.xpi [2016-05-15]
FF SearchPlugin: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\5zkkgn5b.default\searchplugins\yahoo! powered search.xml [2017-01-09]
FF Extension: (Application Update Service Helper) - C:\Arquivos de programas\Mozilla Firefox\browser\features\aushelper@mozilla.org.xpi [2017-04-18] [não assinado]
FF Extension: (Site Deployment Checker) - C:\Arquivos de programas\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-18] [não assinado]
FF Extension: (Multi-process staged rollout) - C:\Arquivos de programas\Mozilla Firefox\browser\features\e10srollout@mozilla.org.xpi [2017-04-18] [não assinado]
FF Extension: (Pocket) - C:\Arquivos de programas\Mozilla Firefox\browser\features\firefox@getpocket.com.xpi [2017-04-18] [não assinado]
FF Extension: (Web Compat) - C:\Arquivos de programas\Mozilla Firefox\browser\features\webcompat@mozilla.org.xpi [2017-04-18] [não assinado]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-10-13] [não assinado]
FF HKU\S-1-5-21-1214440339-1547161642-725345543-500\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\cef\xpi
FF Extension: (GBBD Caixa Economica Federal) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\cef\xpi [2015-01-10] [não assinado]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Arquivos de programas\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Arquivos de programas\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Arquivos de programas\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-1214440339-1547161642-725345543-500: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-1214440339-1547161642-725345543-500: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-1214440339-1547161642-725345543-500: gastecnologia.com.br/sf/cef -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\npsf_cef.dll [2015-01-10] (GAS Tecnologia)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.google.com.br/"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default [2017-07-20]
CHR Extension: (Link to Google Analytics | Shortcut) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\cgbofdajbjpegicggccpealogclcdiap [2016-07-10]
CHR Extension: (MozBar) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2017-05-30]
CHR Extension: (Add-on para desativação do Google Analytics) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2014-10-04]
CHR Extension: (PageSpeed Insights (by Google)) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\gplegfbjlmmehdoakndmohflojccocli [2014-07-22]
CHR Extension: (Better Battlelog (BBLog)) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma [2016-11-26]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Simet) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nnokjffnngdgfplfmimjioknefmkjfgc [2016-11-02]
CHR Extension: (Check My Links) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\ojkcdipcgfaekbeaelaapakgnjflfglf [2017-05-29]
CHR Extension: (Google Publisher Toolbar) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\omioeahgfecgfpfldejlnideemfidnkc [2017-03-01]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1214440339-1547161642-725345543-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\cef\sf.crx [2014-07-26]
CHR HKU\S-1-5-21-1214440339-1547161642-725345543-500\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: chrome.exe - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.N7C5BFF5D4L4PGMMKU3GB4KAO4 - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
==================== Serviços (Whitelisted) ====================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S4 !SASCORE; C:\Arquivos de programas\SUPERAntiSpyware\SASCORE.EXE [142648 2014-10-28] (SUPERAntiSpyware.com)
S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-07-11] (Adobe Systems Incorporated) [Arquivo não assinado]
R2 AVG Antivirus; C:\Arquivos de programas\AVG\Antivirus\AVGSvc.exe [264432 2017-07-19] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Arquivos de programas\AVG\Antivirus\aswidsagent.exe [5866488 2017-07-19] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Arquivos de programas\AVG\Framework\Common\avgsvcx.exe [1189720 2017-07-03] (AVG Technologies CZ, s.r.o.)
S4 DigitalWave.Update.Service; C:\Arquivos de programas\Arquivos comuns\DVDVideoSoft\lib\app_updater.exe [437224 2016-10-27] (Digital Wave Ltd.) [Arquivo não assinado]
R2 Ds3Service; C:\Arquivos de programas\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [Arquivo não assinado]
R2 GbpSv; C:\Arquivos de programas\GbPlugin\gbpsv.exe [631520 2016-09-13] (GAS Tecnologia)
S2 gupdate; C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
S3 gupdatem; C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
R2 KaraokeService; C:\WINDOWS\system32\KaraokeSer.exe [88688 2010-12-14] (VIA Technologies, Inc.)
