Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:09-01-2015 Executado por Áleson (administrador) em PC-ALESON (10-01-2016 13:43:46) Executando a partir de C:\Users\Áleson\Desktop Perfis Carregados: Áleson (Perfis Disponíveis: Áleson) Platform: Windows 8 Pro (X64) Idioma: Português (Brasil) Internet Explorer Versão 10 (Navegador padrão: Chrome) Modo da Inicialização: Normal Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processos (Whitelisted) ================= (Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.) (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe (Navigation Co., Ltd.) C:\Users\Áleson\AppData\Roaming\ntsvc\ntsvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Atheros Communications, Inc.) C:\Program Files (x86)\Jumpstart\jswpbapi.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe () C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe (StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Winstep Software Technologies) C:\Program Files (x86)\Winstep\WsxService.exe () C:\Users\Áleson\AppData\Roaming\XBox\XBLive.exe () C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe (GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe (Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe () C:\Program Files\MegaDownloader\MegaDownloader.exe (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registro (Whitelisted) =========================== (Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 1999-12-31] (Realtek Semiconductor) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.) HKLM-x32\...\Run: [jswtrayutil] => C:\Program Files (x86)\Jumpstart\jswtrayutil.exe [528384 2008-09-26] (Atheros Communications, Inc.) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [688184 2011-11-25] (Sony Corporation) HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-04-02] (CANON INC.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-01] (Caixa Economica Federal) HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] () HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [Tok-Cirrhatus] => 0 HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.) HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [Windows Defender ] => C:\ProgramData\uemtqux.exe [164864 2013-02-05] () HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-16] (Skype Technologies S.A.) HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google) HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8795000 2015-05-12] (Innovative Solutions) HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [DriverMax_RESTART] => [X] HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {7563959d-7e4d-11e4-becb-80ee735f2992} - "F:\LGAutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {773626ec-1da3-11e4-beb1-80ee735f2992} - "F:\LGAutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {7e8ba5be-0c4f-11e3-be79-a349a8706f43} - "F:\AutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {7e8ba713-0c4f-11e3-be79-a349a8706f43} - "F:\AutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {e04c7ba3-d9b4-11e2-be75-e9d724763151} - "G:\AutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {e04c7d0d-d9b4-11e2-be75-e9d724763151} - "F:\AutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {e04c91fe-d9b4-11e2-be75-c17d6f352bb7} - "F:\AutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\MountPoints2: {e04c9266-d9b4-11e2-be75-c17d6f352bb7} - "G:\AutoRun.exe" HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [240640 2012-07-26] (Microsoft Corporation) HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1867432 2015-09-01] (Caixa Economica Federal) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX64.dll [2014-07-30] () ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX64.dll [2014-07-30] () ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX64.dll [2014-07-30] () ShellIconOverlayIdentifiers: [ExplorerEx] -> {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} => C:\Users\Áleson\AppData\Roaming\Mactowebise\explorerEx64.dll [2015-08-19] () ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.) ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX32.dll [2014-07-30] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX32.dll [2014-07-30] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX32.dll [2014-07-30] () Startup: C:\Users\Áleson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Correção da Ativação.lnk [2015-07-14] ShortcutTarget: Correção da Ativação.lnk -> C:\Program Files (x86)\Internet Download Manager\Correção da Ativação.exe (6.23.10.1) Startup: C:\Users\Áleson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MegaDownloader.lnk [2015-08-15] ShortcutTarget: MegaDownloader.lnk -> C:\Program Files\MegaDownloader\MegaDownloader.exe () Startup: C:\Users\Áleson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar334.lnk [2016-01-10] ShortcutTarget: Sidebar334.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) GroupPolicy: Restrição - Chrome <======= ATENÇÃO CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO ==================== Internet (Whitelisted) ==================== (Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.) Winsock: Catalog5 09 C:\ProgramData\System32\SafeGuard32.dll Nenhum Arquivo Winsock: Catalog5-x64 09 C:\ProgramData\System32\SafeGuard64.dll [3387320 2015-11-17] () Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt Tcpip\..\Interfaces\{FEE4DABC-00C2-4FD6-9AC0-8CAA17FBF8B6}: [NameServer] 8.8.8.8 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130905820337103301&GUID=38D9DD1D-A99E-4007-B58C-B0F55C5E2E04 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130905820337134234&GUID=38D9DD1D-A99E-4007-B58C-B0F55C5E2E04 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.seekmix.com/?bd=hp&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.seekmix.com/?bd=hp&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_44¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyD0C0Czy0DtAtByE0ByBtBtDyDzzyBzytN0D0Tzu0StCyEtDtDtN1L2XzutAtFtCyDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCtAtDtC0E0CtAtAtGyEtByB0DtG0B0AtA0CtGyEyB0EtBtG0EtBzyzyyEzytCyD0DyDtDtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0D0EyE0F0CtDtGyEtD0AzztGyEyDtCzztGzzyDtAtDtGzztBtAtC0EtCtC0DyEtA0E0F2QtN0A0LzutB%26cr%3D1469455272%26a%3Dwncy_fs_15_44%26os%3DWindows%2B8%2BPro HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.br.msn.com/ HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.seekmix.com/?bd=hp&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = SearchScopes: HKLM -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms} SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.searchult.com/?bd=ds&oem=Somo&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.2.0.7859&pid=414031160&tid=329&q={searchTerms} SearchScopes: HKU\S-1-5-21-3432586907-597726681-3595710473-1001 -> DefaultScope {D1416E16-86DC-4A0A-BE91-57476DC7A667} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyD0C0Czy0DtAtByE0ByBtBtDyDzzyBzytN0D0Tzu0StCyEtDtDtN1L2XzutAtFtCyDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCtAtDtC0E0CtAtAtGyEtByB0DtG0B0AtA0CtGyEyB0EtBtG0EtBzyzyyEzytCyD0DyDtDtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0D0EyE0F0CtDtGyEtD0AzztGyEyDtCzztGzzyDtAtDtGzztBtAtC0EtCtC0DyEtA0E0F2QtN0A0LzutB%26cr%3D1469455272%26a%3Dwncy_fs_15_44%26os%3DWindows%2B8%2BPro&p={searchTerms} SearchScopes: HKU\S-1-5-21-3432586907-597726681-3595710473-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKU\S-1-5-21-3432586907-597726681-3595710473-1001 -> {D1416E16-86DC-4A0A-BE91-57476DC7A667} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_fs_15_44¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyD0C0Czy0DtAtByE0ByBtBtDyDzzyBzytN0D0Tzu0StCyEtDtDtN1L2XzutAtFtCyDtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCtAtDtC0E0CtAtAtGyEtByB0DtG0B0AtA0CtGyEyB0EtBtG0EtBzyzyyEzytCyD0DyDtDtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzytD0D0EyE0F0CtDtGyEtD0AzztGyEyDtCzztGzzyDtAtDtGzztBtAtC0EtCtC0DyEtA0E0F2QtN0A0LzutB%26cr%3D1469455272%26a%3Dwncy_fs_15_44%26os%3DWindows%2B8%2BPro&p={searchTerms} BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-02-21] (Internet Download Manager, Tonec Inc.) BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-01] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-01] (Oracle Corporation) BHO: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Users\Áleson\Documents\iTools\Plugin\iToolsBHO64.dll [2013-12-08] (iTools.hk) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Sem Nome -> {51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} -> Nenhum Arquivo BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-01] (Caixa Economica