Publicité
Publicité
Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão:09-01-2015
Executado por Áleson (administrador) em PC-ALESON (12-01-2016 23:57:03)
Executando a partir de C:\Users\Áleson\Desktop
Perfis Carregados: Áleson (Perfis Disponíveis: Áleson)
Platform: Windows 8 Pro (X64) Idioma: Português (Brasil)
Internet Explorer Versão 10 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Navigation Co., Ltd.) C:\Users\Áleson\AppData\Roaming\ntsvc\ntsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Atheros Communications, Inc.) C:\Program Files (x86)\Jumpstart\jswpbapi.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
() C:\Program Files\MegaDownloader\MegaDownloader.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 1999-12-31] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [jswtrayutil] => C:\Program Files (x86)\Jumpstart\jswtrayutil.exe [528384 2008-09-26] (Atheros Communications, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [688184 2011-11-25] (Sony Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-04-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-01] (Caixa Economica Federal)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [Windows Defender ] => C:\ProgramData\uemtqux.exe
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-16] (Skype Technologies S.A.)
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8795000 2015-05-12] (Innovative Solutions)
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [240640 2012-07-26] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1867432 2015-09-01] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX64.dll [2014-07-30] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX64.dll [2014-07-30] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX64.dll [2014-07-30] ()
ShellIconOverlayIdentifiers: [ExplorerEx] -> {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} => C:\Users\Áleson\AppData\Roaming\Mactowebise\explorerEx64.dll [2015-08-19] ()
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX32.dll [2014-07-30] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX32.dll [2014-07-30] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX32.dll [2014-07-30] ()
Startup: C:\Users\Áleson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Correção da Ativação.lnk [2015-07-14]
ShortcutTarget: Correção da Ativação.lnk -> C:\Program Files (x86)\Internet Download Manager\Correção da Ativação.exe (6.23.10.1)
Startup: C:\Users\Áleson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MegaDownloader.lnk [2015-08-15]
ShortcutTarget: MegaDownloader.lnk -> C:\Program Files\MegaDownloader\MegaDownloader.exe ()
Startup: C:\Users\Áleson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar118.lnk [2016-01-12]
ShortcutTarget: Sidebar118.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Winsock: Catalog5 09 C:\ProgramData\System32\SafeGuard32.dll Nenhum Arquivo
Winsock: Catalog5-x64 09 C:\ProgramData\System32\SafeGuard64.dll Nenhum Arquivo
Tcpip\..\Interfaces\{FEE4DABC-00C2-4FD6-9AC0-8CAA17FBF8B6}: [NameServer] 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130905820337103301&GUID=38D9DD1D-A99E-4007-B58C-B0F55C5E2E04
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130905820337134234&GUID=38D9DD1D-A99E-4007-B58C-B0F55C5E2E04
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.br.msn.com/
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-01] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-01] (Oracle Corporation)
BHO: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Users\Áleson\Documents\iTools\Plugin\iToolsBHO64.dll [2013-12-08] (iTools.hk)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-01] (Caixa Economica Federal)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Users\Áleson\Documents\iTools\Plugin\iToolsBHO.dll [2013-12-08] (iTools.hk)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default
FF NewTab: hxxp://www.seekmix.com/?bd=nt&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705
FF Homepage: about:home
FF Session Restore: -> está habilitado.
FF Keyword.URL:
FF NetworkProxy: "no_proxies_on", "*.local"
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-31] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-01] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-31] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @Cabrilog.com/Cabri 3D -> C:\Program Files (x86)\Cabri\Cabri 3D Plug-in 2.1\bin\npcabri3d.dll [2011-08-23] (Cabrilog S.A.S.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [1999-12-31] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [1999-12-31] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPMPDRM -> C:\Program Files (x86)\Common Files\mpDRM\Binaries\NPMPDRM.dll [2011-10-11] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-04-30] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3432586907-597726681-3595710473-1001: gastecnologia.com.br/sf/cef -> C:\Users\Áleson\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-04-08] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-02-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-02-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-02-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-02-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-02-15] (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2015-06-14]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-06-14]
FF Extension: BYTubeD - Bulk YouTube video Downloader - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\extensions\bytubed@cs213.cse.iitk.ac.in [2015-05-29] [não assinado]
FF Extension: Google Translator for Firefox - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\extensions\translator@zoli.bod.xpi [2015-09-17]
FF Extension: Flash and Video Download - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-12-10]
FF Extension: IDM CC - C:\Users\Áleson\AppData\Roaming\IDM\idmmzcc5 [2016-01-12] [não assinado]
FF Extension: MEGA - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\firefox@mega.co.nz.xpi [2015-12-13] [não assinado]
FF Extension: printpdf - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\printpdf@pavlov.net.xpi [2015-05-29]
FF Extension: Save as PDF - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2015-05-29]
FF Extension: FlashGot - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-05-29]
FF Extension: BrowseMark - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\{b99c8534-7800-48fa-bd71-519a46cdc7e1}.xpi [2014-04-07] [não assinado]
FF Extension: Video DownloadHelper - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-04]
FF Extension: Adblock Plus - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-09]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Áleson\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: GBBD Caixa Economica Federal - C:\Users\Áleson\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2014-04-08] [não assinado]
FF HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Áleson\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Áleson\AppData\Roaming\IDM\idmmzcc5 [2016-01-12] [não assinado]
FF HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Áleson\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Áleson\AppData\Roaming\IDM\idmmzcc5 [2016-01-12] [não assinado]
Chrome:
=======
CHR Profile: C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-24]
CHR Extension: (Google Docs) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-24]
CHR Extension: (Google Drive) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (MEGA) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2016-01-12]
CHR Extension: (YouTube) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-24]
CHR Extension: (Desprotetor.com - Desprotetor de links) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\cocohmmjllchepkjocddkihldoiillkl [2015-10-24]
CHR Extension: (Google Search) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Planilhas do Google) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-24]
CHR Extension: (Documentos Google off-line) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-08]
CHR Extension: (MailTrack para Gmail) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2016-01-05]
CHR Extension: (IDM Integration Module) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-10-24]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-24]
CHR Extension: (Gmail) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-24]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]
CHR HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576 2015-08-13] (GAS Tecnologia)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 1999-12-31] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 1999-12-31] (Intel Corporation)
R2 jswpbapi; C:\Program Files (x86)\Jumpstart\jswpbapi.exe [265216 2008-09-26] (Atheros Communications, Inc.) [Arquivo não assinado]
S3 jswpsapi; C:\Program Files (x86)\Jumpstart\jswpsapi.exe [954368 2008-09-26] (Atheros Communications, Inc.) [Arquivo não assinado]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [459832 2011-11-25] (Sony Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 Sed; C:\Users\Áleson\AppData\Roaming\ntsvc\ntsvc.exe [266104 2015-10-12] (Navigation Co., Ltd.)
