Format du document : text/plain
Prévisualisation
Resultado do exame da Farbar Recovery Scan Tool (FRST) (x86) Versão:13-06-2016
Executado por familia senna (administrador) em FAMILIASENNA-PC (13-06-2016 23:20:17)
Executando a partir de C:\Users\familia senna\Downloads
Perfis Carregados: familia senna (Perfis Disponíveis: familia senna & UpdatusUser)
Platform: Microsoft Windows 7 Ultimate (X86) Idioma: Português (Brasil)
Internet Explorer Versão 9 (Navegador padrão: FF)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processos (Whitelisted) =================
(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\GbpSv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files\WinZipper\winzipersvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
(simplitec GmbH) C:\Program Files\simplitec\simplisafe\ServiceProvider.exe
(Nero AG) C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
(Orzilia Ltd.) C:\Program Files\Tv-Plug-In\Tv-Plug-In.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Orzilia Ltd.) C:\Program Files\Tv-Plug-In\Tv-Plug-In.exe
(Autodesk) C:\Program Files\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk Inc.) C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Orzilia Ltd.) C:\Users\familia senna\AppData\Roaming\Tv-Plug-In\TvPluginUpdater.exe
() C:\Windows\System32\PnkBstrA.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files\WeatherTool\2.0.1.11073\WeatherService.exe
(ShenZhen Enode Techology co,.Ltd) C:\Program Files\WeatherTool\2.0.1.11073\weather.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Akamai Technologies, Inc.) C:\Users\familia senna\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\familia senna\AppData\Local\Akamai\netsession_win.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TUAutoUpdateCheck.exe
==================== Registro (Whitelisted) ===========================
(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)
HKLM\...\Run: [NBAgent] => C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-03-26] (Nero AG)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1173504 2009-07-13] (Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-11-01] (AVAST Software)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12021464 2014-05-09] (Realtek Semiconductor)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [507704 2014-09-06] (GAS Tecnologia LTDA)
HKLM\...\Run: [TkBellExe] => C:\Program Files\Common Files\Real\Update_OB\realsched.exe [185896 2011-07-22] (RealNetworks, Inc.)
HKLM\...\Run: [Tv-Plug-In] => C:\Program Files\Tv-Plug-In\Tv-Plug-In.exe [312552 2015-02-24] (Orzilia Ltd.)
HKLM\...\Run: [ADSKAppManager] => C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [716224 2016-03-23] (Autodesk, Inc.)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [360448 2009-07-13] (Microsoft Corporation)
Winlogon\Notify\ GbPluginUni: C:\Program Files\GbPlugin\gbiehUni.dll [2014-08-12] (Banco Itaú Unibanco)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\...\Run: [Browser Infrastructure Helper] => C:\Users\familia senna\AppData\Local\Smartbar\Application\Muvic.exe startup
HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6699800 2015-01-13] (SUPERAntiSpyware)
HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\...\Run: [GoogleChromeAutoLaunch_7C338D41BAE1561D9A18A4A01359E8E6] => C:\Users\familia senna\AppData\Local\Chromium\Application\chrome.exe [666624 2015-07-30] (The Chromium Authors)
HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\...\Run: [Akamai NetSession Interface] => C:\Users\familia senna\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\...\Policies\Explorer: []
HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [115440 2013-05-07] (SuperAdBlocker.com)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files\GbPlugin\gbiehuni.dll [1760312 2014-08-12] (Banco Itaú Unibanco)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2014-11-01] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2016-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => Nenhum Arquivo
ShellIconOverlayIdentifiers: [ExplorerEx] -> {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} => C:\Users\familia senna\AppData\Roaming\Macwebtoise\explorerEx.dll [2015-01-22] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2016-04-07]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Restrição - Chrome <======= ATENÇÃO
CHR HKLM\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
CHR HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\SOFTWARE\Policies\Google: Restrição <======= ATENÇÃO
==================== Internet (Whitelisted) ====================
(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)
ProxyEnable: [.DEFAULT] => Proxy está habilitado.
