cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:20-12-2015
Executado por Moises (administrador) em MASEGUROS (21-12-2015 09:32:47)
Executando a partir de C:\Users\Moises\Desktop
Perfis Carregados: Moises (Perfis Disponíveis: Moises)
Platform: Windows 7 Home Basic Service Pack 1 (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Users\Moises\AppData\Local\Crsoft\crsvc.exe
() C:\Users\Moises\AppData\Roaming\DNSHelper\DNSSVC.exe
(QNT) C:\Users\Moises\AppData\Roaming\Netlog\Netlog.exe
(QNT) C:\Users\Moises\AppData\Roaming\NetService\netservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(GlavSoft LLC.) C:\Program Files (x86)\ShowMyPCService\tvnserver.exe
() C:\Users\Moises\AppData\Roaming\WinNetSvc\WinNetSvc.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
() C:\ProgramData\carssc.exe
() C:\Brother\BPRSP\resources\BrSupSsp.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(GlavSoft LLC.) C:\Program Files (x86)\ShowMyPCService\tvnserver.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11153\CalendarServ.exe
() C:\Program Files (x86)\CalendarTool\2.0.0.11153\calendar.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\ShowMyPCService\tvnserver.exe [815704 2010-07-08] (GlavSoft LLC.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7004376 2015-12-01] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [HomePageHelper] => c:\programdata\homepage.exe
HKLM-x32\...\Run: [LightGate] => c:\programdata\lightgate.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-10-20] (Banco do Brasil)
Winlogon\Notify\ GbPluginBnt: C:\Program Files (x86)\GbPlugin\gbiehBnt.dll [2014-09-04] (Banco do Estado do Espirito Santo - BANESTES)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-07-08] (Caixa Economica Federal)
Winlogon\Notify\ GbPluginUni: C:\Program Files (x86)\GbPlugin\gbiehUni.dll [2015-07-06] (Banco Itaú Unibanco)
HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50755200 2015-12-08] (Skype Technologies S.A.)
HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\...\Run: [YeaInstaller] => C:\Users\Moises\AppData\Local\Temp\setup_767.exe [2223616 2015-12-16] (TZ) <===== ATENÇÃO
HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\...\Run: [Birds] => C:\Users\Moises\AppData\Local\Birds\birds365.exe
HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\...\Run: [-] => C:\ProgramData\carssc.exe [1876992 2015-12-17] ()
HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\...\Run: [Yeaplayer] => C:\Program Files (x86)\Yeaplayer\Yeaplayermd.exe /autostart
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1945472 2015-10-20] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1759992 2015-07-06] (Banco Itaú Unibanco)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1853256 2015-07-08] (Caixa Economica Federal)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399017} - C:\Program Files (x86)\GbPlugin\gbiehbnt.dll [1722880 2014-09-04] (Banco do Estado do Espirito Santo - BANESTES)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-01] (AVAST Software)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [ExplorerEx] -> {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} => C:\Users\Moises\AppData\Roaming\Macwebtoise\explorerEx64.dll [2015-01-22] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Brother PAPPB.lnk [2014-01-29]
ShortcutTarget: Brother PAPPB.lnk -> C:\Windows\Installer\{8040527F-DD74-4B45-8A06-C4BF145B6C76}\BrSupSsp.exe_44686FC076524EF5975EF92EE48E2958.exe (Flexera Software LLC)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
CHR HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

ProxyEnable: [.DEFAULT] => Proxy está habilitado.