R2 SkypeUpdateEx; C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe [193456 2015-12-10] ()
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Arquivo não assinado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50464 2014-04-28] (AVG Technologies)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R1 cnnctfy3; C:\Windows\system32\DRIVERS\cnnctfy3.sys [35352 2014-04-04] (Connectify)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R1 epp64; C:\EEK\bin\epp64.sys [136456 2016-01-11] (Emsisoft GmbH)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 1999-12-31] (Intel Corporation)
S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2012-07-25] (Microsoft Corporation)
S3 NETJME; C:\Windows\system32\DRIVERS\NETJME.sys [137728 2012-07-05] (JMicron Technology Corp.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [3737304 2015-01-06] (Realtek Semiconductor Corporation )
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3737304 2015-01-06] (Realtek Semiconductor Corporation )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2014-02-14] (Duplex Secure Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [35856 2013-10-25] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [248240 2013-10-24] (Microsoft Corporation)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-12 23:57 - 2016-01-12 23:57 - 00031121 _____ C:\Users\Áleson\Desktop\FRST.txt
2016-01-12 23:56 - 2016-01-12 23:56 - 00045140 _____ C:\Users\Áleson\Desktop\scan_160112-204346.txt
2016-01-12 23:55 - 2016-01-12 23:56 - 00000000 ____D C:\Users\Áleson\Desktop\Nova pasta
2016-01-12 03:01 - 2016-01-12 03:04 - 22748388 _____ (iFunbox DevTeam ) C:\Users\Áleson\Downloads\ifunbox_setup.exe
2016-01-12 02:59 - 2016-01-12 03:00 - 01090816 _____ (iMobie Inc.) C:\Users\Áleson\Downloads\phoneclean-setup.exe
2016-01-12 02:49 - 2009-09-27 09:39 - 00415744 ___SH (The Public) C:\WINDOWS\SysWOW64\avisynth.dll
2016-01-12 02:49 - 2005-07-14 12:31 - 00032256 ___SH C:\WINDOWS\SysWOW64\AVSredirect.dll
2016-01-12 02:49 - 2004-02-22 10:11 - 00764416 ___SH (Abysmal Software) C:\WINDOWS\SysWOW64\devil.dll
2016-01-12 02:49 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\WINDOWS\SysWOW64\yv12vfw.dll
2016-01-12 02:49 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\WINDOWS\SysWOW64\i420vfw.dll
2016-01-12 02:41 - 2016-01-12 02:41 - 00000000 ____D C:\Users\Áleson\Documents\eRightSoft
2016-01-12 02:41 - 2016-01-12 02:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
2016-01-12 02:41 - 2014-03-07 10:03 - 03109520 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avcodec-lav-55.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00550032 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avformat-lav-55.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00313520 __RSH (1f0.de - Hendrik Leppkes) C:\WINDOWS\SysWOW64\HLvideo.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00203408 __RSH (1f0.de - Hendrik Leppkes) C:\WINDOWS\SysWOW64\HLsplit.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00181392 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avutil-lav-52.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00166544 __RSH (Intel Corp.) C:\WINDOWS\SysWOW64\IntelQuickSyncDecoder.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00122512 __RSH (1f0.de - Hendrik Leppkes) C:\WINDOWS\SysWOW64\HLaudio.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00118416 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\swscale-lav-2.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00109712 __RSH C:\WINDOWS\SysWOW64\libbluray.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00098960 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avfilter-lav-4.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00059536 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avresample-lav-1.dll
2016-01-12 02:41 - 2014-01-31 15:20 - 00000493 __RSH C:\WINDOWS\SysWOW64\LAVFilters.Dependencies.manifest
2016-01-12 02:41 - 2012-10-05 18:54 - 00188416 __RSH C:\WINDOWS\SysWOW64\winDCE32.dll
2016-01-12 02:41 - 2012-07-11 22:00 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Olepau32.ax
2016-01-12 02:41 - 2011-06-14 19:05 - 00121344 __RSH C:\WINDOWS\SysWOW64\TAKDSDecoder.ax
2016-01-12 02:41 - 2011-02-11 09:26 - 00112128 __RSH C:\WINDOWS\SysWOW64\OptimFROG.dll
2016-01-12 02:41 - 2010-01-06 23:00 - 00107520 __RSH C:\WINDOWS\SysWOW64\TAKDSDecoder.dll
2016-01-12 02:41 - 2009-08-10 22:00 - 00352768 __RSH C:\WINDOWS\SysWOW64\ac3DX.ax
2016-01-12 02:41 - 2005-02-22 16:55 - 00081920 __RSH C:\WINDOWS\SysWOW64\aac_parser.ax
2016-01-12 02:41 - 2004-10-10 08:50 - 00278528 _____ (Real Networks, Inc) C:\WINDOWS\SysWOW64\pncrt.dll
2016-01-12 02:41 - 2004-07-02 16:33 - 00327749 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\drvc.dll
2016-01-12 02:41 - 2004-04-27 15:03 - 00017408 __RSH (RadLight) C:\WINDOWS\SysWOW64\RLOFRDec.ax
2016-01-12 02:40 - 2016-01-12 02:41 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2016-01-11 10:01 - 2016-01-11 10:01 - 00000725 _____ C:\Users\Áleson\Desktop\Start Emsisoft Emergency Kit.lnk
2016-01-11 10:00 - 2016-01-11 10:01 - 00000000 ____D C:\EEK
2016-01-11 02:09 - 2016-01-11 02:34 - 173508832 _____ C:\Users\Áleson\Desktop\EmsisoftEmergencyKit.exe
2016-01-10 13:42 - 2016-01-12 23:57 - 00000000 ____D C:\FRST
2016-01-10 13:41 - 2016-01-10 13:42 - 02370560 _____ (Farbar) C:\Users\Áleson\Desktop\FRST64.exe
2016-01-10 13:07 - 2016-01-10 13:07 - 00000022 _____ C:\Users\Áleson\Downloads\MEGA-MASTERKEY.txt
2016-01-10 13:03 - 2016-01-10 13:03 - 00000000 ____D C:\Users\Áleson\Downloads\Windows 8.1 Pro VL x64 Multi-8 July 2014
2016-01-09 20:27 - 2016-01-09 20:27 - 00000000 ___HD C:\$Windows.~WS
2016-01-09 10:58 - 2016-01-12 20:39 - 00000326 _____ C:\WINDOWS\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c.job
2016-01-09 10:58 - 2016-01-09 10:58 - 00002582 _____ C:\WINDOWS\System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c
2016-01-09 10:58 - 2016-01-09 10:58 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\Innovative Solutions
2016-01-09 10:58 - 2016-01-09 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
2016-01-09 10:58 - 2016-01-09 10:58 - 00000000 ____D C:\Program Files (x86)\Innovative Solutions
2016-01-09 02:34 - 2016-01-09 02:34 - 00026624 _____ C:\WINDOWS\SysWOW64\Drivers\fsbts.sys