Federal) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Users\Áleson\Documents\iTools\Plugin\iToolsBHO.dll [2013-12-08] (iTools.hk) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.searchult.com/?bd=sc&oem=Somo&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.2.0.7859&pid=414031160&tid=329 FireFox: ======== FF ProfilePath: C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default FF NewTab: hxxp://www.seekmix.com/?bd=nt&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 FF Homepage: about:home FF Session Restore: -> está habilitado. FF Keyword.URL: FF NetworkProxy: "no_proxies_on", "*.local" FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-31] () FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-01] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-01] (Oracle Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-31] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] () FF Plugin-x32: @Cabrilog.com/Cabri 3D -> C:\Program Files (x86)\Cabri\Cabri 3D Plug-in 2.1\bin\npcabri3d.dll [2011-08-23] (Cabrilog S.A.S.) FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [1999-12-31] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [1999-12-31] (Intel Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @protectdisc.com/NPMPDRM -> C:\Program Files (x86)\Common Files\mpDRM\Binaries\NPMPDRM.dll [2011-10-11] ( ) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems) FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-04-30] (pdfforge GmbH) FF Plugin HKU\S-1-5-21-3432586907-597726681-3595710473-1001: gastecnologia.com.br/sf/cef -> C:\Users\Áleson\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-04-08] (GAS Tecnologia) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-02-15] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-02-15] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-02-15] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-02-15] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-02-15] (Apple Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2015-06-14] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-06-14] FF Extension: BYTubeD - Bulk YouTube video Downloader - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\extensions\bytubed@cs213.cse.iitk.ac.in [2015-05-29] [não assinado] FF Extension: Google Translator for Firefox - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\extensions\translator@zoli.bod.xpi [2015-09-17] FF Extension: Flash and Video Download - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-12-10] FF Extension: IDM CC - C:\Users\Áleson\AppData\Roaming\IDM\idmmzcc5 [2016-01-10] [não assinado] FF Extension: MEGA - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\firefox@mega.co.nz.xpi [2015-12-13] [não assinado] FF Extension: printpdf - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\printpdf@pavlov.net.xpi [2015-05-29] FF Extension: Save as PDF - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2015-05-29] FF Extension: FlashGot - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-05-29] FF Extension: BrowseMark - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\{b99c8534-7800-48fa-bd71-519a46cdc7e1}.xpi [2014-04-07] [não assinado] FF Extension: Video DownloadHelper - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-04] FF Extension: Adblock Plus - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-09] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] FF HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Áleson\AppData\Local\GAS Tecnologia\GBBD\cef\xpi FF Extension: GBBD Caixa Economica Federal - C:\Users\Áleson\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2014-04-08] [não assinado] FF HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Áleson\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\Áleson\AppData\Roaming\IDM\idmmzcc5 [2016-01-10] [não assinado] FF HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Áleson\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\Áleson\AppData\Roaming\IDM\idmmzcc5 [2016-01-10] [não assinado] StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.seekmix.com/?bd=sc&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705 Chrome: ======= CHR Profile: C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Apresentações) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-24] CHR Extension: (Google Docs) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-24] CHR Extension: (Google Drive) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24] CHR Extension: (MEGA) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2015-12-23] CHR Extension: (YouTube) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-24] CHR Extension: (Desprotetor.com - Desprotetor de links) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\cocohmmjllchepkjocddkihldoiillkl [2015-10-24] CHR Extension: (Google Search) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Planilhas do Google) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-24] CHR Extension: (Documentos Google off-line) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18] CHR Extension: (AdBlock) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-08] CHR Extension: (MailTrack para Gmail) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2016-01-05] CHR Extension: (IDM Integration Module) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-10-24] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-24] CHR Extension: (Gmail) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-24] CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02] CHR HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12] CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02] ==================== Serviços (Whitelisted) ======================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team) S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation) R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576 2015-08-13] (GAS Tecnologia) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 1999-12-31] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 1999-12-31] (Intel Corporation) R2 jswpbapi; C:\Program Files (x86)\Jumpstart\jswpbapi.exe [265216 2008-09-26] (Atheros Communications, Inc.) [Arquivo não assinado] S3 jswpsapi; C:\Program Files (x86)\Jumpstart\jswpsapi.exe [954368 2008-09-26] (Atheros Communications, Inc.) [Arquivo não assinado] S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH) S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [459832 2011-11-25] (Sony Corporation) R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.) R2 Sed; C:\Users\Áleson\AppData\Roaming\ntsvc\ntsvc.exe [266104 2015-10-12] (Navigation Co., Ltd.) S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [1050904 2013-12-11] () [Arquivo não assinado] R2 SkypeUpdateEx; C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe [193456 2015-12-10] () R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Arquivo não assinado] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation) R2 XBox; C:\Users\Áleson\AppData\Roaming\XBox\XBLive.exe [7142328 2015-12-08] () S2 bavsvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavsvc.exe" [X] S2 bhipssvc; "C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bhipssvc.exe" [X] R2 Winstep Xtreme Service; C:\Program Files (x86)\Winstep\WsxService [X] ===================== Drivers (Whitelisted) ========================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50464 2014-04-28] (AVG Technologies) R1 Bfilter; C:\WINDOWS\System32\drivers\Bfilter.sys [52032 2014-01-21] (Baidu, Inc.) R1 Bfmon; C:\WINDOWS\System32\drivers\Bfmon.sys [34624 2014-01-21] (Baidu, Inc.) R1 Bprotect; C:\WINDOWS\System32\drivers\Bprotect.sys [128992 2014-01-21] (Baidu, Inc.) R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems) R1 cnnctfy3; C:\Windows\system32\DRIVERS\cnnctfy3.sys [35352 2014-04-04] (Connectify) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation) R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 1999-12-31] (Intel Corporation) S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2012-07-25] (Microsoft Corporation) S3 NETJME; C:\Windows\system32\DRIVERS\NETJME.sys [137728 2012-07-05] (JMicron Technology Corp.) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.) S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [3737304 2015-01-06] (Realtek Semiconductor Corporation ) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3737304 2015-01-06] (Realtek Semiconductor Corporation ) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2014-02-14] (Duplex Secure Ltd.