ProxyServer: [.DEFAULT] => http=127.0.0.1:51051;https=127.0.0.1:51051
AutoConfigURL: [.DEFAULT] => http=127.0.0.1:51051;https=127.0.0.1:51051
Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{596C8A4D-D242-40BB-86B0-61B4575A2A2E}: [DhcpNameServer] 192.168.25.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrição <======= ATENÇÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adsafld_16_23¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0EtDyDtB0CtB0EtBtDyDyD0F0AzztN0D0Tzu0StCyCtBtBtN1L2XzutAtFtBtBtFtAtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0D0E0CyEyD0DyEtGyCyDyD0DtGzyyEyDzytGyEzytBzztGyC0E0FzztDyC0C0Azz0E0D0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzyzytBzy0BtDtBtGzy0CyB0BtGyEtCzz0EtG0AyCtDtCtGtDyEtA0DyDtCtDzy0D0B0C0C2QtN0A0LzutB%26cr%3D1639639548%26a%3Dwncy_adsafld_16_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.key-find.com/web/?type=dspp&ts=1423505439&from=cor&uid=WDCXWD3200AAJS-00L7A0_WD-WCAV2246919569195&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0ymfMnbpqxFRceu5du6tuU80dr30bk92p9jaa_t8KkJkyoLfuBaAHEcYdhl-QtdLcFGAvqBISjD5YxPXontGTmdbrX8pCDHrNG_xmromFNOsE0a2HXhXGxln9X6sdT2c-if9DOpIf1bHPpaIcmphhNA3tWDtIvJ98I7jGsncg,&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0ymfMnbpqxFRceu5du6tuU80dr30bk92p9jaa_t8KkJkyoLfuBaAHEcYdhl-QtdLcFGAvqBISjD5YxPXontGTmdbrX8pCDHrNG_xmromFNNqGSXm0AD3Cxa3ZaLkf9vuEDS_rRVhTHta5Ya0k-uK7iCcDgqhvg0SRM0wAm_z0,
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0ymfMnbpqxFRceu5du6tuU80dr30bk92p9jaa_t8KkJkyoLfuBaAHEcYdhl-QtdLcFGAvqBISjD5YxPXontGTmdbrX8pCDHrNG_xmromFNOsE0a2HXhXGxln9X6sdT2c-if9DOpIf1bHPpaIcmphhNA3tWDtIvJ98I7jGsncg,&q={searchTerms}
HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adsafld_16_23¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0EtDyDtB0CtB0EtBtDyDyD0F0AzztN0D0Tzu0StCyCtBtBtN1L2XzutAtFtBtBtFtAtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0D0E0CyEyD0DyEtGyCyDyD0DtGzyyEyDzytGyEzytBzztGyC0E0FzztDyC0C0Azz0E0D0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzyzytBzy0BtDtBtGzy0CyB0BtGyEtCzz0EtG0AyCtDtCtGtDyEtA0DyDtCtDzy0D0B0C0C2QtN0A0LzutB%26cr%3D1639639548%26a%3Dwncy_adsafld_16_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=77301&st=home&tid=18144&ver=6.7&ts=1407898800000.000009&tguid=77301-18144-1407939466202-9E746FB63B570B4F983C563E55B283EC
HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?PC=AV01
SearchScopes: HKLM -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adsafld_16_23¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0EtDyDtB0CtB0EtBtDyDyD0F0AzztN0D0Tzu0StCyCtBtBtN1L2XzutAtFtBtBtFtAtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0D0E0CyEyD0DyEtGyCyDyD0DtGzyyEyDzytGyEzytBzztGyC0E0FzztDyC0C0Azz0E0D0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzyzytBzy0BtDtBtGzy0CyB0BtGyEtCzz0EtG0AyCtDtCtGtDyEtA0DyDtCtDzy0D0B0C0C2QtN0A0LzutB%26cr%3D1639639548%26a%3Dwncy_adsafld_16_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_secureddownload_14_42_ff&cd=2XzuyEtN2Y1L1QzutDtD0EtDyDtB0CtB0EtBtDyDyD0F0AzztN0D0Tzu0StCtDtCyDtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyE0BtBtBzy0F0FyBtGtBtA0DtCtGzztDyBzztG0C0CyDtBtGtA0ByCzztAzz0CyDyCyBtC0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StA0C0DtA0E0FtCzytG0AzyyBzztGyEzz0D0BtGzztBtDyDtG0DyDyE0CtBtBtDyDyCyBtC0C2Q&cr=2065175533&ir=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutDtD0EtDyDtB0CtB0EtBtDyDyD0F0AzztN0D0Tzu0CtBzyyEtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1958728196
SearchScopes: HKLM -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL =
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0ymfMnbpqxFRceu5du6tuU80dr30bk92p9jaa_t8KkJkyoLfuBaAHEcYdhl-QtdLcFGAvqBISjD5YxPXontGTmdbrX8pCDHrNG_xmromFNOsE0a2HXhXGxln9X6sdT2c-if9DOpIf1bHPpaIcmphhNA3tWDtIvJ98I7jGsncg,&q={searchTerms}
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=xy_7e0d63c2¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITQbQGR7xTVoN9IAy7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8wVI9IWYUwVI4ISIXNVM9JqYUwVQ9ISoVvFJdIqYYvmk9GqYVNUI3wGYGwVM4J6IVwVM9GqUNNos3wCIYwVA9JmIVwVA9ISITwVI9GqUNNFM3wGQENEVcGCIXwVQ9ImIWwVA9J6ILNFdcIaUXNEBcGqQANFdcFCk8NoM9IWYTvFFdJCoXwVVdJqYUwVw9JGYTNVQ9ISISvmk4J6k4vmk9I6oUvFI4IGYVwVw4JqYWNVQ3vCIVvmldJCoXvmo3vGYYvFFbFCILNF9cIqUXNolcEqULNopcGWUIvmFbF6oWvmo3vCIXvmpdJmIVwVQ9I6k4NVM4JqYXwVw4ICIWvmldICISNVU4J6IVwVM9I6IVvFE9JGYVvFI9J6IVvmpdIWYXNVNdJaQIwV5dJGYNvmE9JrFbMnMbQGMVLWR6LWJ6MqVdQGR7BHFaISopzU0aCaV7CaRdC70bA74hQGR7y6MuwnEbQGMVMr5cQGR7y6NoN9ICzD4py6waQGQXMbFbJoEhwTogBCIo¶m2=MWx9LWJ9MGpd&p={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.key-find.com/web/?type=dspp&ts=1423505439&from=cor&uid=WDCXWD3200AAJS-00L7A0_WD-WCAV2246919569195&q={searchTerms}
SearchScopes: HKLM -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422535580&from=zbd1&uid=wdcxwd3200aajs-00l7a0_wd-wcav2246919569195&q={searchTerms}