2016-01-09 02:17 - 2016-01-09 02:17 - 00001067 _____ C:\Users\Áleson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent.lnk
2016-01-09 01:52 - 2016-01-09 01:55 - 00000000 ____D C:\Users\Áleson\Downloads\Kaspersky Antivirus + Internet Security + Total Security 2016 16.0.0.424 Beta + Trial Resetters - AppzDam
2016-01-09 01:43 - 2016-01-10 13:06 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\uTorrent
2016-01-09 01:35 - 2016-01-09 01:35 - 00000000 ____D C:\Users\Áleson\Downloads\Utorrent + ativador 2016
2016-01-09 01:27 - 2016-01-09 01:27 - 00000000 ____D C:\Users\Áleson\Downloads\Kaspersky + Renovar licença de uso para 30 dias
2016-01-09 00:13 - 2016-01-09 00:13 - 00000000 ____D C:\Users\Áleson\AppData\Local\ElevatedDiagnostics
2016-01-08 18:08 - 2016-01-08 18:08 - 00000000 ____D C:\Users\Áleson\Downloads\Bound.By.Flame-CODEX
2016-01-08 17:41 - 2016-01-08 18:39 - 00000008 __RSH C:\Users\Áleson\ntuser.pol
2016-01-08 15:29 - 2016-01-09 12:57 - 00000000 ____D C:\Users\Todos os Usuários\Kaspersky Lab Setup Files
2016-01-08 15:29 - 2016-01-09 12:57 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-01-08 13:36 - 2016-01-08 13:37 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-01-08 13:36 - 2016-01-08 13:36 - 00001010 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-01-03 16:06 - 2016-01-03 16:06 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\21080
2016-01-02 21:04 - 2016-01-02 21:04 - 00001234 _____ C:\Users\Áleson\Desktop\Xbox 360 Emulator 3.2.4.lnk
2016-01-02 21:00 - 2016-01-12 23:53 - 00000000 ____D C:\Xbox 360 Emulator 3.2.4
2015-12-30 21:46 - 2015-12-30 21:53 - 1434856323 _____ C:\Users\Áleson\Downloads\Alexandre.e.Outros.Herois.GLOBO.720p.HDTV.x264-FHxHD[GaiteroDownloads].mkv
2015-12-30 21:43 - 2015-12-30 21:43 - 00014450 _____ C:\Users\Áleson\Downloads\Especial-AlexandreEOHistorias.rar
2015-12-23 01:37 - 2015-12-23 01:37 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Local\Google
2015-12-23 01:37 - 2015-12-23 01:37 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2015-12-23 01:37 - 2015-12-23 01:37 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2015-12-22 11:20 - 2016-01-08 23:56 - 00000000 ___RD C:\Users\Áleson\Google Drive
2015-12-22 11:16 - 2015-12-23 01:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-12-21 11:07 - 2015-12-21 11:07 - 00003060 _____ C:\Users\Áleson\Downloads\em-teu-altar.txt
2015-12-20 14:41 - 2015-12-20 14:41 - 00003956 _____ C:\Users\Áleson\Downloads\janta.txt
2015-12-19 23:58 - 2015-12-19 23:58 - 00000713 _____ C:\Users\Áleson\Downloads\Peter.Pan.2015.720p.BluRay.DUAL-LAPUMiA.srt
2015-12-15 20:40 - 2015-12-15 20:41 - 00000492 _____ C:\Users\Áleson\Desktop\Novo Documento de Texto.txt
2015-12-15 20:26 - 2015-12-15 20:26 - 00000000 ____D C:\Users\Áleson\Downloads\AVF01
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-12 23:54 - 2015-11-06 03:40 - 00000000 ____D C:\Users\-leson\AppData\Roaming\XBox
2016-01-12 23:54 - 2015-10-29 00:08 - 00000000 ____D C:\Users\Todos os Usuários\System32
2016-01-12 23:54 - 2015-10-29 00:08 - 00000000 ____D C:\ProgramData\System32
2016-01-12 23:54 - 2014-12-15 22:01 - 00000000 ____D C:\Users\Áleson\Documents\Programas
2016-01-12 23:53 - 2015-10-28 20:01 - 00000000 ____D C:\WINDOWS\SysWOW64\worker
2016-01-12 23:32 - 2015-07-30 15:06 - 00000340 _____ C:\WINDOWS\Tasks\iToolsDaemon.job
2016-01-12 23:30 - 2015-05-23 00:16 - 00000000 ____D C:\Users\Áleson\Downloads\Video
2016-01-12 23:27 - 2015-05-23 00:16 - 00000000 ____D C:\Users\Áleson\Downloads\Compressed
2016-01-12 23:07 - 2015-03-03 23:12 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-12 22:53 - 2014-04-06 00:25 - 11332608 ___SH C:\Users\Áleson\Desktop\Thumbs.db
2016-01-12 22:38 - 2015-09-11 20:23 - 00005008 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Pc-Aleson-Áleson Pc-Aleson
2016-01-12 20:43 - 2012-07-26 07:33 - 00765720 _____ C:\WINDOWS\system32\prfh0416.dat
2016-01-12 20:43 - 2012-07-26 07:33 - 00155452 _____ C:\WINDOWS\system32\prfc0416.dat
2016-01-12 20:43 - 2012-07-26 04:28 - 01773574 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-12 20:43 - 2012-07-26 02:37 - 00000000 ____D C:\WINDOWS\Inf
2016-01-12 20:40 - 2015-05-23 00:14 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-01-12 20:39 - 2015-09-25 05:01 - 00000000 ____D C:\Program Files (x86)\SkypeUpdateEx
2016-01-12 20:39 - 2015-07-30 15:06 - 00003282 _____ C:\WINDOWS\System32\Tasks\iToolsDaemon
2016-01-12 20:39 - 2015-03-03 23:12 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-12 20:39 - 2012-07-26 04:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-12 20:37 - 2012-07-26 02:26 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2016-01-12 20:36 - 2015-09-25 09:12 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\Software Tool
2016-01-12 20:36 - 2015-09-20 12:19 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\XBox
2016-01-12 20:36 - 2015-05-23 00:16 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\DMCache
2016-01-12 20:36 - 2014-06-01 22:55 - 00000000 ____D C:\Program Files\KMSpico
2016-01-12 20:36 - 2014-05-07 08:24 - 00000000 ____D C:\Users\Áleson\AppData\Local\31731
2016-01-12 20:24 - 2014-04-25 10:31 - 00000132 _____ C:\Users\Áleson\AppData\Roaming\Preferências do Formato PNG CC da Adobe
2016-01-12 02:41 - 2012-07-26 02:37 - 00000000 ____D C:\Windows
2016-01-12 02:40 - 2015-05-23 00:16 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\IDM
2016-01-12 02:01 - 2014-07-06 13:41 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\AIMP3
2016-01-12 02:00 - 2013-12-03 20:12 - 00000000 ____D C:\Users\Áleson\AppData\Local\Adobe
2016-01-11 09:55 - 2014-04-06 17:52 - 08628224 ___SH C:\Users\Áleson\Downloads\Thumbs.db
2016-01-11 02:17 - 2013-12-03 20:14 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3432586907-597726681-3595710473-1001
2016-01-11 00:53 - 2015-03-03 23:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-11 00:49 - 2013-12-03 21:10 - 00000008 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-01-11 00:49 - 2013-12-03 21:10 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-01-11 00:43 - 2013-12-03 20:51 - 00000000 ____D C:\Users\Áleson\AppData\LocalLow\Temp