ProxyServer: [.DEFAULT] => http=127.0.0.1:51608;https=127.0.0.1:51608
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{6C7DD20E-4DE3-4532-82F6-CFB4345CC1C7}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{A41BA4D4-36AE-4CF9-B1ED-58A682663E3E}: [DhcpNameServer] 192.168.1.1 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=ca3bf34eb396d4d028cfe902bcda4f99
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=ca3bf34eb396d4d028cfe902bcda4f99
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=dspp&ts=1434457680&from=xtab&uid=572A144739FF4e3086BE8A50B55D27E2&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com?oem=mbtkv3&uid=WD-WCAYU3220673_WDCWD3200AAJS-00YZCA0&tm=1428334311
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com?oem=mbtkv3&uid=WD-WCAYU3220673_WDCWD3200AAJS-00YZCA0&tm=1428334311
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1434457680&from=xtab&uid=572A144739FF4e3086BE8A50B55D27E2&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yeabests.cc/
HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=dspp&ts=1434457680&from=xtab&uid=572A144739FF4e3086BE8A50B55D27E2&q={searchTerms}
HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=6.5&ts=1405652400000.000000&tguid=77301-18144-1405711298647-12771B6CC65F8C5B878DE115B7CD519D
HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1434457680&from=xtab&uid=572A144739FF4e3086BE8A50B55D27E2&q={searchTerms}
HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://br.hao123.com/?tn=sdkc_inner_hp_09_hao123_br&guid=ca3bf34eb396d4d028cfe902bcda4f99
HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=pt-BR&Src=MSRT&Tid=80033373&OHP=http%3A%2F%2Fwww.mystartsearch.com%2F%3Ftype%3Dhppp%26ts%3D1428335365%26from%3Dcmi%26uid%3DWDCXWD3200AAJS%2D00YZCA0%5FWD%2DWCAYU322067320673&OSP=http%3A%2F%2Fwww.mystartsearch.com%2Fweb%2F%3Ftype%3Ddspp%26ts%3D1428335365%26from%3Dcmi%26uid%3DWDCXWD3200AAJS%2D00YZCA0%5FWD%2DWCAYU322067320673%26q%3D%7BsearchTerms%7D
HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.top8844.com?oem=mbtkv3&uid=WD-WCAYU3220673_WDCWD3200AAJS-00YZCA0&tm=1428334311
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_17_ch&cd=2XzuyEtN2Y1L1QzuyBtDyBtC0B0CyC0EyDtAzy0AyBtAtD0DtN0D0Tzu0SzzyEyDtN1L2XzutBtFtBtDtFyDtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyB0Fzz0DyBtAyByCtGzz0AtCtCtGtB0EtDzytG0FtAyC0AtGyE0Azz0D0A0BtD0Czz0A0CyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzz0EyBzytByDyEtGtAyDtA0AtG0A0D0AzytGzz0A0DtCtGtCtCzztAzyyEzy0AyDtBtD0A2Q&cr=134942782&ir=
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites03_14_19_ch&cd=2XzuyEtN2Y1L1QzuyBtDyBtC0B0CyC0EyDtAzy0AyBtAtD0DtN0D0Tzu0SzzyDyBtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyEtCyCtCtByD0D0DtG0F0A0ByBtG0B0AtDtBtG0A0E0FyCtGyCzz0B0D0F0FyE0B0B0ByBtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCzz0EyBzytByDyEtGtAyDtA0AtG0A0D0AzytGzz0A0DtCtGtCtCzztAzyyEzy0AyDtBtD0A2Q&cr=1162974043&ir=
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKLM -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com/?bd=ds&oem=Cube&uid=WDCXWD3200AAJS-00YZCA0_WD-WCAYU322067320673&version=2.2.0.7859&pid=414031160&tid=295&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope valor está ausente
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0ymfMnbpqxFRcw9bO9KVavhRaCksnt3bQgejRANJMw-IPVBwyY5gn8OEbz3HK9CbcQxi8qmzj0hVZY7DoYhkoRWlnI_tlfMg14eG6c4cAtmxD_3ONl6r2ilr0zc_mPO1wKnEobJWFAudJO9zkZ2AyGn3G_Ezkt5U71wQ,,&q={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=77301&st=bs&tid=18144&ver=6.5&ts=1405652400000.000000&tguid=77301-18144-1405711298647-12771B6CC65F8C5B878DE115B7CD519D&q={searchTerms}
SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com/?bd=ds&oem=Cube&uid=WDCXWD3200AAJS-00YZCA0_WD-WCAYU322067320673&version=2.2.0.7859&pid=414031160&tid=295&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2360970272-2839313709-1920729781-1000 -> DefaultScope {CC05633C-21D3-4558-B068-BD2721E8CD99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2360970272-2839313709-1920729781-1000 -> Web URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2360970272-2839313709-1920729781-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2360970272-2839313709-1920729781-1000 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2360970272-2839313709-1920729781-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2360970272-2839313709-1920729781-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2360970272-2839313709-1920729781-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=dspp&ts=1434457680&from=xtab&uid=572A144739FF4e3086BE8A50B55D27E2&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2360970272-2839313709-1920729781-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2360970272-2839313709-1920729781-1000 -> {CC05633C-21D3-4558-B068-BD2721E8CD99} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2360970272-2839313709-1920729781-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2360970272-2839313709-1920729781-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2360970272-2839313709-1920729781-1000 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-12-01] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-01] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-01] (Oracle Corporation)