R2 LMS; C:\Arquivos de programas\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [325656 2010-12-20] (Intel Corporation)
S3 MozillaMaintenance; C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe [172488 2017-04-18] (Mozilla Foundation)
S3 NBService; C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2006-11-10] (Nero AG) [Arquivo não assinado]
S3 ose; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 SDScannerService; C:\Arquivos de programas\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Arquivos de programas\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [Arquivo não assinado]
S2 SDWSCService; C:\Arquivos de programas\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [Arquivo não assinado]
R2 UNS; C:\Arquivos de programas\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280 2010-12-20] (Intel Corporation)
R2 Warsaw Technology; C:\Arquivos de programas\Diebold\Warsaw\core.exe [792112 2016-06-22] (GAS Tecnologia LTDA)
===================== Drivers (Whitelisted) ======================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 avgbdisk; C:\WINDOWS\system32\drivers\avgbdiskx.sys [135872 2017-07-19] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\WINDOWS\system32\drivers\avgbidsdriverx.sys [260616 2017-07-19] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\WINDOWS\system32\drivers\avgbidshx.sys [151024 2017-07-19] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\WINDOWS\system32\drivers\avgblogx.sys [270344 2017-07-19] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\WINDOWS\system32\drivers\avgbunivx.sys [43992 2017-07-19] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\WINDOWS\system32\drivers\avgHwid.sys [35264 2017-07-19] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\WINDOWS\system32\drivers\avgMonFlt.sys [116344 2017-07-19] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\WINDOWS\system32\drivers\avgRdr.sys [62528 2017-07-19] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\WINDOWS\system32\drivers\avgRvrt.sys [63280 2017-07-19] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\WINDOWS\system32\drivers\avgSnx.sys [766728 2017-07-19] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\WINDOWS\system32\drivers\avgSP.sys [489416 2017-07-19] (AVG Technologies CZ, s.r.o.)
R3 avgStmXP; C:\WINDOWS\system32\drivers\avgStmXP.sys [195128 2017-07-19] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\WINDOWS\system32\drivers\avgVmm.sys [288728 2017-07-19] (AVG Technologies CZ, s.r.o.)
R0 GbpKm; C:\WINDOWS\System32\drivers\gbpkm.sys [49496 2015-09-03] (GAS Tecnologia)
R3 L1c; C:\WINDOWS\System32\DRIVERS\l1c51x86.sys [62576 2010-09-27] (Atheros Communications, Inc.)
R3 MEI; C:\WINDOWS\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
S3 Ndisrd; C:\WINDOWS\System32\DRIVERS\gbpndisrd.sys [31448 2017-07-20] (GAS Tecnologia)
R3 NdisrdMP; C:\WINDOWS\System32\DRIVERS\gbpndisrd.sys [31448 2017-07-20] (GAS Tecnologia)
R1 SASDIFSV; C:\Arquivos de programas\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Arquivos de programas\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 ScpVBus; C:\WINDOWS\System32\DRIVERS\ScpVBus.sys [33024 2013-05-19] (Scarlet.Crush Productions)
S3 VClone; C:\WINDOWS\System32\DRIVERS\VClone.sys [30720 2013-07-24] (Elaborate Bytes AG) [Arquivo não assinado]
R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [2152944 2010-12-14] (VIA Technologies, Inc.)
R1 wsddfac; C:\WINDOWS\System32\drivers\wsddfac.sys [80728 2017-07-20] (GAS Tecnologia)
S1 wsddpp; C:\WINDOWS\system32\drivers\wsddpp.sys [79064 2015-03-18] (GAS Tecnologia)
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-07-20 14:11 - 2017-07-20 14:14 - 00000000 ____D C:\FRST
2017-07-20 00:47 - 2017-07-20 00:47 - 00106496 _____ C:\WINDOWS\Minidump\Mini072017-01.dmp
2017-07-19 16:32 - 2017-07-20 11:31 - 00037473 _____ C:\Documents and Settings\Administrador\Desktop\treino-de-tiro-para-jogos-fps.php
2017-07-19 12:16 - 2017-07-19 12:16 - 00304400 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