SearchScopes: HKLM -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adsafld_16_23¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0EtDyDtB0CtB0EtBtDyDyD0F0AzztN0D0Tzu0StCyCtBtBtN1L2XzutAtFtBtBtFtAtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0D0E0CyEyD0DyEtGyCyDyD0DtGzyyEyDzytGyEzytBzztGyC0E0FzztDyC0C0Azz0E0D0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzyzytBzy0BtDtBtGzy0CyB0BtGyEtCzz0EtG0AyCtDtCtGtDyEtA0DyDtCtDzy0D0B0C0C2QtN0A0LzutB%26cr%3D1639639548%26a%3Dwncy_adsafld_16_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKLM -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://br.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422535580&from=zbd1&uid=wdcxwd3200aajs-00l7a0_wd-wcav2246919569195&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRa0ymfMnbpqxFRceu5du6tuU80dr30bk92p9jaa_t8KkJkyoLfuBaAHEcYdhl-QtdLcFGAvqBISjD5YxPXontGTmdbrX8pCDHrNG_xmromFNOsE0a2HXhXGxln9X6sdT2c-if9DOpIf1bHPpaIcmphhNA3tWDtIvJ98I7jGsncg,&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://www.v9.com/web?type=ds&ts=1422535580&from=zbd1&uid=wdcxwd3200aajs-00l7a0_wd-wcav2246919569195&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4013655571-2967389295-1980390495-1000 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adsafld_16_23¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0EtDyDtB0CtB0EtBtDyDyD0F0AzztN0D0Tzu0StCyCtBtBtN1L2XzutAtFtBtBtFtAtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0D0E0CyEyD0DyEtGyCyDyD0DtGzyyEyDzytGyEzytBzztGyC0E0FzztDyC0C0Azz0E0D0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzyzytBzy0BtDtBtGzy0CyB0BtGyEtCzz0EtG0AyCtDtCtGtDyEtA0DyDtCtDzy0D0B0C0C2QtN0A0LzutB%26cr%3D1639639548%26a%3Dwncy_adsafld_16_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4013655571-2967389295-1980390495-1000 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4013655571-2967389295-1980390495-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4013655571-2967389295-1980390495-1000 -> {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4013655571-2967389295-1980390495-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4013655571-2967389295-1980390495-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4013655571-2967389295-1980390495-1000 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=arh&hsimp=yhs-001&type=xy_7e0d63c2¶m1=ArFaIWJoNqArQGMVHFFoNqAqBbFaITQbQGR7xTVoN9IAy7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8wVI9IWYUwVI4ISIXNVM9JqYUwVQ9ISoVvFJdIqYYvmk9GqYVNUI3wGYGwVM4J6IVwVM9GqUNNos3wCIYwVA9JmIVwVA9ISITwVI9GqUNNFM3wGQENEVcGCIXwVQ9ImIWwVA9J6ILNFdcIaUXNEBcGqQANFdcFCk8NoM9IWYTvFFdJCoXwVVdJqYUwVw9JGYTNVQ9ISISvmk4J6k4vmk9I6oUvFI4IGYVwVw4JqYWNVQ3vCIVvmldJCoXvmo3vGYYvFFbFCILNF9cIqUXNolcEqULNopcGWUIvmFbF6oWvmo3vCIXvmpdJmIVwVQ9I6k4NVM4JqYXwVw4ICIWvmldICISNVU4J6IVwVM9I6IVvFE9JGYVvFI9J6IVvmpdIWYXNVNdJaQIwV5dJGYNvmE9JrFbMnMbQGMVLWR6LWJ6MqVdQGR7BHFaISopzU0aCaV7CaRdC70bA74hQGR7y6MuwnEbQGMVMr5cQGR7y6NoN9ICzD4py6waQGQXMbFbJoEhwTogBCIo¶m2=MWx9LWJ9MGpd&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4013655571-2967389295-1980390495-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4013655571-2967389295-1980390495-1000 -> {425ED333-6083-428a-92C9-0CFC28B9D1BF} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4013655571-2967389295-1980390495-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxps://br.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adsafld_16_23¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0EtDyDtB0CtB0EtBtDyDyD0F0AzztN0D0Tzu0StCyCtBtBtN1L2XzutAtFtBtBtFtAtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0D0E0CyEyD0DyEtGyCyDyD0DtGzyyEyDzytGyEzytBzztGyC0E0FzztDyC0C0Azz0E0D0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzyzytBzy0BtDtBtGzy0CyB0BtGyEtCzz0EtG0AyCtDtCtGtDyEtA0DyDtCtDzy0D0B0C0C2QtN0A0LzutB%26cr%3D1639639548%26a%3Dwncy_adsafld_16_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4013655571-2967389295-1980390495-1000 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4013655571-2967389295-1980390495-1000 -> {a62abdee-78a2-4ddb-9355-1c334abd6e43} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-4013655571-2967389295-1980390495-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4013655571-2967389295-1980390495-1000 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: AC-Pro -> {0FB6A909-6086-458F-BD92-1F8EE10042A0} -> Nenhum Arquivo
BHO: Babylon toolbar helper -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> Nenhum Arquivo
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2011-07-22] (RealPlayer)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-11-02] (Oracle Corporation)
BHO: IEExtension.VDownloaderBHO -> {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} -> C:\Windows\system32\mscoree.dll [2009-11-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-11-01] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files\GbPlugin\gbiehuni.dll [2014-08-12] (Banco Itaú Unibanco)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-11-02] (Oracle Corporation)
Toolbar: HKLM - Sem Nome - {ae07101b-46d4-4a98-af68-0333ea26e113} - Nenhum Arquivo
Toolbar: HKU\S-1-5-21-4013655571-2967389295-1980390495-1000 -> Sem Nome - {742E70CF-7770-412D-86CB-230B322E807C} - Nenhum Arquivo
DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} hxxp://189.88.97.190:8200/WebClient.exe
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\familia senna\AppData\Roaming\Mozilla\Firefox\Profiles\3zmx6ba6.default
FF DefaultSearchEngine: Yahoo! Powered
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Bing (Microsoft)
FF SelectedSearchEngine: Yahoo! Powered
FF Homepage: hxxps://br.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_adsafld_16_23¶m1=1¶m2=f%3D1%26b%3DFirefox%26cc%3Dbr%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtD0EtDyDtB0CtB0EtBtDyDyD0F0AzztN0D0Tzu0StCyCtBtBtN1L2XzutAtFtBtBtFtAtFtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StD0D0E0CyEyD0DyEtGyCyDyD0DtGzyyEyDzytGyEzytBzztGyC0E0FzztDyC0C0Azz0E0D0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCzyzytBzy0BtDtBtGzy0CyB0BtGyEtCzz0EtG0AyCtDtCtGtDyEtA0DyDtCtDzy0D0B0C0C2QtN0A0LzutB%26cr%3D1639639548%26a%3Dwncy_adsafld_16_23%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate
FF Keyword.URL: user_pref("keyword.URL", true);
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-15] ()
FF Plugin: @esn/npbattlelog,version=2.4.0 -> C:\Program Files\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-07-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-11-02] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Nenhum Arquivo]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll [2013-01-24] ( Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-04-18] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-04-18] (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.11.3088 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2011-07-22] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.2.3146 -> C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll [2011-07-22] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.11.3006 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll [2011-07-22] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-12] (Google Inc.)
FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=3 -> C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll [Nenhum Arquivo]
FF Plugin: @tools.updaterss.com/SaveSenseLive Update;version=9 -> C:\Program Files\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll [Nenhum Arquivo]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4013655571-2967389295-1980390495-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\familia senna\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-4013655571-2967389295-1980390495-1000: facebook.com/fbDesktopPlugin -> C:\Users\familia senna\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll [2013-03-07] (Facebook, Inc.)
FF Plugin HKU\S-1-5-21-4013655571-2967389295-1980390495-1000: gastecnologia.com.br/sf/bb -> C:\Users\familia senna\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-03-06] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-4013655571-2967389295-1980390495-1000: gastecnologia.com.br/sf/cef -> C:\Users\familia senna\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-4013655571-2967389295-1980390495-1000: gastecnologia.com.br/sf/uni -> C:\Users\familia senna\AppData\Local\GAS Tecnologia\GBBD\npsf_uni.dll [2014-07-15] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-4013655571-2967389295-1980390495-1000: vitzo.com/VDownloader -> C:\Program Files\VDownloader\Addons\npVDownloader.dll [Nenhum Arquivo]
FF SearchPlugin: C:\Users\familia senna\AppData\Roaming\Mozilla\Firefox\Profiles\3zmx6ba6.default\searchplugins\ask-search.xml [2015-07-03]
FF SearchPlugin: C:\Users\familia senna\AppData\Roaming\Mozilla\Firefox\Profiles\3zmx6ba6.default\searchplugins\Astromenda.xml [2014-10-11]
FF SearchPlugin: C:\Users\familia senna\AppData\Roaming\Mozilla\Firefox\Profiles\3zmx6ba6.default\searchplugins\bing-avast.xml [2015-08-04]
FF SearchPlugin: C:\Users\familia senna\AppData\Roaming\Mozilla\Firefox\Profiles\3zmx6ba6.default\searchplugins\binkiland.xml [2015-02-19]
FF SearchPlugin: C:\Users\familia senna\AppData\Roaming\Mozilla\Firefox\Profiles\3zmx6ba6.default\searchplugins\delta-homes.xml [2015-07-27]
FF SearchPlugin: C:\Users\familia senna\AppData\Roaming\Mozilla\Firefox\Profiles\3zmx6ba6.default\searchplugins\key-find.xml [2015-02-24]
FF SearchPlugin: C:\Users\familia senna\AppData\Roaming\Mozilla\Firefox\Profiles\3zmx6ba6.default\searchplugins\V9.xml [2015-01-29]
FF SearchPlugin: C:\Users\familia senna\AppData\Roaming\Mozilla\Firefox\Profiles\3zmx6ba6.default\searchplugins\Web Search.xml [2014-08-29]
FF SearchPlugin: C:\Users\familia senna\AppData\Roaming\Mozilla\Firefox\Profiles\3zmx6ba6.default\searchplugins\Yahoo Powered.xml [2016-05-21]
FF SearchPlugin: C:\Users\familia senna\AppData\Roaming\Mozilla\Firefox\Profiles\3zmx6ba6.default\searchplugins\yahoo! powered.xml [2016-06-10]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\buscape.xml [2015-02-01]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mercadolivre.xml [2015-02-01]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\SearchTheWeb.xml [2014-08-12]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\searchult.xml [2015-02-19]