2016-01-11 00:42 - 2012-07-26 05:12 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-01-11 00:42 - 2012-07-26 05:12 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-01-10 09:33 - 2014-12-07 16:03 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\vlc
2016-01-10 01:27 - 2014-05-07 23:48 - 00000000 ____D C:\Users\Áleson\AppData\Local\Sidebar7
2016-01-09 19:50 - 2013-12-03 19:56 - 00000000 ____D C:\Users\Áleson
2016-01-09 19:45 - 2014-03-30 17:52 - 00871936 ___SH C:\Users\Áleson\Thumbs.db
2016-01-09 19:40 - 2013-12-03 20:29 - 00000000 ____D C:\WINDOWS\Panther
2016-01-09 10:58 - 2013-12-03 22:53 - 00000000 ____D C:\Users\Áleson\AppData\Local\Innovative Solutions
2016-01-09 01:49 - 2014-08-28 01:55 - 00146432 ___SH C:\Users\Áleson\Documents\Thumbs.db
2016-01-08 23:54 - 2015-07-29 10:14 - 05691736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-08 16:28 - 2014-10-18 18:15 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\Ashampoo
2016-01-08 16:28 - 2014-10-18 18:15 - 00000000 ____D C:\Users\Áleson\AppData\Local\ashampoo
2016-01-08 13:43 - 2015-02-16 22:53 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\TeamViewer
2015-12-22 19:36 - 2013-12-03 20:04 - 00000000 ____D C:\Users\Áleson\AppData\Local\Packages
2015-12-22 11:16 - 2013-12-03 20:16 - 00000000 ____D C:\Users\Áleson\AppData\Local\Google
2015-12-22 11:16 - 2013-12-03 20:16 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-15 20:35 - 2014-01-27 20:47 - 00000000 ____D C:\Program Files\Recuva
==================== Arquivos na raiz de alguns diretórios =======
2014-04-25 10:50 - 2014-04-28 23:20 - 0003757 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-05-06 07:45 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.addit001.dat
2014-05-06 07:45 - 2014-05-06 07:45 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.app190905.dat
2015-11-20 23:36 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.ax010705.dat
2014-05-06 07:45 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.data000.dat
2014-05-06 07:45 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.data001.dat
2014-05-06 07:45 - 2014-05-06 07:45 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.drv120205.dat
2014-05-06 07:45 - 2014-05-06 07:45 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.drv190904.dat
2015-11-20 23:36 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.px050107.dat
2015-11-20 23:36 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.xp070105.dat
2014-02-04 17:09 - 2014-02-04 17:09 - 0093696 _____ () C:\Users\Áleson\AppData\Roaming\ezpinst.exe
2014-08-08 08:59 - 2014-08-08 08:59 - 0099384 _____ () C:\Users\Áleson\AppData\Roaming\inst.exe
2015-04-10 07:00 - 2015-04-10 07:00 - 0000000 _____ () C:\Users\Áleson\AppData\Roaming\oWfnW.txt
2014-02-04 17:09 - 2014-08-08 08:59 - 0007859 _____ () C:\Users\Áleson\AppData\Roaming\pcouffin.cat
2014-02-04 17:09 - 2014-08-08 08:59 - 0001167 _____ () C:\Users\Áleson\AppData\Roaming\pcouffin.inf
2014-02-04 17:10 - 2014-08-08 08:59 - 0000055 _____ () C:\Users\Áleson\AppData\Roaming\pcouffin.log
2014-02-04 17:09 - 2014-08-08 08:59 - 0082816 _____ (VSO Software) C:\Users\Áleson\AppData\Roaming\pcouffin.sys
2015-08-10 18:16 - 2015-08-10 18:16 - 0000132 _____ () C:\Users\Áleson\AppData\Roaming\Preferências do Formato AIFF CC da Adobe
2015-09-11 20:25 - 2015-09-11 20:28 - 0000132 _____ () C:\Users\Áleson\AppData\Roaming\Preferências do Formato GIF CC da Adobe
2014-04-25 10:31 - 2016-01-12 20:24 - 0000132 _____ () C:\Users\Áleson\AppData\Roaming\Preferências do Formato PNG CC da Adobe
2013-12-07 14:23 - 2014-03-28 19:16 - 0000132 _____ () C:\Users\Áleson\AppData\Roaming\Preferências do formato PNG do Adobe CS5
2014-04-08 18:03 - 2014-04-08 18:09 - 0033465 _____ () C:\Users\Áleson\AppData\Roaming\unins000.dat
2014-04-08 18:09 - 2014-04-08 18:08 - 0730322 _____ () C:\Users\Áleson\AppData\Roaming\unins000.exe
2015-02-05 19:23 - 2015-02-05 19:25 - 183677480 _____ () C:\Users\Áleson\AppData\Local\ACCCx2_9_0_465.zip.aamdownload
2015-02-05 19:23 - 2015-02-05 19:25 - 0002195 _____ () C:\Users\Áleson\AppData\Local\ACCCx2_9_0_465.zip.aamdownload.aamd
2014-02-09 00:38 - 2014-03-13 00:30 - 0001456 _____ () C:\Users\Áleson\AppData\Local\Adobe Salvar para a Web 12.0 Prefs
2015-01-22 21:25 - 2015-09-29 00:59 - 0001456 _____ () C:\Users\Áleson\AppData\Local\Adobe Salvar para Web 13.0 Prefs
2014-08-30 19:50 - 2014-08-30 19:50 - 0026226 _____ () C:\Users\Áleson\AppData\Local\Bron.tok.A17.em.bin
2014-09-02 20:27 - 2014-09-02 20:27 - 0000336 _____ () C:\Users\Áleson\AppData\Local\JunkAtx.bin
2015-12-05 15:00 - 2015-12-05 15:00 - 0000000 _____ () C:\Users\Áleson\AppData\Local\{B5D010D4-1156-4222-8FA8-1BDF7862729E}
2014-04-25 17:41 - 2014-04-25 17:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-01-08 02:10
==================== Fim de FRST.txt ============================
Executado por Áleson (administrador) em PC-ALESON (12-01-2016 23:57:03)
Executando a partir de C:\Users\Áleson\Desktop
Perfis Carregados: Áleson (Perfis Disponíveis: Áleson)
Platform: Windows 8 Pro (X64) Idioma: Português (Brasil)
Internet Explorer Versão 10 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Navigation Co., Ltd.) C:\Users\Áleson\AppData\Roaming\ntsvc\ntsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Atheros Communications, Inc.) C:\Program Files (x86)\Jumpstart\jswpbapi.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\ThinkSky\iTools 3\iToolsDaemon.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
() C:\Program Files\MegaDownloader\MegaDownloader.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Internet Download Manager, Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 1999-12-31] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [jswtrayutil] => C:\Program Files (x86)\Jumpstart\jswtrayutil.exe [528384 2008-09-26] (Atheros Communications, Inc.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [688184 2011-11-25] (Sony Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1282632 2013-04-02] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [453736 2013-02-19] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-01] (Caixa Economica Federal)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [Windows Defender ] => C:\ProgramData\uemtqux.exe
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53282944 2015-06-16] (Skype Technologies S.A.)