BHO-x32: Sem Nome -> {68f4dacb-10fa-ca10-ad7d-91b574356f1d} -> Nenhum Arquivo
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-01] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-01] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2015-10-20] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-07-08] (Caixa Economica Federal)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2015-07-06] (Banco Itaú Unibanco)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540017} -> C:\Program Files (x86)\GbPlugin\gbiehbnt.dll [2014-09-04] (Banco do Estado do Espirito Santo - BANESTES)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-01] (Oracle Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Nenhum Arquivo
Toolbar: HKLM - Sem Nome - {ae07101b-46d4-4a98-af68-0333ea26e113} - Nenhum Arquivo
Toolbar: HKLM-x32 - Sem Nome - {ae07101b-46d4-4a98-af68-0333ea26e113} - Nenhum Arquivo
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.delta-homes.com/?type=sc&ts=1442921105&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ient07031&uid=WDCXWD3200AAJS-00YZCA0_WD-WCAYU322067320673

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-12-01] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-01] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-12-01] ()
FF Plugin-x32: @ganymede/BOARDS,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\BOARDS\NPBOARDS.dll [2011-07-15] (Ganymede Technologies)
FF Plugin-x32: @ganymede/GanymedeNetPlugin,version=1.0 -> C:\Program Files (x86)\Ganymede\Plugins\npganymedenet.dll [2012-07-25] ( )
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-07] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2360970272-2839313709-1920729781-1000: gastecnologia.com.br/sf/bb -> C:\Users\Moises\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-01-13] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-2360970272-2839313709-1920729781-1000: gastecnologia.com.br/sf/bb64 -> C:\Users\Moises\AppData\Local\GAS Tecnologia\GBBD\npsf_bb_64.dll [2015-01-13] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-2360970272-2839313709-1920729781-1000: gastecnologia.com.br/sf/cef -> C:\Users\Moises\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-2360970272-2839313709-1920729781-1000: gastecnologia.com.br/sf/cef64 -> C:\Users\Moises\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [2014-12-09] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-2360970272-2839313709-1920729781-1000: gastecnologia.com.br/sf/gas64 -> C:\Users\Moises\AppData\Local\GAS Tecnologia\GBBD\npsf_gas_64.dll [Nenhum Arquivo]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npganymedenet.dll [2012-07-25] ( )
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-01]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com.br/
CHR StartupUrls: Default -> "","hxxp://www.google.com.br/"
CHR DefaultSearchURL: Default -> hxxps://www.google.com/search?q={searchTerms}&trackid=sp-006
CHR DefaultSearchKeyword: Default -> google
CHR DefaultSuggestURL: Default -> hxxps://www.google.com/complete/search?client=chrome&q={searchTerms}
CHR Session Restore: Default -> está habilitado.
CHR Profile: C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-04]
CHR Extension: (Google Docs) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-07]
CHR Extension: (Google Drive) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google Search) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Java API Search) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\dphfngjamcomlehblpblaacingmaojnm [2015-04-17]
CHR Extension: (Oracle EBS R12&11i Enablement for Chrome) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekkagabmggbmpmncofhgkfigmeldifnc [2015-04-17]
CHR Extension: (Planilhas do Google) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-04]
CHR Extension: (Quick Javascript Switcher) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\geddoclleiomckbhadiaipdggiiccfje [2015-04-17]
CHR Extension: (Documentos Google off-line) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (Avast Online Security) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-01]
CHR Extension: (Script Executor) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlledchhaimjmakjdmjpldfanefbhikj [2015-05-29]
CHR Extension: (Heavenly Cross) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\kepdlccjceknhloddohpnmciihblkann [2015-12-01]
CHR Extension: (Mestre Ofertas) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcpkcdfnnagapoekkgilnglookcejomf [2015-11-30]
CHR Extension: (iLivid) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf [2015-12-01]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Ver Closed Tabs) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\noefmckjndnmlfehcfnkelifmnldohhh [2015-12-17]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2015-05-29]