2017-07-19 00:07 - 2017-01-10 12:43 - 00000776 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20170719-000733.backup
2017-07-18 23:41 - 2017-07-18 23:41 - 00000000 ____D C:\Arquivos de programas\Arquivos comuns\AV
2017-07-18 23:40 - 2017-07-18 23:40 - 00000000 ____D C:\Documents and Settings\LocalService\Menu Iniciar\Programas
2017-07-18 23:40 - 2017-07-18 23:40 - 00000000 ____D C:\Documents and Settings\LocalService\Menu Iniciar
2017-07-18 23:38 - 2017-07-20 10:28 - 00000660 _____ C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2017-07-18 23:38 - 2017-07-19 00:30 - 00000632 _____ C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2017-07-18 23:38 - 2017-07-18 23:38 - 00000462 _____ C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
2017-07-18 23:36 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean.exe
2017-07-18 23:33 - 2017-07-18 23:33 - 00000087 _____ C:\WINDOWS\wininit.ini
2017-07-16 12:47 - 2017-07-17 21:16 - 00000018 _____ C:\Documents and Settings\Administrador\Desktop\reotimizando-imagens.txt
2017-07-16 11:30 - 2017-07-20 13:38 - 00003872 _____ C:\Documents and Settings\Administrador\Desktop\.htaccess
2017-07-16 02:06 - 2017-07-16 02:06 - 00000472 _____ C:\WINDOWS\alceia.zip
2017-07-11 15:00 - 2017-07-11 15:00 - 00030906 _____ C:\Documents and Settings\Administrador\Desktop\template-imagem-grande-post-face.psd
2017-07-10 12:29 - 2017-07-10 12:29 - 01081528 _____ C:\Documents and Settings\Administrador\Meus documentos\favoritos_10_07_17.html
2017-06-30 10:28 - 2017-06-30 10:28 - 00000000 __SHD C:\Documents and Settings\Administrador\IECompatCache
2017-05-29 16:18 - 2017-07-17 17:30 - 00000000 ____D C:\Documents and Settings\All Users\Menu Iniciar\Programas\AVG
2017-05-26 20:06 - 2017-07-20 12:16 - 00000312 ____H C:\WINDOWS\Tasks\Antivirus Emergency Update.job
2017-05-26 20:06 - 2017-07-19 12:16 - 00766728 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
2017-05-26 20:06 - 2017-07-19 12:16 - 00489416 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
2017-05-26 20:06 - 2017-07-19 12:16 - 00288728 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
2017-05-26 20:06 - 2017-07-19 12:16 - 00195128 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgStmXP.sys
2017-05-26 20:06 - 2017-07-19 12:16 - 00116344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmonflt.sys
2017-05-26 20:06 - 2017-07-19 12:16 - 00063280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
2017-05-26 20:06 - 2017-07-19 12:16 - 00062528 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRdr.sys
2017-05-26 20:06 - 2017-07-19 12:16 - 00035264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
2017-05-26 20:06 - 2017-07-19 12:15 - 00270344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgblogx.sys
2017-05-26 20:06 - 2017-07-19 12:15 - 00260616 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriverx.sys
2017-05-26 20:06 - 2017-07-19 12:15 - 00151024 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidshx.sys
2017-05-26 20:06 - 2017-07-19 12:15 - 00135872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiskx.sys
2017-05-26 20:06 - 2017-07-19 12:15 - 00043992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbunivx.sys
2017-05-26 19:47 - 2017-05-26 19:47 - 00000000 _____ C:\WINDOWS\system32\last.dump
2017-05-15 21:53 - 2017-05-15 21:53 - 00000084 _____ C:\Documents and Settings\Administrador\Meus documentos\protocolo-anatel.txt
2017-05-10 21:18 - 2017-07-12 00:36 - 00000000 ____D C:\Documents and Settings\Administrador\Desktop\imagens
2017-05-10 21:17 - 2017-07-14 21:34 - 00000000 ____D C:\Documents and Settings\Administrador\Desktop\TXT
2017-05-10 12:43 - 2017-05-10 12:43 - 00000253 _____ C:\Documents and Settings\Administrador\Meus documentos\texto-post-fixo-face.txt
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2017-07-20 14:14 - 2013-10-08 15:37 - 00000000 ____D C:\Documents and Settings\Administrador\Configurações locais\Temp
2017-07-20 13:59 - 2013-10-09 18:33 - 00001200 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-1547161642-725345543-500UA.job