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22790776 2015-11-04] (Google)
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [8795000 2015-05-12] (Innovative Solutions)
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [240640 2012-07-26] (Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1867432 2015-09-01] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-11-04] (Google)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX64.dll [2014-07-30] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX64.dll [2014-07-30] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX64.dll [2014-07-30] ()
ShellIconOverlayIdentifiers: [ExplorerEx] -> {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} => C:\Users\Áleson\AppData\Roaming\Mactowebise\explorerEx64.dll [2015-08-19] ()
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX32.dll [2014-07-30] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX32.dll [2014-07-30] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Áleson\AppData\Local\MEGAsync\ShellExtX32.dll [2014-07-30] ()
Startup: C:\Users\Áleson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Correção da Ativação.lnk [2015-07-14]
ShortcutTarget: Correção da Ativação.lnk -> C:\Program Files (x86)\Internet Download Manager\Correção da Ativação.exe (6.23.10.1)
Startup: C:\Users\Áleson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MegaDownloader.lnk [2015-08-15]
ShortcutTarget: MegaDownloader.lnk -> C:\Program Files\MegaDownloader\MegaDownloader.exe ()
Startup: C:\Users\Áleson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar118.lnk [2016-01-12]
ShortcutTarget: Sidebar118.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
Winsock: Catalog5 09 C:\ProgramData\System32\SafeGuard32.dll Nenhum Arquivo
Winsock: Catalog5-x64 09 C:\ProgramData\System32\SafeGuard64.dll Nenhum Arquivo
Tcpip\..\Interfaces\{FEE4DABC-00C2-4FD6-9AC0-8CAA17FBF8B6}: [NameServer] 8.8.8.8
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130905820337103301&GUID=38D9DD1D-A99E-4007-B58C-B0F55C5E2E04
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130905820337134234&GUID=38D9DD1D-A99E-4007-B58C-B0F55C5E2E04
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.br.msn.com/
HKU\S-1-5-21-3432586907-597726681-3595710473-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-01] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-01] (Oracle Corporation)
BHO: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Users\Áleson\Documents\iTools\Plugin\iToolsBHO64.dll [2013-12-08] (iTools.hk)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-01] (Caixa Economica Federal)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: BHOImpl Class -> {E1499FE7-129D-4B6E-B681-DDF21E14172C} -> C:\Users\Áleson\Documents\iTools\Plugin\iToolsBHO.dll [2013-12-08] (iTools.hk)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default
FF NewTab: hxxp://www.seekmix.com/?bd=nt&oem=ntsvc&uid=ST9750423AS_5WS32PX1XXXX5WS32PX1&version=2.3.0.10992&pid=414031160&tid=705
FF Homepage: about:home
FF Session Restore: -> está habilitado.
FF Keyword.URL:
FF NetworkProxy: "no_proxies_on", "*.local"
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-31] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-01] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-22] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-31] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @Cabrilog.com/Cabri 3D -> C:\Program Files (x86)\Cabri\Cabri 3D Plug-in 2.1\bin\npcabri3d.dll [2011-08-23] (Cabrilog S.A.S.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [1999-12-31] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [1999-12-31] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @protectdisc.com/NPMPDRM -> C:\Program Files (x86)\Common Files\mpDRM\Binaries\NPMPDRM.dll [2011-10-11] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2013-03-21] (Adobe Systems)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll [2014-04-30] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-3432586907-597726681-3595710473-1001: gastecnologia.com.br/sf/cef -> C:\Users\Áleson\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-04-08] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-02-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-02-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-02-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-02-15] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-02-15] (Apple Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\buscape.xml [2015-06-14]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-06-14]
FF Extension: BYTubeD - Bulk YouTube video Downloader - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\extensions\bytubed@cs213.cse.iitk.ac.in [2015-05-29] [não assinado]
FF Extension: Google Translator for Firefox - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\extensions\translator@zoli.bod.xpi [2015-09-17]
FF Extension: Flash and Video Download - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-12-10]
FF Extension: IDM CC - C:\Users\Áleson\AppData\Roaming\IDM\idmmzcc5 [2016-01-12] [não assinado]
FF Extension: MEGA - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\firefox@mega.co.nz.xpi [2015-12-13] [não assinado]
FF Extension: printpdf - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\printpdf@pavlov.net.xpi [2015-05-29]
FF Extension: Save as PDF - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\save-as-pdf-ff@pdfcrowd.com.xpi [2015-05-29]
FF Extension: FlashGot - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2015-05-29]
FF Extension: BrowseMark - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\{b99c8534-7800-48fa-bd71-519a46cdc7e1}.xpi [2014-04-07] [não assinado]
FF Extension: Video DownloadHelper - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-11-04]
FF Extension: Adblock Plus - C:\Users\Áleson\AppData\Roaming\Mozilla\Firefox\Profiles\5858y3vo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-09]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\Áleson\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: GBBD Caixa Economica Federal - C:\Users\Áleson\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2014-04-08] [não assinado]
FF HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Áleson\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Áleson\AppData\Roaming\IDM\idmmzcc5 [2016-01-12] [não assinado]
FF HKU\S-1-5-21-3432586907-597726681-3595710473-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Áleson\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Áleson\AppData\Roaming\IDM\idmmzcc5 [2016-01-12] [não assinado]
Chrome:
=======
CHR Profile: C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-24]
CHR Extension: (Google Docs) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-24]
CHR Extension: (Google Drive) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (MEGA) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2016-01-12]
CHR Extension: (YouTube) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-24]
CHR Extension: (Desprotetor.com - Desprotetor de links) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\cocohmmjllchepkjocddkihldoiillkl [2015-10-24]
CHR Extension: (Google Search) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Planilhas do Google) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-24]
CHR Extension: (Documentos Google off-line) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-08]
CHR Extension: (MailTrack para Gmail) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2016-01-05]
CHR Extension: (IDM Integration Module) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-10-24]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-24]
CHR Extension: (Gmail) - C:\Users\Áleson\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-24]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]
CHR HKU\S-1-5-21-3432586907-597726681-3595710473-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-02]
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [587576 2015-08-13] (GAS Tecnologia)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Arquivo não assinado]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 1999-12-31] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 1999-12-31] (Intel Corporation)
R2 jswpbapi; C:\Program Files (x86)\Jumpstart\jswpbapi.exe [265216 2008-09-26] (Atheros Communications, Inc.) [Arquivo não assinado]
S3 jswpsapi; C:\Program Files (x86)\Jumpstart\jswpsapi.exe [954368 2008-09-26] (Atheros Communications, Inc.) [Arquivo não assinado]
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1716264 2014-04-30] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-04-30] (pdfforge GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [459832 2011-11-25] (Sony Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2013-09-13] (arvato digital services llc)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-02-28] (Riverbed Technology, Inc.)
R2 Sed; C:\Users\Áleson\AppData\Roaming\ntsvc\ntsvc.exe [266104 2015-10-12] (Navigation Co., Ltd.)