CHR Extension: (Gmail) - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-16]
CHR HKLM\...\Chrome\Extension: [ejocekekgcaldnmjngfdbmbeebcekelc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ejocekekgcaldnmjngfdbmbeebcekelc] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nnjbodopomfddehlalfilheomcahbpei] - C:\Users\Moises\AppData\Local\GAS Tecnologia\GBBD\cef\sf.crx
CHR HKU\S-1-5-21-2360970272-2839313709-1920729781-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ejocekekgcaldnmjngfdbmbeebcekelc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-01]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Moises\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [174416 2015-12-01] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109520 2015-12-01] (AVAST Software)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Arquivo não assinado]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 Crashhd; C:\Users\Moises\AppData\Local\Crsoft\crsvc.exe [185800 2015-09-24] ()
R2 DNSSVC; C:\Users\Moises\AppData\Roaming\DNSHelper\DNSSVC.exe [142792 2015-09-07] ()
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [593120 2015-09-22] (GAS Tecnologia)
S2 GoogleChromeUpService; C:\ProgramData\upgsvr.exe [1762304 2015-11-16] (TODO: <公司名>) [Arquivo não assinado]
R2 NetLogHandler; C:\Users\Moises\AppData\Roaming\Netlog\Netlog.exe [167704 2015-06-08] (QNT)
R2 NetTcpHandler; C:\Users\Moises\AppData\Roaming\NetService\netservice.exe [211824 2015-03-20] (QNT)
R2 TheCalendarService; C:\Program Files (x86)\CalendarTool\2.0.0.11153\CalendarServ.exe [153224 2015-12-10] ()
S4 tor; C:\Program Files (x86)\Tor\tor.exe [3233806 2013-08-23] () [Arquivo não assinado] <==== ATENÇÃO
R2 tvnserver; C:\Program Files (x86)\ShowMyPCService\tvnserver.exe [815704 2010-07-08] (GlavSoft LLC.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WinNetSvc; C:\Users\Moises\AppData\Roaming\WinNetSvc\WinNetSvc.exe [4845408 2015-12-16] ()
S4 IePluginService; C:\ProgramData\IePluginService\PluginService.exe -service [X]
S2 MySql; c:/mysql/bin/mysqld-nt.exe [X]
S2 Update Solution Real; "C:\Program Files (x86)\Solution Real\updateSolutionReal.exe" [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-01] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-12-01] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-01] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [466400 2015-12-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-01] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-12-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-12-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [154256 2015-12-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-01] (AVAST Software)
S3 AVerA706_x64; C:\Windows\System32\DRIVERS\AVerA706_x64.sys [1423872 2009-11-18] (AVerMedia TECHNOLOGIES, Inc.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S0 GbpKm; C:\Windows\SysWOW64\drivers\GbpKm.sys [49536 2013-05-08] (GAS Tecnologia)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-08-26] (GAS Tecnologia)
S3 netmon_wfp; C:\Windows\System32\drivers\netmon_wfp.sys [49880 2014-12-03] (Windows (R) Win 7 DDK provider)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203672 2013-05-02] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-10-31] (GAS Tecnologia LTDA)
S3 zghsdiag; C:\Windows\System32\DRIVERS\zghsdiag.sys [122624 2011-01-13] (ZTE Incorporated)
R1 {6fcd6092-9615-4f7f-8898-8df53980e5d2}w64; C:\Windows\System32\drivers\{6fcd6092-9615-4f7f-8898-8df53980e5d2}w64.sys [61112 2014-07-14] (StdLib)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S1 cherimoya; system32\drivers\cherimoya.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S1 innfd_1_10_0_13; system32\drivers\innfd_1_10_0_13.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S1 netfilter64; system32\drivers\netfilter64.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S1 ssnfd; system32\drivers\ssnfd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2015-12-21 09:32 - 2015-12-21 09:33 - 00034744 _____ C:\Users\Moises\Desktop\FRST.txt
2015-12-21 09:31 - 2015-12-21 09:32 - 00000000 ____D C:\FRST
2015-12-21 09:31 - 2015-12-21 09:31 - 02370560 _____ (Farbar) C:\Users\Moises\Desktop\FRST64.exe
2015-12-21 09:29 - 2015-12-21 09:29 - 00001134 _____ C:\Users\Moises\Desktop\FSS.txt
2015-12-21 09:28 - 2015-12-21 09:29 - 00415744 _____ (Farbar) C:\Users\Moises\Desktop\FSS.exe
2015-12-21 09:13 - 2015-12-21 09:13 - 00000000 ____D C:\Program Files (x86)\CalendarTool
2015-12-18 12:34 - 2015-12-18 12:41 - 00000000 ____D C:\Users\Moises\Desktop\ATIVIDADES Mª JULYA
2015-12-18 08:32 - 2015-12-18 17:28 - 00000000 ____D C:\Users\Moises\AppData\Roaming\CalendarTool
2015-12-17 09:25 - 2015-12-17 09:26 - 00042644 _____ C:\Users\Moises\Desktop\Outlook.com.zip
2015-12-17 08:53 - 2015-12-17 08:53 - 00000000 ____D C:\Users\Moises\AppData\Local\Yeaplayer
2015-12-17 08:51 - 2015-11-14 21:08 - 02496403 _____ ( ) C:\Users\Moises\AppData\Roaming\yeaplayer_51475.exe