FF Extension: GBBD Banco do Brasil - C:\Users\familia senna\AppData\Local\GAS Tecnologia\GBBD\bb\xpi [2015-04-09] [não assinado]
FF Extension: GBBD Caixa Economica Federal - C:\Users\familia senna\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2015-06-09] [não assinado]
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-02] [não assinado]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Program Files\Real\RealPlayer\browserrecord
FF Extension: RealPlayer Browser Record Plugin - C:\Program Files\Real\RealPlayer\browserrecord [2011-07-22] [não assinado]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [support@vdownloader.com] - C:\Program Files\VDownloader\Addons\FireFox => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [search-snacks@search-snacks.com] - C:\Program Files\Mozilla Firefox\extensions\search-snacks@search-snacks.com => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [fftoolbar2014@etech.com] - C:\Users\familia senna\AppData\Roaming\Mozilla\Firefox\Profiles\3zmx6ba6.default\extensions\fftoolbar2014@etech.com => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\familia senna\AppData\Roaming\Mozilla\Firefox\Profiles\3zmx6ba6.default\extensions\faststartff@gmail.com => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [quick_searchff@gmail.com] - C:\Users\familia senna\AppData\Roaming\Mozilla\Firefox\Profiles\3zmx6ba6.default\extensions\quick_searchff@gmail.com => não encontrado (a)
FF HKLM\...\Firefox\Extensions: [sweetsearch@gmail.com] - C:\Users\familia senna\AppData\Roaming\Mozilla\Firefox\Profiles\3zmx6ba6.default\extensions\sweetsearch@gmail.com => não encontrado (a)
FF HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886C}] - C:\Users\familia senna\AppData\Local\GAS Tecnologia\GBBD\bb\xpi
FF HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\familia senna\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\all-iminent.js [2014-08-13]
FF ExtraCheck: C:\Program Files\mozilla firefox\firefox.cfg [2014-05-17] <==== ATENÇÃO
Chrome:
=======
CHR dev: Chrome dev build detectado! <======= ATENÇÃO
CHR HomePage: Default -> hxxp://www.delta-homes.com/?type=hp&ts=1434459341&z=29218caedba6dde862972deg1z4c9z6z7w8t4c0zbo&from=ient06162&uid=WDCXWD3200AAJS-00L7A0_WD-WCAV2246919569195
CHR StartupUrls: Default -> "hxxp://www.delta-homes.com/?type=hp&ts=1434459341&z=29218caedba6dde862972deg1z4c9z6z7w8t4c0zbo&from=ient06162&uid=WDCXWD3200AAJS-00L7A0_WD-WCAV2246919569195"
CHR DefaultSearchURL: Default -> hxxp://dts.search.ask.com/web?q={searchTerms}
CHR DefaultSearchKeyword: Default -> ask.com
CHR DefaultSuggestURL: Default -> hxxp://ssmsp.ask.com/query?sstype=prefix&li=ff&q={searchTerms}
CHR Profile: C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Apresentações) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-20]
CHR Extension: (Google Docs) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-20]
CHR Extension: (Google Drive) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (Ask Search) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbapoggblhchdjahcejmdpcojgaaoicm [2015-10-22]
CHR Extension: (YouTube) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Planilhas do Google) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-20]
CHR Extension: (Documentos Google off-line) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17]
CHR Extension: (Avast Online Security) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-04-07]
CHR Extension: (Lightning Newtab) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo [2015-02-20]
CHR Extension: (GBBD Guardião - Itaú 30 horas) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgmpojlddncminmkddkpoegdjhojjipg [2015-05-08]
CHR Extension: (Music Box v2) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodceibolfgelcgdoncipolemhglfgee [2015-10-22]
CHR Extension: (Home Tab) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\kofkpgiaknijknhajbhnghkodiccblkg [2016-06-06]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (GBBD Caixa Economica Federal) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbcaplhfkihhldmlbjhgajdeghjdbffi [2015-06-09]
CHR Extension: (Quick start) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2015-02-20]
CHR Extension: (Search Manager) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pilplloabdedfmialnfchjomjmpjcoej [2016-06-13]
CHR Extension: (Gmail) - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
CHR Extension: () - C:\Users\familia senna\AppData\Local\Total Form\Component [2015-10-16]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\FAMILI~1\AppData\Local\funmoods.crx [2012-10-20]
CHR HKLM\...\Chrome\Extension: [bpeeepmahhfjiediknjejcmcfmjcjdck] - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\serach.crx
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\FAMILI~1\AppData\Local\funmoods-speeddial_sf.crx [2013-04-03]