R2 SkypeUpdateEx; C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe [193456 2015-12-10] ()
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Arquivo não assinado]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50464 2014-04-28] (AVG Technologies)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R1 cnnctfy3; C:\Windows\system32\DRIVERS\cnnctfy3.sys [35352 2014-04-04] (Connectify)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2012-09-20] (Broadcom Corporation)
R1 epp64; C:\EEK\bin\epp64.sys [136456 2016-01-11] (Emsisoft GmbH)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 1999-12-31] (Intel Corporation)
S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [126464 2012-07-25] (Microsoft Corporation)
S3 NETJME; C:\Windows\system32\DRIVERS\NETJME.sys [137728 2012-07-05] (JMicron Technology Corp.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-02-28] (Riverbed Technology, Inc.)
S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [3737304 2015-01-06] (Realtek Semiconductor Corporation )
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3737304 2015-01-06] (Realtek Semiconductor Corporation )
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2014-02-14] (Duplex Secure Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [35856 2013-10-25] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [248240 2013-10-24] (Microsoft Corporation)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Um Mês Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-12 23:57 - 2016-01-12 23:57 - 00031121 _____ C:\Users\Áleson\Desktop\FRST.txt
2016-01-12 23:56 - 2016-01-12 23:56 - 00045140 _____ C:\Users\Áleson\Desktop\scan_160112-204346.txt
2016-01-12 23:55 - 2016-01-12 23:56 - 00000000 ____D C:\Users\Áleson\Desktop\Nova pasta
2016-01-12 03:01 - 2016-01-12 03:04 - 22748388 _____ (iFunbox DevTeam ) C:\Users\Áleson\Downloads\ifunbox_setup.exe
2016-01-12 02:59 - 2016-01-12 03:00 - 01090816 _____ (iMobie Inc.) C:\Users\Áleson\Downloads\phoneclean-setup.exe
2016-01-12 02:49 - 2009-09-27 09:39 - 00415744 ___SH (The Public) C:\WINDOWS\SysWOW64\avisynth.dll
2016-01-12 02:49 - 2005-07-14 12:31 - 00032256 ___SH C:\WINDOWS\SysWOW64\AVSredirect.dll
2016-01-12 02:49 - 2004-02-22 10:11 - 00764416 ___SH (Abysmal Software) C:\WINDOWS\SysWOW64\devil.dll
2016-01-12 02:49 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\WINDOWS\SysWOW64\yv12vfw.dll
2016-01-12 02:49 - 2004-01-25 00:00 - 00070656 ___SH (www.helixcommunity.org) C:\WINDOWS\SysWOW64\i420vfw.dll
2016-01-12 02:41 - 2016-01-12 02:41 - 00000000 ____D C:\Users\Áleson\Documents\eRightSoft
2016-01-12 02:41 - 2016-01-12 02:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
2016-01-12 02:41 - 2014-03-07 10:03 - 03109520 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avcodec-lav-55.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00550032 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avformat-lav-55.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00313520 __RSH (1f0.de - Hendrik Leppkes) C:\WINDOWS\SysWOW64\HLvideo.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00203408 __RSH (1f0.de - Hendrik Leppkes) C:\WINDOWS\SysWOW64\HLsplit.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00181392 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avutil-lav-52.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00166544 __RSH (Intel Corp.) C:\WINDOWS\SysWOW64\IntelQuickSyncDecoder.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00122512 __RSH (1f0.de - Hendrik Leppkes) C:\WINDOWS\SysWOW64\HLaudio.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00118416 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\swscale-lav-2.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00109712 __RSH C:\WINDOWS\SysWOW64\libbluray.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00098960 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avfilter-lav-4.dll
2016-01-12 02:41 - 2014-03-07 10:03 - 00059536 __RSH (FFmpeg Project) C:\WINDOWS\SysWOW64\avresample-lav-1.dll
2016-01-12 02:41 - 2014-01-31 15:20 - 00000493 __RSH C:\WINDOWS\SysWOW64\LAVFilters.Dependencies.manifest
2016-01-12 02:41 - 2012-10-05 18:54 - 00188416 __RSH C:\WINDOWS\SysWOW64\winDCE32.dll
2016-01-12 02:41 - 2012-07-11 22:00 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Olepau32.ax
2016-01-12 02:41 - 2011-06-14 19:05 - 00121344 __RSH C:\WINDOWS\SysWOW64\TAKDSDecoder.ax
2016-01-12 02:41 - 2011-02-11 09:26 - 00112128 __RSH C:\WINDOWS\SysWOW64\OptimFROG.dll
2016-01-12 02:41 - 2010-01-06 23:00 - 00107520 __RSH C:\WINDOWS\SysWOW64\TAKDSDecoder.dll
2016-01-12 02:41 - 2009-08-10 22:00 - 00352768 __RSH C:\WINDOWS\SysWOW64\ac3DX.ax
2016-01-12 02:41 - 2005-02-22 16:55 - 00081920 __RSH C:\WINDOWS\SysWOW64\aac_parser.ax
2016-01-12 02:41 - 2004-10-10 08:50 - 00278528 _____ (Real Networks, Inc) C:\WINDOWS\SysWOW64\pncrt.dll
2016-01-12 02:41 - 2004-07-02 16:33 - 00327749 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\drvc.dll
2016-01-12 02:41 - 2004-04-27 15:03 - 00017408 __RSH (RadLight) C:\WINDOWS\SysWOW64\RLOFRDec.ax
2016-01-12 02:40 - 2016-01-12 02:41 - 00000000 ____D C:\Program Files (x86)\eRightSoft
2016-01-11 10:01 - 2016-01-11 10:01 - 00000725 _____ C:\Users\Áleson\Desktop\Start Emsisoft Emergency Kit.lnk
2016-01-11 10:00 - 2016-01-11 10:01 - 00000000 ____D C:\EEK
2016-01-11 02:09 - 2016-01-11 02:34 - 173508832 _____ C:\Users\Áleson\Desktop\EmsisoftEmergencyKit.exe
2016-01-10 13:42 - 2016-01-12 23:57 - 00000000 ____D C:\FRST
2016-01-10 13:41 - 2016-01-10 13:42 - 02370560 _____ (Farbar) C:\Users\Áleson\Desktop\FRST64.exe
2016-01-10 13:07 - 2016-01-10 13:07 - 00000022 _____ C:\Users\Áleson\Downloads\MEGA-MASTERKEY.txt
2016-01-10 13:03 - 2016-01-10 13:03 - 00000000 ____D C:\Users\Áleson\Downloads\Windows 8.1 Pro VL x64 Multi-8 July 2014
2016-01-09 20:27 - 2016-01-09 20:27 - 00000000 ___HD C:\$Windows.~WS