2015-12-17 08:48 - 2015-12-17 16:08 - 01876992 _____ C:\Users\Todos os Usuários\carssc.exe
2015-12-17 08:48 - 2015-12-17 16:08 - 01876992 _____ C:\ProgramData\carssc.exe
2015-12-17 08:44 - 2015-12-17 08:44 - 00000000 ____D C:\Users\Moises\AppData\Roaming\WinNetSvc
2015-12-16 09:44 - 2015-12-16 09:44 - 00000000 ____D C:\Users\Public\Documents\Guid
2015-12-16 09:11 - 2015-12-16 09:11 - 00001631 ____R C:\Yeabeats Browser.lnk
2015-12-16 09:03 - 2015-11-16 08:01 - 01762304 _____ (TODO: <公司名>) C:\Users\Todos os Usuários\upgsvr.exe
2015-12-16 09:03 - 2015-11-16 08:01 - 01762304 _____ (TODO: <公司名>) C:\ProgramData\upgsvr.exe
2015-12-16 08:59 - 2015-11-16 08:01 - 01762304 _____ (TODO: <公司名>) C:\Users\Moises\AppData\Roaming\upgsvr.exe
2015-12-16 08:50 - 2015-12-16 08:50 - 00002944 _____ C:\Windows\System32\Tasks\svchost
2015-12-14 13:04 - 2015-12-14 13:04 - 00695199 _____ C:\Users\Moises\Downloads\884.tmp
2015-12-11 08:06 - 2015-12-11 08:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-09 14:58 - 2015-12-09 15:10 - 00000000 ____D C:\Users\Moises\Desktop\Dropbox
2015-12-09 09:33 - 2015-12-09 09:33 - 00000000 ____D C:\Users\Moises\Desktop\FUNENSEG
2015-12-09 09:09 - 2015-11-20 16:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 09:09 - 2015-11-20 16:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 09:09 - 2015-11-20 16:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 09:09 - 2015-11-20 16:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 09:09 - 2015-11-20 16:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 09:09 - 2015-11-20 16:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 09:09 - 2015-11-20 16:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 09:09 - 2015-11-20 16:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 09:09 - 2015-11-20 16:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 09:09 - 2015-11-20 16:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 09:09 - 2015-11-20 16:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 09:09 - 2015-11-20 16:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 09:09 - 2015-11-20 16:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 09:09 - 2015-11-20 16:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 09:09 - 2015-11-20 16:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 09:09 - 2015-11-20 16:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 09:09 - 2015-11-05 17:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 09:09 - 2015-11-05 17:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 09:09 - 2015-11-03 17:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 09:09 - 2015-11-03 16:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 09:08 - 2015-11-11 19:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 09:08 - 2015-11-11 18:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 09:08 - 2015-11-11 16:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 09:08 - 2015-11-11 16:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 09:08 - 2015-11-11 16:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 09:08 - 2015-11-11 16:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 09:08 - 2015-11-11 14:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 09:08 - 2015-11-11 14:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 09:08 - 2015-11-11 13:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 09:08 - 2015-11-11 13:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 09:08 - 2015-11-11 13:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 09:08 - 2015-11-11 13:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 09:08 - 2015-11-11 12:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 09:08 - 2015-11-10 16:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 09:08 - 2015-11-10 16:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 09:08 - 2015-11-10 16:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 09:08 - 2015-11-10 16:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 09:08 - 2015-11-10 16:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 09:08 - 2015-11-10 15:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 09:08 - 2015-11-09 22:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 09:08 - 2015-11-09 22:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 09:08 - 2015-11-09 22:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 09:08 - 2015-11-09 22:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 09:08 - 2015-11-09 22:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 09:08 - 2015-11-09 22:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 09:08 - 2015-11-09 22:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 09:08 - 2015-11-09 22:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 09:08 - 2015-11-09 22:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 09:08 - 2015-11-09 22:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 09:08 - 2015-11-09 22:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 09:08 - 2015-11-09 22:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 09:08 - 2015-11-09 22:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 09:08 - 2015-11-09 21:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 09:08 - 2015-11-09 21:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 09:08 - 2015-11-09 21:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 09:08 - 2015-11-09 21:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 09:08 - 2015-11-09 21:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 09:08 - 2015-11-09 21:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 09:08 - 2015-11-09 21:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 09:08 - 2015-11-09 21:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 09:08 - 2015-11-09 21:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 09:08 - 2015-11-09 21:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 09:08 - 2015-11-09 21:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 09:08 - 2015-11-08 20:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 09:08 - 2015-11-08 20:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 09:08 - 2015-11-08 20:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 09:08 - 2015-11-08 20:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 09:08 - 2015-11-08 20:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 09:08 - 2015-11-08 20:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 09:08 - 2015-11-08 20:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 09:08 - 2015-11-08 20:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 09:08 - 2015-11-08 20:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 09:08 - 2015-11-08 20:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 09:08 - 2015-11-08 20:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 09:08 - 2015-11-08 20:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 09:08 - 2015-11-08 20:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 09:08 - 2015-11-08 20:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 09:08 - 2015-11-08 20:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 09:08 - 2015-11-08 20:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 09:08 - 2015-11-08 19:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 09:08 - 2015-11-08 19:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 09:08 - 2015-11-08 19:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 09:08 - 2015-11-08 19:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 09:08 - 2015-11-08 19:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 09:08 - 2015-11-08 19:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 09:08 - 2015-11-08 19:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 09:08 - 2015-11-08 19:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 09:08 - 2015-11-08 19:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 09:08 - 2015-11-08 19:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 09:08 - 2015-11-08 19:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 09:08 - 2015-11-08 19:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 09:08 - 2015-11-08 18:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 09:08 - 2015-11-08 18:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 09:08 - 2015-11-08 18:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 09:08 - 2015-11-05 17:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 09:08 - 2015-11-05 17:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 09:08 - 2015-11-05 07:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 09:08 - 2015-10-08 21:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-09 09:08 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-09 09:08 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-09 09:08 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-09 09:08 - 2015-10-08 21:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-09 09:08 - 2015-10-08 21:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-09 09:08 - 2015-10-08 21:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-09 09:08 - 2015-10-08 21:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-09 09:08 - 2015-10-08 17:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-09 09:08 - 2015-10-08 16:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-09 09:05 - 2015-11-03 17:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 09:05 - 2015-11-03 16:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-04 09:13 - 2015-12-04 09:13 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-04 09:13 - 2015-12-04 09:13 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-02 10:27 - 2015-12-02 10:27 - 00000000 __SHD C:\found.000
2015-12-01 10:08 - 2015-12-01 10:08 - 00003028 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1448971650