CHR HKLM\...\Chrome\Extension: [defdhglnppeioeflggkmglipcecffkhk] - C:\Program Files\AutocompletePro\chrome\autocompleteprochrome.crx
CHR HKLM\...\Chrome\Extension: [dkdkpmmkgdbglmfmmmmehbkmnkopingb] - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\v9-toolbar.crx
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2013-01-29]
CHR HKLM\...\Chrome\Extension: [elggllhppljlljkgfeokjpehmdamkejk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [eoccbpoodnckjdnackiffhjfkogfhnhh] - C:\Program Files\VDownloader\Addons\Chrome.crx
CHR HKLM\...\Chrome\Extension: [fgfdfcbeamjnjdejakdidpniblllnbpg] - C:\Windows\System32\jmdp\pnte.crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-01]
CHR HKLM\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2013-08-13]
CHR HKLM\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files\TornTV.com\torn11.crx
CHR HKLM\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\familia senna\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-05]
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\FAMILI~1\AppData\Local\funmoods_2.3.1.crx [2013-08-30]
CHR HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\FAMILI~1\AppData\Local\funmoods_speedial_v9.0.10.crx [2013-08-30]
CHR HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [elggllhppljlljkgfeokjpehmdamkejk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kofkpgiaknijknhajbhnghkodiccblkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4013655571-2967389295-1980390495-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
==================== Serviços (Whitelisted) ========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2015-01-13] (SUPERAntiSpyware.com)
R2 AdAppMgrSvc; C:\Program Files\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1231376 2016-03-23] (Autodesk Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-01] (AVAST Software)
S2 CashNBack Application; C:\Program Files\RBM\CashNBack\CashNBack.exe [359536 2014-08-01] ()
S3 FlexNet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService.exe [1233376 2016-06-10] (Flexera Software LLC)
R2 GbpSv; C:\Program Files\GbPlugin\GbpSv.exe [547384 2014-08-12] (GAS Tecnologia)
S4 globalUpdatem; C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-11] (globalUpdate) [Arquivo não assinado] <==== ATENÇÃO
S4 IB Updater; C:\Program Files\IB Updater\ExtensionUpdaterService.exe [188760 2013-01-29] () [Arquivo não assinado]
S4 IBUpdaterService; C:\Windows\system32\dmwu.exe [2161456 2014-07-24] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.309\McCHSvc.exe [239880 2016-03-11] (McAfee, Inc.)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [490280 2010-03-25] (Nero AG)
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2104840 2016-03-11] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2014-06-17] ()
R2 PSI_SVC_2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
S2 Sed; C:\Users\familia senna\AppData\Roaming\ntsvc\ntsvc.exe [403320 2015-02-17] (Navigation Co., Ltd.)
R2 TheDesktopWeatherService; C:\Program Files\WeatherTool\2.0.1.11073\WeatherService.exe [152008 2015-11-23] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1729336 2013-12-10] (TuneUp Software)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [507704 2014-09-06] (GAS Tecnologia LTDA)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2009-07-13] (Microsoft Corporation)
R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [426160 2015-03-05] (Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATENÇÃO
S2 5ba659a8; "C:\Windows\system32\rundll32.exe" "c:\progra~1\gs_boo~1\AssistantSvc.dll",service
===================== Drivers (Whitelisted) ==========================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus.sys [15744 2014-10-09] (LG Electronics Inc.)
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag.sys [23680 2014-10-09] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem.sys [28416 2014-10-09] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-11-01] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-11-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-11-01] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-11-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [777488 2014-11-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [411680 2014-11-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [68312 2014-11-01] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180632 2014-11-01] ()
R0 Bhbase; C:\Windows\System32\drivers\Bhbase.sys [47456 2014-03-11] (Baidu, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2013-11-15] (Disc Soft Ltd)
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [46392 2014-08-12] (GAS Tecnologia)
R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2009-02-10] (EZB Systems, Inc.)
R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2015-05-08] (GAS Tecnologia)
R1 netfilter; C:\Windows\System32\drivers\netfilter.sys [31744 2014-07-31] (NetFilterSDK.com) [Arquivo não assinado]