2016-01-09 10:58 - 2016-01-12 20:39 - 00000326 _____ C:\WINDOWS\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c.job
2016-01-09 10:58 - 2016-01-09 10:58 - 00002582 _____ C:\WINDOWS\System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c
2016-01-09 10:58 - 2016-01-09 10:58 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\Innovative Solutions
2016-01-09 10:58 - 2016-01-09 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
2016-01-09 10:58 - 2016-01-09 10:58 - 00000000 ____D C:\Program Files (x86)\Innovative Solutions
2016-01-09 02:34 - 2016-01-09 02:34 - 00026624 _____ C:\WINDOWS\SysWOW64\Drivers\fsbts.sys
2016-01-09 02:17 - 2016-01-09 02:17 - 00001067 _____ C:\Users\Áleson\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent.lnk
2016-01-09 01:52 - 2016-01-09 01:55 - 00000000 ____D C:\Users\Áleson\Downloads\Kaspersky Antivirus + Internet Security + Total Security 2016 16.0.0.424 Beta + Trial Resetters - AppzDam
2016-01-09 01:43 - 2016-01-10 13:06 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\uTorrent
2016-01-09 01:35 - 2016-01-09 01:35 - 00000000 ____D C:\Users\Áleson\Downloads\Utorrent + ativador 2016
2016-01-09 01:27 - 2016-01-09 01:27 - 00000000 ____D C:\Users\Áleson\Downloads\Kaspersky + Renovar licença de uso para 30 dias
2016-01-09 00:13 - 2016-01-09 00:13 - 00000000 ____D C:\Users\Áleson\AppData\Local\ElevatedDiagnostics
2016-01-08 18:08 - 2016-01-08 18:08 - 00000000 ____D C:\Users\Áleson\Downloads\Bound.By.Flame-CODEX
2016-01-08 17:41 - 2016-01-08 18:39 - 00000008 __RSH C:\Users\Áleson\ntuser.pol
2016-01-08 15:29 - 2016-01-09 12:57 - 00000000 ____D C:\Users\Todos os Usuários\Kaspersky Lab Setup Files
2016-01-08 15:29 - 2016-01-09 12:57 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-01-08 13:36 - 2016-01-08 13:37 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-01-08 13:36 - 2016-01-08 13:36 - 00001010 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-01-03 16:06 - 2016-01-03 16:06 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\21080
2016-01-02 21:04 - 2016-01-02 21:04 - 00001234 _____ C:\Users\Áleson\Desktop\Xbox 360 Emulator 3.2.4.lnk
2016-01-02 21:00 - 2016-01-12 23:53 - 00000000 ____D C:\Xbox 360 Emulator 3.2.4
2015-12-30 21:46 - 2015-12-30 21:53 - 1434856323 _____ C:\Users\Áleson\Downloads\Alexandre.e.Outros.Herois.GLOBO.720p.HDTV.x264-FHxHD[GaiteroDownloads].mkv
2015-12-30 21:43 - 2015-12-30 21:43 - 00014450 _____ C:\Users\Áleson\Downloads\Especial-AlexandreEOHistorias.rar
2015-12-23 01:37 - 2015-12-23 01:37 - 00000000 ____D C:\Users\Usuário Padrão\AppData\Local\Google
2015-12-23 01:37 - 2015-12-23 01:37 - 00000000 ____D C:\Users\Default\AppData\Local\Google
2015-12-23 01:37 - 2015-12-23 01:37 - 00000000 ____D C:\Users\Default User\AppData\Local\Google
2015-12-22 11:20 - 2016-01-08 23:56 - 00000000 ___RD C:\Users\Áleson\Google Drive
2015-12-22 11:16 - 2015-12-23 01:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-12-21 11:07 - 2015-12-21 11:07 - 00003060 _____ C:\Users\Áleson\Downloads\em-teu-altar.txt
2015-12-20 14:41 - 2015-12-20 14:41 - 00003956 _____ C:\Users\Áleson\Downloads\janta.txt
2015-12-19 23:58 - 2015-12-19 23:58 - 00000713 _____ C:\Users\Áleson\Downloads\Peter.Pan.2015.720p.BluRay.DUAL-LAPUMiA.srt
2015-12-15 20:40 - 2015-12-15 20:41 - 00000492 _____ C:\Users\Áleson\Desktop\Novo Documento de Texto.txt
2015-12-15 20:26 - 2015-12-15 20:26 - 00000000 ____D C:\Users\Áleson\Downloads\AVF01
==================== Um Mês Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-01-12 23:54 - 2015-11-06 03:40 - 00000000 ____D C:\Users\-leson\AppData\Roaming\XBox
2016-01-12 23:54 - 2015-10-29 00:08 - 00000000 ____D C:\Users\Todos os Usuários\System32
2016-01-12 23:54 - 2015-10-29 00:08 - 00000000 ____D C:\ProgramData\System32
2016-01-12 23:54 - 2014-12-15 22:01 - 00000000 ____D C:\Users\Áleson\Documents\Programas
2016-01-12 23:53 - 2015-10-28 20:01 - 00000000 ____D C:\WINDOWS\SysWOW64\worker
2016-01-12 23:32 - 2015-07-30 15:06 - 00000340 _____ C:\WINDOWS\Tasks\iToolsDaemon.job
2016-01-12 23:30 - 2015-05-23 00:16 - 00000000 ____D C:\Users\Áleson\Downloads\Video
2016-01-12 23:27 - 2015-05-23 00:16 - 00000000 ____D C:\Users\Áleson\Downloads\Compressed
2016-01-12 23:07 - 2015-03-03 23:12 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-12 22:53 - 2014-04-06 00:25 - 11332608 ___SH C:\Users\Áleson\Desktop\Thumbs.db
2016-01-12 22:38 - 2015-09-11 20:23 - 00005008 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for Pc-Aleson-Áleson Pc-Aleson
2016-01-12 20:43 - 2012-07-26 07:33 - 00765720 _____ C:\WINDOWS\system32\prfh0416.dat
2016-01-12 20:43 - 2012-07-26 07:33 - 00155452 _____ C:\WINDOWS\system32\prfc0416.dat
2016-01-12 20:43 - 2012-07-26 04:28 - 01773574 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-12 20:43 - 2012-07-26 02:37 - 00000000 ____D C:\WINDOWS\Inf
2016-01-12 20:40 - 2015-05-23 00:14 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2016-01-12 20:39 - 2015-09-25 05:01 - 00000000 ____D C:\Program Files (x86)\SkypeUpdateEx
2016-01-12 20:39 - 2015-07-30 15:06 - 00003282 _____ C:\WINDOWS\System32\Tasks\iToolsDaemon
2016-01-12 20:39 - 2015-03-03 23:12 - 00001084 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-12 20:39 - 2012-07-26 04:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-12 20:37 - 2012-07-26 02:26 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2016-01-12 20:36 - 2015-09-25 09:12 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\Software Tool
2016-01-12 20:36 - 2015-09-20 12:19 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\XBox
2016-01-12 20:36 - 2015-05-23 00:16 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\DMCache
2016-01-12 20:36 - 2014-06-01 22:55 - 00000000 ____D C:\Program Files\KMSpico
2016-01-12 20:36 - 2014-05-07 08:24 - 00000000 ____D C:\Users\Áleson\AppData\Local\31731