2015-12-01 10:08 - 2015-12-01 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-12-01 10:07 - 2015-12-16 09:11 - 00001181 ____R C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2015-12-01 10:01 - 2015-12-01 10:01 - 00466400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-12-01 10:01 - 2015-12-01 10:01 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2015-12-01 10:01 - 2015-12-01 08:53 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-12-01 09:16 - 2015-12-01 09:11 - 00110176 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2015-12-01 09:12 - 2015-12-01 09:15 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-12-01 08:55 - 2015-12-01 08:55 - 00000000 ____D C:\Users\Moises\AppData\Roaming\AVAST Software
2015-12-01 08:54 - 2015-12-17 08:39 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-01 08:53 - 2015-12-01 08:53 - 01059656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-12-01 08:53 - 2015-12-01 08:53 - 00449992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-12-01 08:53 - 2015-12-01 08:53 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-12-01 08:53 - 2015-12-01 08:53 - 00154256 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-12-01 08:53 - 2015-12-01 08:53 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-12-01 08:53 - 2015-12-01 08:53 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-12-01 08:53 - 2015-12-01 08:53 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-12-01 08:53 - 2015-12-01 08:53 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-12-01 08:53 - 2015-12-01 08:53 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-12-01 08:51 - 2015-12-01 10:01 - 00000000 ____D C:\Program Files\AVAST Software
2015-12-01 08:43 - 2015-12-01 08:43 - 00276872 _____ C:\Windows\Minidump\120115-19094-01.dmp
2015-11-30 08:38 - 2015-11-30 08:38 - 00000000 ____D C:\Users\Moises\AppData\Roaming\Google
2015-11-24 11:43 - 2015-12-01 12:19 - 00000000 ___SD C:\Users\Moises\AppData\LocalLow\Temp
2015-11-23 11:06 - 2015-11-23 11:06 - 00584288 _____ (Oracle Corporation) C:\Users\Moises\Downloads\JavaSetup8u66.exe

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2015-12-21 09:31 - 2009-07-14 01:20 - 00000000 ____D C:\Windows
2015-12-21 09:17 - 2013-04-18 09:57 - 00001070 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-21 09:17 - 2013-04-18 09:57 - 00001066 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-21 09:13 - 2013-04-16 08:44 - 00000000 ____D C:\Users\Moises\AppData\Roaming\Skype
2015-12-21 09:03 - 2009-07-14 02:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-21 09:03 - 2009-07-14 02:45 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-21 08:53 - 2013-07-16 11:24 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2015-12-21 08:52 - 2009-07-14 03:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-18 17:56 - 2015-09-23 16:12 - 00000000 ____D C:\Users\Moises\Desktop\DIGITALIZAÇÕES
2015-12-18 17:35 - 2013-10-01 09:18 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-18 16:39 - 2013-04-17 11:17 - 00085368 _____ C:\Users\Moises\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-18 15:25 - 2013-04-18 15:09 - 00000000 ____D C:\Users\Moises\AppData\Roaming\GanymedeNet
2015-12-18 08:17 - 2009-07-14 02:45 - 00340032 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-17 17:53 - 2015-04-06 18:19 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-17 17:53 - 2015-04-06 18:19 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-17 17:09 - 2015-10-06 17:38 - 00000000 ____D C:\Users\Moises\AppData\LocalLow\Unity
2015-12-17 17:09 - 2015-10-06 17:38 - 00000000 ____D C:\Users\Moises\AppData\Local\Unity
2015-12-17 08:45 - 2014-04-24 16:19 - 00000286 __RSH C:\Users\Todos os Usuários\ntuser.pol
2015-12-17 08:45 - 2014-04-24 16:19 - 00000286 __RSH C:\ProgramData\ntuser.pol
2015-12-17 08:44 - 2015-06-10 09:48 - 00000000 ____D C:\Users\Moises\AppData\Roaming\logpath
2015-12-17 08:44 - 2015-04-06 13:31 - 00000000 ____D C:\Users\Moises\AppData\Roaming\RunDir
2015-12-15 08:43 - 2015-04-06 16:10 - 00001530 _____ C:\Users\Moises\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2015-12-11 08:07 - 2013-04-16 08:41 - 00000000 ____D C:\Users\Todos os Usuários\Skype
2015-12-11 08:07 - 2013-04-16 08:41 - 00000000 ____D C:\ProgramData\Skype
2015-12-11 08:06 - 2014-02-12 08:40 - 00000000 ____D C:\Users\Moises\AppData\Local\Skype
2015-12-11 08:06 - 2013-04-16 08:44 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-10 13:49 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\rescache
2015-12-10 08:30 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\inf
2015-12-09 17:42 - 2014-03-24 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 17:41 - 2014-03-24 14:09 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 17:41 - 2014-03-24 14:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 17:40 - 2013-04-15 20:14 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2015-12-09 17:40 - 2013-04-15 20:14 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 15:15 - 2009-07-29 13:39 - 00705798 _____ C:\Windows\system32\prfh0416.dat
2015-12-09 15:15 - 2009-07-29 13:39 - 00147638 _____ C:\Windows\system32\prfc0416.dat