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [35856 2013-10-25] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [248240 2013-10-24] (Microsoft Corporation) S3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X] S3 BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [X] S3 BprotectEx; \??\C:\WINDOWS\System32\drivers\BprotectEx.sys [X] S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X] S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X] S1 gbpddfac; system32\drivers\gbpddfac64.sys [X] S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X] S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X] S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X] S1 pfnfd_1_10_0_8; system32\drivers\pfnfd_1_10_0_8.sys [X] S3 Warsaw_PP; \??\C:\PROGRA~2\GbPlugin\wsftprp64.sys [X] ==================== NetSvcs (Whitelisted) =================== (Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.) ==================== Três Meses Criados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-01-10 13:43 - 2016-01-10 13:44 - 00037579 _____ C:\Users\Áleson\Desktop\FRST.txt 2016-01-10 13:42 - 2016-01-10 13:43 - 00000000 ____D C:\FRST 2016-01-10 13:41 - 2016-01-10 13:42 - 02370560 _____ (Farbar) C:\Users\Áleson\Desktop\FRST64.exe 2016-01-10 13:07 - 2016-01-10 13:07 - 00000022 _____ C:\Users\Áleson\Downloads\MEGA-MASTERKEY.txt 2016-01-10 13:03 - 2016-01-10 13:03 - 00000000 ____D C:\Users\Áleson\Downloads\Windows 8.1 Pro VL x64 Multi-8 July 2014 2016-01-10 00:31 - 2016-01-10 00:58 - 00000261 _____ C:\VundoFix.txt 2016-01-10 00:31 - 2016-01-10 00:31 - 00000000 ____D C:\VundoFix Backups 2016-01-09 20:27 - 2016-01-09 20:27 - 00000000 ___HD C:\$Windows.~WS 2016-01-09 19:10 - 2016-01-09 19:10 - 00119808 _____ (Atribune.org) C:\Users\Áleson\Desktop\VundoFix.exe 2016-01-09 19:07 - 2016-01-10 00:24 - 00004908 _____ C:\InfoSat.txt 2016-01-09 19:05 - 2016-01-09 19:05 - 00001735 _____ C:\Users\Áleson\Desktop\dfdsfs.txt 2016-01-09 13:19 - 2016-01-10 01:24 - 00849766 _____ C:\WINDOWS\ntbtlog.txt 2016-01-09 10:58 - 2016-01-10 01:27 - 00000326 _____ C:\WINDOWS\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c.job 2016-01-09 10:58 - 2016-01-09 10:58 - 00002582 _____ C:\WINDOWS\System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c 2016-01-09 10:58 - 2016-01-09 10:58 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\Innovative Solutions 2016-01-09 10:58 - 2016-01-09 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax 2016-01-09 10:58 - 2016-01-09 10:58 - 00000000 ____D C:\Program Files (x86)\Innovative Solutions 2016-01-09 02:34 - 2016-01-09 02:34 - 00026624 _____ C:\WINDOWS\SysWOW64\Drivers\fsbts.sys 2016-01-09 02:17 - 2016-01-09 02:17 - 00001067 _____ C:\Users\Áleson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent.lnk 2016-01-09 01:52 - 2016-01-09 01:55 - 00000000 ____D C:\Users\Áleson\Downloads\Kaspersky Antivirus + Internet Security + Total Security 2016 16.0.0.424 Beta + Trial Resetters - AppzDam 2016-01-09 01:43 - 2016-01-10 13:06 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\uTorrent 2016-01-09 01:35 - 2016-01-09 01:35 - 00000000 ____D C:\Users\Áleson\Downloads\Utorrent + ativador 2016 2016-01-09 01:27 - 2016-01-09 01:27 - 02667753 _____ C:\Users\Áleson\Downloads\Kaspersky + Renovar licença de uso para 30 dias.rar 2016-01-09 01:27 - 2016-01-09 01:27 - 00000000 ____D C:\Users\Áleson\Downloads\Kaspersky + Renovar licença de uso para 30 dias 2016-01-09 00:13 - 2016-01-09 00:13 - 00000000 ____D C:\Users\Áleson\AppData\Local\ElevatedDiagnostics 2016-01-08 18:08 - 2016-01-08 18:08 - 00000000 ____D C:\Users\Áleson\Downloads\Bound.By.Flame-CODEX 2016-01-08 17:41 - 2016-01-08 18:39 - 00000008 __RSH C:\Users\Áleson\ntuser.pol 2016-01-08 15:29 - 2016-01-09 12:57 - 00000000 ____D C:\Users\Todos os Usuários\Kaspersky Lab Setup Files 2016-01-08 15:29 - 2016-01-09 12:57 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2016-01-08 13:36 - 2016-01-08 13:37 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-01-08 13:36 - 2016-01-08 13:36 - 00001010 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-01-03 16:06 - 2016-01-03 16:06 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\21080 2016-01-03 14:00 - 2016-01-03 14:00 - 00002020 _____ C:\Users\Áleson\Downloads\monomania.txt 2016-01-03 13:05 - 2016-01-03 13:05 - 00003155 _____ C:\Users\Áleson\Downloads\a-noite-la-notte.txt 2016-01-03 13:05 - 2016-01-03 13:05 - 00003155 _____ C:\Users\Áleson\Downloads\a-noite-la-notte (1).txt 2016-01-02 21:04 - 2016-01-02 21:04 - 00001234 _____ C:\Users\Áleson\Desktop\Xbox 360 Emulator 3.2.4.lnk 2016-01-02 21:00 - 2016-01-02 21:03 - 00000000 ____D C:\Xbox 360 Emulator 3.2.4 2016-01-02 20:05 - 2016-01-02 20:08 - 07136719 _____ C:\Users\Áleson\Downloads\Xbox 360 Emulator 3.2.4.rar 2015-12-30 21:46 - 2015-12-30 21:53 - 1434856323 _____ C:\Users\Áleson\Downloads\Alexandre.e.Outros.Herois.GLOBO.720p.HDTV.x264-FHxHD[GaiteroDownloads].mkv 2015-12-30 21:43 - 2015-12-30 21:43 - 00014450 _____ C:\Users\Áleson\Downloads\Especial-AlexandreEOHistorias.rar 2015-12-23 01:37 - 2015-12-23 01:37 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Local\Google 2015-12-23 01:37 - 2015-12-23 01:37 - 00000000 ____D C:\Users\Default\AppData\Local\Google 2015-12-23 01:37 - 2015-12-23 01:37 - 00000000 ____D C:\Users\Default User\AppData\Local\Google 2015-12-22 11:20 - 2016-01-08 23:56 - 00000000 ___RD C:\Users\Áleson\Google Drive 2015-12-22 11:16 - 2015-12-23 01:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2015-12-21 11:07 - 2015-12-21 11:07 - 00003060 _____ C:\Users\Áleson\Downloads\em-teu-altar.txt 2015-12-20 14:41 - 2015-12-20 14:41 - 00003956 _____ C:\Users\Áleson\Downloads\janta.txt 2015-12-19 23:58 - 2015-12-19 23:58 - 00000713 _____ C:\Users\Áleson\Downloads\Peter.Pan.2015.720p.BluRay.DUAL-LAPUMiA.srt 2015-12-15 20:40 - 2015-12-15 20:41 - 00000492 _____ C:\Users\Áleson\Desktop\Novo Documento de Texto.txt 2015-12-15 20:26 - 2015-12-15 20:26 - 00000000 ____D C:\Users\Áleson\Downloads\AVF01 2015-12-10 06:09 - 2015-12-10 06:09 - 00000000 ____D C:\WINDOWS\3 2015-12-10 01:20 - 2015-12-10 01:20 - 00000000 ____D C:\WINDOWS\7 2015-12-07 20:25 - 2015-12-07 20:25 - 00000152 _____ C:\Users\Áleson\Desktop\Pré-Matrícula.txt 2015-12-05 15:00 - 2015-12-05 15:00 - 00000000 _____ C:\Users\Áleson\AppData\Local\{B5D010D4-1156-4222-8FA8-1BDF7862729E} 2015-12-01 20:57 - 2015-12-01 21:00 - 00418518 _____ C:\Users\Áleson\Desktop\download.pdf 2015-12-01 01:15 - 2015-12-01 01:15 - 00015464 _____ C:\WINDOWS\DelYac64.sys 2015-11-21 21:46 - 2015-11-21 21:46 - 00000000 ____D C:\peanut 2015-11-20 23:37 - 2015-11-20 23:37 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Poly Pro 1.12 2015-11-20 23:37 - 2015-11-20 23:37 - 00000000 ____D C:\Users\Áleson\AppData\Local\Pedagoguery Software 2015-11-20 23:36 - 2015-11-20 23:36 - 00000008 ___SH C:\Users\Áleson\AppData\Roaming\.xp070105.dat 2015-11-20 23:36 - 2015-11-20 23:36 - 00000008 ___SH C:\Users\Áleson\AppData\Roaming\.px050107.dat 2015-11-20 23:36 - 2015-11-20 23:36 - 00000008 ___SH C:\Users\Áleson\AppData\Roaming\.ax010705.dat 2015-11-20 23:35 - 2015-11-20 23:35 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\.Cabri3D-2.1 2015-11-20 23:35 - 2015-11-20 23:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cabri 2015-11-20 23:35 - 2015-11-20 23:35 - 00000000 ____D C:\Program Files (x86)\Cabri 2015-11-14 18:11 - 2015-11-14 18:11 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\Tencent 2015-11-06 03:40 - 2015-11-10 21:28 - 00000000 ____D C:\Users\-leson\AppData\Roaming\XBox 2015-11-06 03:40 - 2015-11-06 03:40 - 00000000 ____D C:\Users\-leson 2015-11-05 20:40 - 2015-11-05 20:40 - 00000000 ____D C:\Users\Áleson\.clion10 2015-11-05 20:35 - 2015-11-05 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JetBrains 2015-11-01 23:25 - 2015-11-01 23:25 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory 2015-11-01 10:56 - 2015-11-01 10:56 - 00000000 ____D C:\Users\Áleson\AppData\Local\clone.AD 2015-11-01 10:51 - 2015-11-01 10:56 - 00000000 ____D C:\Users\Todos os Usuários\clone.AD 2015-11-01 10:51 - 2015-11-01 10:56 - 00000000 ____D C:\ProgramData\clone.AD 2015-11-01 10:32 - 2015-11-01 10:32 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\MediaInfo 2015-11-01 10:31 - 2015-11-01 10:31 - 00000915 _____ C:\Users\Áleson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk 2015-11-01 10:31 - 2015-11-01 10:31 - 00000000 ____D C:\Program Files\MediaInfo 2015-10-29 00:08 - 2015-12-12 01:08 - 00000000 ____D C:\Users\Todos os Usuários\System32 2015-10-29 00:08 - 2015-12-12 01:08 - 00000000 ____D C:\ProgramData\System32 2015-10-28 20:01 - 2015-10-28 20:02 - 00000000 ____D C:\WINDOWS\SysWOW64\worker 2015-10-27 20:09 - 2015-11-17 20:43 - 00000000 ____D C:\Users\Áleson\AppData\Local\CatalinaGroup 2015-10-25 16:55 - 2015-10-25 16:55 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\mkvtoolnix 2015-10-23 20:18 - 2015-10-25 11:00 - 00000000 ____D C:\Users\Áleson\Desktop\Imprimir ==================== Três Meses Modificados arquivos e pastas ======== (Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.) 