2016-01-12 20:24 - 2014-04-25 10:31 - 00000132 _____ C:\Users\Áleson\AppData\Roaming\Preferências do Formato PNG CC da Adobe
2016-01-12 02:41 - 2012-07-26 02:37 - 00000000 ____D C:\Windows
2016-01-12 02:40 - 2015-05-23 00:16 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\IDM
2016-01-12 02:01 - 2014-07-06 13:41 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\AIMP3
2016-01-12 02:00 - 2013-12-03 20:12 - 00000000 ____D C:\Users\Áleson\AppData\Local\Adobe
2016-01-11 09:55 - 2014-04-06 17:52 - 08628224 ___SH C:\Users\Áleson\Downloads\Thumbs.db
2016-01-11 02:17 - 2013-12-03 20:14 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3432586907-597726681-3595710473-1001
2016-01-11 00:53 - 2015-03-03 23:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2016-01-11 00:49 - 2013-12-03 21:10 - 00000008 __RSH C:\Users\Todos os Usuários\ntuser.pol
2016-01-11 00:49 - 2013-12-03 21:10 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-01-11 00:43 - 2013-12-03 20:51 - 00000000 ____D C:\Users\Áleson\AppData\LocalLow\Temp
2016-01-11 00:42 - 2012-07-26 05:12 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-01-11 00:42 - 2012-07-26 05:12 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-01-10 09:33 - 2014-12-07 16:03 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\vlc
2016-01-10 01:27 - 2014-05-07 23:48 - 00000000 ____D C:\Users\Áleson\AppData\Local\Sidebar7
2016-01-09 19:50 - 2013-12-03 19:56 - 00000000 ____D C:\Users\Áleson
2016-01-09 19:45 - 2014-03-30 17:52 - 00871936 ___SH C:\Users\Áleson\Thumbs.db
2016-01-09 19:40 - 2013-12-03 20:29 - 00000000 ____D C:\WINDOWS\Panther
2016-01-09 10:58 - 2013-12-03 22:53 - 00000000 ____D C:\Users\Áleson\AppData\Local\Innovative Solutions
2016-01-09 01:49 - 2014-08-28 01:55 - 00146432 ___SH C:\Users\Áleson\Documents\Thumbs.db
2016-01-08 23:54 - 2015-07-29 10:14 - 05691736 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-08 16:28 - 2014-10-18 18:15 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\Ashampoo
2016-01-08 16:28 - 2014-10-18 18:15 - 00000000 ____D C:\Users\Áleson\AppData\Local\ashampoo
2016-01-08 13:43 - 2015-02-16 22:53 - 00000000 ____D C:\Users\Áleson\AppData\Roaming\TeamViewer
2015-12-22 19:36 - 2013-12-03 20:04 - 00000000 ____D C:\Users\Áleson\AppData\Local\Packages
2015-12-22 11:16 - 2013-12-03 20:16 - 00000000 ____D C:\Users\Áleson\AppData\Local\Google
2015-12-22 11:16 - 2013-12-03 20:16 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-15 20:35 - 2014-01-27 20:47 - 00000000 ____D C:\Program Files\Recuva
==================== Arquivos na raiz de alguns diretórios =======
2014-04-25 10:50 - 2014-04-28 23:20 - 0003757 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-05-06 07:45 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.addit001.dat
2014-05-06 07:45 - 2014-05-06 07:45 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.app190905.dat
2015-11-20 23:36 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.ax010705.dat
2014-05-06 07:45 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.data000.dat
2014-05-06 07:45 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.data001.dat
2014-05-06 07:45 - 2014-05-06 07:45 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.drv120205.dat
2014-05-06 07:45 - 2014-05-06 07:45 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.drv190904.dat
2015-11-20 23:36 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.px050107.dat
2015-11-20 23:36 - 2015-11-20 23:36 - 0000008 ___SH () C:\Users\Áleson\AppData\Roaming\.xp070105.dat
2014-02-04 17:09 - 2014-02-04 17:09 - 0093696 _____ () C:\Users\Áleson\AppData\Roaming\ezpinst.exe
2014-08-08 08:59 - 2014-08-08 08:59 - 0099384 _____ () C:\Users\Áleson\AppData\Roaming\inst.exe
2015-04-10 07:00 - 2015-04-10 07:00 - 0000000 _____ () C:\Users\Áleson\AppData\Roaming\oWfnW.txt
2014-02-04 17:09 - 2014-08-08 08:59 - 0007859 _____ () C:\Users\Áleson\AppData\Roaming\pcouffin.cat
2014-02-04 17:09 - 2014-08-08 08:59 - 0001167 _____ () C:\Users\Áleson\AppData\Roaming\pcouffin.inf
2014-02-04 17:10 - 2014-08-08 08:59 - 0000055 _____ () C:\Users\Áleson\AppData\Roaming\pcouffin.log
2014-02-04 17:09 - 2014-08-08 08:59 - 0082816 _____ (VSO Software) C:\Users\Áleson\AppData\Roaming\pcouffin.sys
2015-08-10 18:16 - 2015-08-10 18:16 - 0000132 _____ () C:\Users\Áleson\AppData\Roaming\Preferências do Formato AIFF CC da Adobe
2015-09-11 20:25 - 2015-09-11 20:28 - 0000132 _____ () C:\Users\Áleson\AppData\Roaming\Preferências do Formato GIF CC da Adobe
2014-04-25 10:31 - 2016-01-12 20:24 - 0000132 _____ () C:\Users\Áleson\AppData\Roaming\Preferências do Formato PNG CC da Adobe
2013-12-07 14:23 - 2014-03-28 19:16 - 0000132 _____ () C:\Users\Áleson\AppData\Roaming\Preferências do formato PNG do Adobe CS5
2014-04-08 18:03 - 2014-04-08 18:09 - 0033465 _____ () C:\Users\Áleson\AppData\Roaming\unins000.dat
2014-04-08 18:09 - 2014-04-08 18:08 - 0730322 _____ () C:\Users\Áleson\AppData\Roaming\unins000.exe
2015-02-05 19:23 - 2015-02-05 19:25 - 183677480 _____ () C:\Users\Áleson\AppData\Local\ACCCx2_9_0_465.zip.aamdownload
2015-02-05 19:23 - 2015-02-05 19:25 - 0002195 _____ () C:\Users\Áleson\AppData\Local\ACCCx2_9_0_465.zip.aamdownload.aamd
2014-02-09 00:38 - 2014-03-13 00:30 - 0001456 _____ () C:\Users\Áleson\AppData\Local\Adobe Salvar para a Web 12.0 Prefs
2015-01-22 21:25 - 2015-09-29 00:59 - 0001456 _____ () C:\Users\Áleson\AppData\Local\Adobe Salvar para Web 13.0 Prefs
2014-08-30 19:50 - 2014-08-30 19:50 - 0026226 _____ () C:\Users\Áleson\AppData\Local\Bron.tok.A17.em.bin
2014-09-02 20:27 - 2014-09-02 20:27 - 0000336 _____ () C:\Users\Áleson\AppData\Local\JunkAtx.bin
2015-12-05 15:00 - 2015-12-05 15:00 - 0000000 _____ () C:\Users\Áleson\AppData\Local\{B5D010D4-1156-4222-8FA8-1BDF7862729E}
2014-04-25 17:41 - 2014-04-25 17:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-01-08 02:10
==================== Fim de FRST.txt ============================