2015-12-09 15:15 - 2009-07-14 03:13 - 01635826 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-07 09:12 - 2013-04-18 09:57 - 00004066 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-07 09:12 - 2013-04-18 09:57 - 00003814 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 08:25 - 2009-07-14 01:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-12-02 13:43 - 2015-10-30 14:29 - 00000000 ____D C:\Users\Moises\Desktop\MT VIANA
2015-12-02 13:18 - 2013-04-16 08:41 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-01 10:59 - 2015-09-23 15:55 - 00000000 ____D C:\Users\Moises\Desktop\BACKUP
2015-12-01 10:01 - 2013-04-16 08:26 - 00000000 ____D C:\Users\Todos os Usuários\AVAST Software
2015-12-01 10:01 - 2013-04-16 08:26 - 00000000 ____D C:\ProgramData\AVAST Software
2015-12-01 09:37 - 2014-06-26 17:20 - 00000000 ____D C:\Program Files (x86)\5B99CC8D-7BAF-430A-9C63-67C9980E3ED8
2015-12-01 09:17 - 2013-10-01 09:18 - 00003840 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-01 09:17 - 2013-08-07 11:04 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-01 09:17 - 2013-08-07 11:04 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-01 09:16 - 2015-10-01 11:43 - 00000000 ____D C:\Users\Moises\.oracle_jre_usage
2015-12-01 09:16 - 2013-12-13 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-01 09:15 - 2013-07-18 14:17 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-01 09:11 - 2015-08-28 10:44 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-12-01 09:09 - 2015-08-28 10:44 - 00000000 ____D C:\Program Files\Java
2015-12-01 08:43 - 2013-10-29 09:32 - 00000000 ____D C:\Windows\Minidump
2015-12-01 08:42 - 2015-10-15 13:10 - 256449183 _____ C:\Windows\MEMORY.DMP
2015-11-26 14:35 - 2009-07-14 01:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-26 13:42 - 2009-07-14 03:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-11-26 11:52 - 2015-11-13 11:06 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-24 12:14 - 2013-07-18 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

==================== Arquivos na raiz de alguns diretórios =======

2015-03-26 17:14 - 2015-03-26 17:14 - 0005542 _____ () C:\Users\Moises\AppData\Roaming\ABYRWS
2014-04-24 15:51 - 2014-07-15 09:46 - 0000322 _____ () C:\Users\Moises\AppData\Roaming\aps.uninstall.scan.results
2015-03-26 17:14 - 2015-03-26 17:14 - 0005542 _____ () C:\Users\Moises\AppData\Roaming\BHQKSBND
2015-03-26 17:14 - 2015-03-26 17:14 - 0005542 _____ () C:\Users\Moises\AppData\Roaming\CMTHK
2015-03-26 17:14 - 2015-03-26 17:14 - 0005542 _____ () C:\Users\Moises\AppData\Roaming\IIGEKNHV
2014-03-25 11:45 - 2014-03-25 17:09 - 0000965 _____ () C:\Users\Moises\AppData\Roaming\LiveSupport.exe_log.txt
2014-03-25 11:45 - 2014-03-25 11:48 - 0000092 _____ () C:\Users\Moises\AppData\Roaming\regsvr32.exe_log.txt
2015-01-30 10:02 - 2015-04-16 15:42 - 0065845 _____ () C:\Users\Moises\AppData\Roaming\unins000.dat
2015-05-29 15:23 - 2015-05-29 15:23 - 0016527 _____ () C:\Users\Moises\AppData\Roaming\unins001.dat
2015-05-29 15:23 - 2015-05-29 15:23 - 0730322 _____ () C:\Users\Moises\AppData\Roaming\unins001.exe
2015-12-16 08:59 - 2015-11-16 08:01 - 1762304 _____ (TODO: <公司名>) C:\Users\Moises\AppData\Roaming\upgsvr.exe
2014-05-06 16:54 - 2015-01-30 07:44 - 0000153 _____ () C:\Users\Moises\AppData\Roaming\WB.CFG
2013-07-16 10:25 - 2013-07-24 09:25 - 0000005 _____ () C:\Users\Moises\AppData\Roaming\WBPU-TTL.DAT
2015-12-17 08:51 - 2015-11-14 21:08 - 2496403 _____ ( ) C:\Users\Moises\AppData\Roaming\yeaplayer_51475.exe
2015-03-26 17:14 - 2015-03-26 17:14 - 0005542 _____ () C:\Users\Moises\AppData\Roaming\YOIQ
2014-04-24 16:17 - 2014-07-14 15:11 - 0573339 _____ (ClickMeIn Limited) C:\Users\Moises\AppData\Local\AnyProtectScannerSetup.exe
2015-01-29 17:43 - 2015-01-29 17:43 - 0000010 _____ () C:\Users\Moises\AppData\Local\DSI.DAT
2015-03-12 09:06 - 2015-03-12 09:06 - 0000000 _____ () C:\Users\Moises\AppData\Local\{777E8DE8-A5CB-47A3-8A6B-941C3DE31BE1}
2015-12-17 08:48 - 2015-12-17 16:08 - 1876992 _____ () C:\ProgramData\carssc.exe
2015-12-16 09:03 - 2015-11-16 08:01 - 1762304 _____ (TODO: <公司名>) C:\ProgramData\upgsvr.exe

Arquivos para serem movidos ou deletados:
====================
C:\Users\Moises\AppData\Local\Temp\setup_767.exe
C:\ProgramData\carssc.exe
C:\ProgramData\upgsvr.exe
C:\Users\Moises\SafariSetup.exe
C:\Users\Moises\Silverlight.exe
C:\Users\Moises\sweetimsetup.exe
C:\Users\Todos os Usuários\carssc.exe
C:\Users\Todos os Usuários\upgsvr.exe


Alguns arquivos em TEMP:
====================
C:\Users\Moises\AppData\Local\Temp\19C2.exe
C:\Users\Moises\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Moises\AppData\Local\Temp\setup_767.exe


Alguns com tamanho de zero byte arquivos/pastas:
==========================
C:\Windows\SysWOW64\Drivers\ati0qaxx.sys
C:\Windows\SysWOW64\Drivers\ati2xhxx.sys
C:\Windows\SysWOW64\Drivers\clbdriver.sys
C:\Windows\SysWOW64\Drivers\msvtch.sys

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2015-12-10 11:37

==================== Fim de FRST.txt ============================

Publicité


Signaler le contenu de ce document

Publicité