2016-01-10 13:42 - 2012-07-26 02:37 - 00000000 ____D C:\Windows 2016-01-10 13:35 - 2015-07-30 15:06 - 00000340 _____ C:\WINDOWS\Tasks\iToolsDaemon.job 2016-01-10 13:07 - 2015-03-03 23:12 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-10 12:36 - 2013-12-03 20:14 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3432586907-597726681-3595710473-1001 2016-01-10 12:07 - 2015-05-23 00:16 - 00000000 ____D C:\Users\Áleson\Downloads\Compressed 2016-01-10 10:08 - 2012-07-26 07:33 - 00765720 _____ C:\WINDOWS\system32\prfh0416.dat 2016-01-10 10:08 - 2012-07-26 07:33 - 00155452 _____ C:\WINDOWS\system32\prfc0416.dat 2016-01-10 10:08 - 2012-07-26 04:28 - 01773574 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-01-10 10:08 - 2012-07-26 02:37 - 00000000 ____D C:\WINDOWS\Inf 2016-01-10 10:06 - 2015-05-23 00:16 - 00000000 ____D C:\Users\Áleson\Downloads\Video 2016-01-10 09:33 - 2014-12-07 16:03 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\vlc 2016-01-10 04:07 - 2015-03-03 23:12 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-10 02:00 - 2013-12-03 20:12 - 00000000 ____D C:\Users\Áleson\AppData\Local\Adobe 2016-01-10 01:38 - 2015-09-11 20:23 - 00005010 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Pc-Aleson-Áleson Pc-Aleson 2016-01-10 01:32 - 2015-05-23 00:16 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\DMCache 2016-01-10 01:31 - 2014-04-06 00:25 - 11263488 ___SH C:\Users\Áleson\Desktop\Thumbs.db 2016-01-10 01:27 - 2015-07-30 15:06 - 00003282 _____ C:\WINDOWS\System32\Tasks\iToolsDaemon 2016-01-10 01:27 - 2015-05-23 00:14 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager 2016-01-10 01:27 - 2014-05-07 23:48 - 00000000 ____D C:\Users\Áleson\AppData\Local\Sidebar7 2016-01-10 01:26 - 2015-09-25 05:01 - 00000000 ____D C:\Program Files (x86)\SkypeUpdateEx 2016-01-10 01:26 - 2012-07-26 04:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-10 01:25 - 2012-07-26 02:26 - 01310720 ___SH C:\WINDOWS\system32\config\BBI 2016-01-10 00:33 - 2014-04-06 17:52 - 08628224 ___SH C:\Users\Áleson\Downloads\Thumbs.db 2016-01-09 19:50 - 2013-12-03 19:56 - 00000000 ____D C:\Users\Áleson 2016-01-09 19:49 - 2014-07-06 13:41 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\AIMP3 2016-01-09 19:45 - 2014-03-30 17:52 - 00871936 ___SH C:\Users\Áleson\Thumbs.db 2016-01-09 19:40 - 2013-12-03 20:29 - 00000000 ____D C:\WINDOWS\Panther 2016-01-09 19:23 - 2014-04-25 10:31 - 00000132 _____ C:\Users\Áleson\AppData\Roaming\Preferências do Formato PNG CC da Adobe 2016-01-09 10:58 - 2013-12-03 22:53 - 00000000 ____D C:\Users\Áleson\AppData\Local\Innovative Solutions 2016-01-09 10:44 - 2015-05-23 00:16 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\IDM 2016-01-09 01:49 - 2014-08-28 01:55 - 00146432 ___SH C:\Users\Áleson\Documents\Thumbs.db 2016-01-08 23:54 - 2015-07-29 10:14 - 05691736 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-01-08 16:28 - 2014-10-18 18:15 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\Ashampoo 2016-01-08 16:28 - 2014-10-18 18:15 - 00000000 ____D C:\Users\Áleson\AppData\Local\ashampoo 2016-01-08 13:43 - 2015-02-16 22:53 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\TeamViewer 2015-12-22 19:36 - 2013-12-03 20:04 - 00000000 ____D C:\Users\Áleson\AppData\Local\Packages 2015-12-22 11:16 - 2013-12-03 20:16 - 00000000 ____D C:\Users\Áleson\AppData\Local\Google 2015-12-22 11:16 - 2013-12-03 20:16 - 00000000 ____D C:\Program Files (x86)\Google 2015-12-15 20:35 - 2014-01-27 20:47 - 00000000 ____D C:\Program Files\Recuva ==================== Arquivos na raiz de alguns diretórios ======= 2014-04-25 10:50 - 2014-04-28 23:20 - 0003757 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml 2014-05-06 07:45 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.addit001.dat 2014-05-06 07:45 - 2014-05-06 07:45 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.app190905.dat 2015-11-20 23:36 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.ax010705.dat 2014-05-06 07:45 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.data000.dat 