R2 npf; C:\Windows\System32\drivers\npf.sys [50704 2010-01-26] (CACE Technologies, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [324096 2013-12-30] (Duplex Secure Ltd.)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [33608 2014-04-09] (The OpenVPN Project)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
R4 WinDivert1.1; C:\Program Files\Diebold\Warsaw\WinDivert32.sys [31448 2015-04-01] (Basil)
U3 a52osa4d; C:\Windows\system32\Drivers\a52osa4d.sys [0 ] (Advanced Micro Devices) <==== ATENÇÃO (zero byte Arquivo/Pasta)
S3 andnetndis; system32\DRIVERS\lgandnetndis.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 catchme; \??\C:\Users\FAMILI~1\AppData\Local\Temp\catchme.sys [X]
S1 iSafeKrnlMon; \??\C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\5.0.0.0\PCFApiUtil.sys [X]
S1 ssnfd; system32\drivers\ssnfd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)
==================== Três Meses Criados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-06-13 23:20 - 2016-06-13 23:20 - 00046599 _____ C:\Users\familia senna\Downloads\FRST.txt
2016-06-13 23:17 - 2016-06-13 23:20 - 00000000 ____D C:\FRST
2016-06-13 23:16 - 2016-06-13 23:16 - 01736192 _____ (Farbar) C:\Users\familia senna\Downloads\FRST.exe
2016-06-12 10:25 - 2016-06-12 10:31 - 00000000 ____D C:\Users\familia senna\Desktop\Nova pasta
2016-06-12 10:21 - 2016-06-13 23:09 - 00002018 _____ C:\Users\familia senna\Desktop\Google Chrome.lnk
2016-06-10 11:01 - 2016-06-10 11:01 - 00000000 ____D C:\Users\familia senna\Documents\AdAppMgrSvcInstProxy
2016-06-10 11:00 - 2016-06-10 11:01 - 00000000 ____D C:\Users\Public\Downloads\DD4B4C98-1946-4C48-BE5D-041C80BB2310
2016-06-10 11:00 - 2016-06-10 11:00 - 00000000 ____D C:\Users\Public\Downloads\FD297AC8-ED96-42BD-A27E-AF45AA7DB189
2016-06-10 10:54 - 2016-06-10 10:54 - 00002249 _____ C:\Users\familia senna\Desktop\Install Now Autodesk® AutoCAD® 2017.lnk
2016-06-10 10:54 - 2016-06-10 10:54 - 00001489 _____ C:\Users\Public\Desktop\Aplicativo da área de trabalho Autodesk.lnk
2016-06-10 10:54 - 2016-06-10 10:54 - 00000000 ____D C:\Users\familia senna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-06-10 10:44 - 2016-06-10 10:44 - 00001889 _____ C:\Users\Public\Desktop\AutoCAD 2017 - English.lnk
2016-06-10 10:43 - 2016-06-10 11:01 - 00000000 ____D C:\Users\familia senna\AppData\Local\Autodesk
2016-06-10 10:43 - 2016-06-10 10:43 - 00000000 ____D C:\Users\Public\Documents\Autodesk
2016-06-10 10:38 - 2016-06-10 10:38 - 00000000 ____D C:\Program Files\Common Files\Macrovision Shared
2016-06-10 10:23 - 2016-06-10 10:54 - 00000000 ____D C:\Program Files\Autodesk
2016-06-10 10:10 - 2016-06-10 10:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-06-10 10:09 - 2016-06-10 10:40 - 00000000 ____D C:\Program Files\Common Files\Autodesk Shared
2016-06-10 09:56 - 2016-06-10 09:57 - 00000000 ____D C:\Users\familia senna\AppData\Roaming\WeatherTool
2016-06-10 09:56 - 2016-06-10 09:57 - 00000000 ____D C:\Users\familia senna\AppData\Local\{0102375E-25AA-5BE6-4832-7E0E6C5A8296}
2016-06-10 09:56 - 2016-06-10 09:56 - 00304661 _____ ( ) C:\Users\familia senna\Downloads\AutoCAD_2017_Crack_Completo_em_Portugues_BR_PH_Downs [1].exe
2016-06-10 09:56 - 2016-06-10 09:56 - 00000000 ____D C:\Users\Public\Documents\Guid
2016-06-10 09:56 - 2016-06-10 09:56 - 00000000 ____D C:\Users\familia senna\AppData\Roaming\Tv-Plug-In
2016-06-10 09:56 - 2016-06-10 09:56 - 00000000 ____D C:\Users\familia senna\AppData\LocalLow\Tv-Plug-In
2016-06-10 09:56 - 2016-06-10 09:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tv-Plug-In
2016-06-10 09:56 - 2016-06-10 09:56 - 00000000 ____D C:\Program Files\WeatherTool
2016-06-10 09:56 - 2016-06-10 09:56 - 00000000 ____D C:\Program Files\Tv-Plug-In
2016-06-10 09:55 - 2016-06-10 09:55 - 00919256 _____ C:\Users\familia senna\Downloads\AutoCAD_2017_Crack_Completo_em_Portugues_BR_PH_Downs.zip
2016-06-10 09:46 - 2016-06-10 09:46 - 00338320 _____ (Autodesk Inc.) C:\Users\familia senna\Downloads\AutoCAD_2017_English_Win_32_64bit_Trial_en-us_Setup_webinstall (1).exe
2016-06-10 09:24 - 2016-06-10 11:01 - 00000000 ____D C:\Users\familia senna\AppData\Roaming\Autodesk
2016-06-10 09:24 - 2016-06-10 10:54 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk
2016-06-10 09:24 - 2016-06-10 10:54 - 00000000 ____D C:\ProgramData\Autodesk
2016-06-10 09:22 - 2016-06-10 09:23 - 00000000 ____D C:\Users\familia senna\AppData\Local\Akamai
2016-06-10 09:22 - 2016-06-10 09:22 - 00000000 ____D C:\Autodesk
2016-06-10 09:10 - 2016-06-10 10:00 - 18661360 _____ C:\Users\familia senna\Downloads\AutoCAD_2017_English_Win_32_64bit_Trial_en-us_Setup.exe
2016-06-10 09:10 - 2016-06-10 09:10 - 00338320 _____ (Autodesk Inc.) C:\Users\familia senna\Downloads\AutoCAD_2017_English_Win_32_64bit_Trial_en-us_Setup_webinstall.exe
2016-06-08 16:34 - 2016-06-08 16:34 - 00159216 _____ C:\Windows\Minidump\060816-35271-01.dmp
2016-06-08 16:34 - 2016-06-08 16:34 - 00000000 ____D C:\Windows\Minidump