2017-07-20 13:30 - 2014-01-05 10:41 - 00001072 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-07-20 13:27 - 2013-11-08 21:11 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-07-20 10:30 - 2016-01-13 20:29 - 00080728 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\wsddfac.sys
2017-07-20 10:30 - 2014-07-22 12:09 - 00000000 ____D C:\Arquivos de programas\SUPERAntiSpyware
2017-07-20 10:29 - 2013-10-10 08:31 - 00031448 _____ (GAS Tecnologia) C:\WINDOWS\system32\Drivers\GbpNdisrd.sys
2017-07-20 10:29 - 2013-10-10 08:30 - 00000000 ____D C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin
2017-07-20 10:28 - 2016-09-20 21:21 - 00000330 ____H C:\WINDOWS\Tasks\AVG EUpdate Task.job
2017-07-20 10:28 - 2014-03-09 17:37 - 00000238 _____ C:\WINDOWS\Tasks\Logon para Notificação de Término de Serviço do Microsoft Windows XP.job
2017-07-20 10:28 - 2014-01-05 10:41 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-07-20 10:28 - 2013-10-08 15:37 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-20 00:51 - 2013-10-08 15:37 - 00032448 _____ C:\WINDOWS\SchedLgU.Txt
2017-07-20 00:51 - 2013-10-08 15:37 - 00000210 ___SH C:\Documents and Settings\Administrador\ntuser.ini
2017-07-20 00:51 - 2013-10-08 15:37 - 00000000 ____D C:\Documents and Settings\Administrador
2017-07-20 00:47 - 2013-12-28 18:48 - 00000000 ____D C:\WINDOWS\Minidump
2017-07-19 23:59 - 2013-10-09 18:33 - 00001148 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-1547161642-725345543-500Core.job
2017-07-19 12:17 - 2013-10-08 12:18 - 00000000 ___HD C:\WINDOWS\inf
2017-07-19 00:02 - 2013-10-09 18:50 - 00000000 ____D C:\Documents and Settings\All Users\Menu Iniciar\Programas\ULTILITARIOS
2017-07-19 00:02 - 2013-10-08 12:23 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Iniciar\Programas
2017-07-18 23:42 - 2014-02-05 11:53 - 00000000 ____D C:\Arquivos de programas\Spybot - Search & Destroy 2
2017-07-18 23:41 - 2013-10-08 12:23 - 00000000 ____D C:\Arquivos de programas\Arquivos comuns
2017-07-18 23:40 - 2013-10-08 15:37 - 00000000 __SHD C:\Documents and Settings\LocalService
2017-07-18 23:36 - 2014-02-05 11:53 - 00000000 ____D C:\Documents and Settings\All Users\Dados de aplicativos\Spybot - Search & Destroy
2017-07-18 23:34 - 2014-02-05 11:53 - 00524288 _____ C:\WINDOWS\system32\config\SpybotSD.evt
2017-07-17 20:13 - 2013-10-08 12:22 - 00000000 __RHD C:\Documents and Settings\All Users\Dados de aplicativos
2017-07-15 23:30 - 2013-10-08 15:37 - 00000000 ___HD C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos
2017-07-13 10:15 - 2013-10-12 16:20 - 00000122 _____ C:\Documents and Settings\Administrador\default.pls
2017-07-13 10:11 - 2013-10-12 16:18 - 00000116 _____ C:\WINDOWS\NeroDigital.ini
2017-07-11 20:27 - 2013-11-08 21:11 - 00803328 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-07-11 20:27 - 2013-11-08 21:11 - 00144896 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-07-11 20:27 - 2013-10-08 15:31 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-07-10 12:29 - 2013-10-08 15:37 - 00000000 ___RD C:\Documents and Settings\Administrador\Meus documentos
2017-07-03 17:57 - 2015-05-21 12:47 - 00000000 ____D C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Avg
2017-06-27 11:57 - 2013-10-08 12:21 - 00000239 ___SH C:\boot.ini
2017-06-27 11:57 - 2001-10-28 15:07 - 00000615 _____ C:\WINDOWS\win.ini
2017-06-27 11:57 - 2001-10-28 15:07 - 00000227 _____ C:\WINDOWS\system.ini
2017-06-27 11:50 - 2015-12-01 20:36 - 00423680 _____ C:\WINDOWS\ntbtlog.txt
==================== Arquivos na raiz de alguns diretórios =======
2014-04-30 14:30 - 2014-04-30 14:30 - 0018019 _____ () C:\Documents and Settings\Administrador\Dados de aplicativos\unins000.dat
2014-04-30 14:30 - 2014-04-30 14:29 - 0730834 _____ () C:\Documents and Settings\Administrador\Dados de aplicativos\unins000.exe
2013-10-10 09:18 - 2017-01-10 14:14 - 0011776 _____ () C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== Bamital & volsnap ======================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
==================== Fim de FRST.txt ============================