2014-05-06 07:45 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.data001.dat 2014-05-06 07:45 - 2014-05-06 07:45 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.drv120205.dat 2014-05-06 07:45 - 2014-05-06 07:45 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.drv190904.dat 2015-11-20 23:36 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.px050107.dat 2015-11-20 23:36 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.xp070105.dat 2014-02-04 17:09 - 2014-02-04 17:09 - 0093696 _____ () C:\Users\Áleson\AppData\Roaming\ezpinst.exe 2014-08-08 08:59 - 2014-08-08 08:59 - 0099384 _____ () C:\Users\Áleson\AppData\Roaming\inst.exe 2015-04-10 07:00 - 2015-04-10 07:00 - 0000000 _____ () C:\Users\Áleson\AppData\Roaming\oWfnW.txt 2014-02-04 17:09 - 2014-08-08 08:59 - 0007859 _____ () C:\Users\Áleson\AppData\Roaming\pcouffin.cat 2014-02-04 17:09 - 2014-08-08 08:59 - 0001167 _____ () C:\Users\Áleson\AppData\Roaming\pcouffin.inf 2014-02-04 17:10 - 2014-08-08 08:59 - 0000055 _____ () C:\Users\Áleson\AppData\Roaming\pcouffin.log 2014-02-04 17:09 - 2014-08-08 08:59 - 0082816 _____ (VSO Software) C:\Users\Áleson\AppData\Roaming\pcouffin.sys 2015-08-10 18:16 - 2015-08-10 18:16 - 0000132 _____ () C:\Users\Áleson\AppData\Roaming\Preferências do Formato AIFF CC da Adobe 2015-09-11 20:25 - 2015-09-11 20:28 - 0000132 _____ () C:\Users\Áleson\AppData\Roaming\Preferências do Formato GIF CC da Adobe 2014-04-25 10:31 - 2016-01-09 19:23 - 0000132 _____ () C:\Users\Áleson\AppData\Roaming\Preferências do Formato PNG CC da Adobe 2013-12-07 14:23 - 2014-03-28 19:16 - 0000132 _____ () C:\Users\Áleson\AppData\Roaming\Preferências do formato PNG do Adobe CS5 2014-04-08 18:03 - 2014-04-08 18:09 - 0033465 _____ () C:\Users\Áleson\AppData\Roaming\unins000.dat 2014-04-08 18:09 - 2014-04-08 18:08 - 0730322 _____ () C:\Users\Áleson\AppData\Roaming\unins000.exe 2015-02-05 19:23 - 2015-02-05 19:25 - 183677480 _____ () C:\Users\Áleson\AppData\Local\ACCCx2_9_0_465.zip.aamdownload 2015-02-05 19:23 - 2015-02-05 19:25 - 0002195 _____ () C:\Users\Áleson\AppData\Local\ACCCx2_9_0_465.zip.aamdownload.aamd 2014-02-09 00:38 - 2014-03-13 00:30 - 0001456 _____ () C:\Users\Áleson\AppData\Local\Adobe Salvar para a Web 12.0 Prefs 2015-01-22 21:25 - 2015-09-29 00:59 - 0001456 _____ () C:\Users\Áleson\AppData\Local\Adobe Salvar para Web 13.0 Prefs 2014-08-30 19:50 - 2014-08-30 19:50 - 0026226 _____ () C:\Users\Áleson\AppData\Local\Bron.tok.A17.em.bin 2014-09-02 20:27 - 2014-09-02 20:27 - 0000336 _____ () C:\Users\Áleson\AppData\Local\JunkAtx.bin 2015-12-05 15:00 - 2015-12-05 15:00 - 0000000 _____ () C:\Users\Áleson\AppData\Local\{B5D010D4-1156-4222-8FA8-1BDF7862729E} 2014-04-25 17:41 - 2014-04-25 17:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl 2014-01-15 02:15 - 2014-01-15 02:15 - 0167784 _____ (Baidu, Inc.) C:\ProgramData\FileSplitUpLoad.dll 2015-04-10 07:00 - 2013-02-05 11:18 - 0164864 ____H () C:\ProgramData\uemtqux.exe Arquivos para serem movidos ou deletados: ==================== C:\ProgramData\FileSplitUpLoad.dll C:\ProgramData\uemtqux.exe C:\Users\Todos os Usuários\FileSplitUpLoad.dll C:\Users\Todos os Usuários\uemtqux.exe Alguns arquivos em TEMP: ==================== C:\Users\Áleson\AppData\Local\Temp\FFSetup3.7.0.0.exe C:\Users\Áleson\AppData\Local\Temp\GURB284.exe C:\Users\Áleson\AppData\Local\Temp\javagiac0.05637026420230706.dll C:\Users\Áleson\AppData\Local\Temp\javagiac0.07419647611942548.dll C:\Users\Áleson\AppData\Local\Temp\javagiac0.7159750379807412.dll C:\Users\Áleson\AppData\Local\Temp\javagiac0.8370023476803045.dll C:\Users\Áleson\AppData\Local\Temp\jre-8u65-windows-au.exe C:\Users\Áleson\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Áleson\AppData\Local\Temp\MSETUP4.EXE C:\Users\Áleson\AppData\Local\Temp\Quarantine.exe C:\Users\Áleson\AppData\Local\Temp\setup.exe C:\Users\Áleson\AppData\Local\Temp\sjt7z_x86_console.exe C:\Users\Áleson\AppData\Local\Temp\unins000.exe C:\Users\Áleson\AppData\Local\Temp\{39A540B9-C264-48CA-B8DC-FB5C241EC09F}-46.0.2490.71_chrome64_installer.exe ==================== Bamital & volsnap ================= (Não há correção automática para arquivos que não passaram na verificação.) C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente LastRegBack: 2016-01-08 02:10 ==================== Fim de FRST.txt ============================