2016-06-08 16:33 - 2016-06-08 16:33 - 292465714 ____N C:\Windows\MEMORY.DMP
2016-06-05 09:57 - 2016-06-05 09:57 - 00018087 _____ C:\Users\familia senna\Documents\domingo noe2.pdf
2016-06-05 09:55 - 2016-06-05 09:55 - 00161377 _____ C:\Users\familia senna\Documents\DOMINGO NOE 5.pdf
2016-06-05 09:53 - 2016-06-05 09:53 - 00380816 _____ C:\Users\familia senna\Documents\DOMINGO NOE 4.pdf
2016-05-31 01:35 - 2016-05-31 01:35 - 00001018 _____ C:\Users\familia senna\Desktop\Hard Disk Low Level Format Tool.lnk
2016-05-31 01:35 - 2016-05-31 01:35 - 00000001 _____ C:\Users\familia senna\AppData\Local\llftool.4.40.agreement
2016-05-31 01:35 - 2016-05-31 01:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Low Level Format Tool
2016-05-31 01:35 - 2016-05-31 01:35 - 00000000 ____D C:\Program Files\HDDGURU LLF Tool
2016-05-31 01:21 - 2014-10-09 09:54 - 00028416 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem.sys
2016-05-31 01:21 - 2014-10-09 09:54 - 00023680 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag.sys
2016-05-31 01:21 - 2014-10-09 09:54 - 00015744 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetbus.sys
2016-05-31 00:42 - 2016-05-31 00:42 - 00000000 ____D C:\Users\familia senna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromium
2016-05-31 00:41 - 2016-05-31 00:42 - 00000000 ____D C:\Users\familia senna\AppData\Local\Chromium
2016-05-31 00:40 - 2016-06-10 09:56 - 00002503 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk
2016-05-31 00:40 - 2016-05-31 00:40 - 00000000 ____D C:\Users\familia senna\AppData\Local\{7FC1499D-5B69-2525-36F1-00CD1299FC55}
2016-05-08 10:52 - 2016-05-08 10:52 - 01202296 _____ C:\Users\familia senna\Documents\atividades.pdf
2016-04-28 00:47 - 2016-04-28 00:47 - 00021863 _____ C:\Users\familia senna\Downloads\alertnotice.zip
2016-04-28 00:47 - 2016-04-28 00:47 - 00000000 ____D C:\Users\familia senna\Downloads\alertnotice
2016-04-28 00:45 - 2016-04-28 00:45 - 00000000 ____D C:\Users\familia senna\Downloads\base_02
2016-04-28 00:44 - 2016-04-28 00:44 - 00074634 _____ C:\Users\familia senna\Downloads\base_02.zip
2016-04-28 00:30 - 2016-04-28 00:30 - 00001875 _____ C:\Users\familia senna\AppData\Local\recently-used.xbel
2016-04-18 15:26 - 2016-05-09 16:39 - 00099347 _____ C:\Users\familia senna\Desktop\SisFIES - Sistema de Financiamento ao Estudante.pdf
2016-04-07 18:27 - 2016-04-07 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2016-03-25 20:29 - 2016-03-25 20:29 - 00000000 ____D C:\Users\familia senna\AppData\LocalLow\uTorrent
==================== Três Meses Modificados arquivos e pastas ========
(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)
2016-06-13 23:16 - 2009-07-14 01:34 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-13 23:16 - 2009-07-14 01:34 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-13 23:13 - 2011-07-10 09:20 - 01638038 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-13 23:13 - 2009-07-14 05:31 - 00706880 _____ C:\Windows\system32\prfh0416.dat
2016-06-13 23:13 - 2009-07-14 05:31 - 00147126 _____ C:\Windows\system32\prfc0416.dat
2016-06-13 23:13 - 2009-07-13 23:37 - 00000000 ____D C:\Windows\inf
2016-06-13 23:11 - 2013-08-23 21:03 - 00000000 ____D C:\Program Files\WinZipper
2016-06-13 23:09 - 2014-11-02 13:10 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-06-13 23:08 - 2015-06-21 14:32 - 00000422 _____ C:\Windows\Tasks\simplitec Power Suite (Tray).job
2016-06-13 23:08 - 2015-02-19 16:44 - 00002436 _____ C:\Windows\Tasks\916a028c-c71c-498c-8bc0-ff59580dd93d-5_user.job
2016-06-13 23:08 - 2015-02-19 16:44 - 00002436 _____ C:\Windows\Tasks\916a028c-c71c-498c-8bc0-ff59580dd93d-5.job
2016-06-13 23:08 - 2015-02-04 16:14 - 00001054 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-13 23:08 - 2012-09-22 12:39 - 00000000 ____D C:\Users\Todos os Usuários\NVIDIA
2016-06-13 23:08 - 2012-09-22 12:39 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-13 23:08 - 2009-07-14 01:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-10 10:57 - 2011-07-10 09:19 - 00178624 _____ C:\Users\familia senna\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-10 10:57 - 2009-07-14 01:33 - 00592256 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-10 10:56 - 2013-03-02 19:49 - 00000902 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-10 10:48 - 2014-02-06 10:50 - 00000314 _____ C:\Windows\Tasks\Funmoods Chat.job
2016-06-10 10:36 - 2009-07-14 01:52 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-06-10 10:06 - 2015-02-04 16:14 - 00001058 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-10 10:06 - 2012-02-24 22:11 - 00001106 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4013655571-2967389295-1980390495-1000UA.job
2016-06-10 09:33 - 2015-02-03 17:47 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-06-10 09:33 - 2015-02-03 17:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-10 09:15 - 2012-06-18 08:52 - 00000000 ____D C:\Users\familia senna\Documents\programas
2016-06-10 09:08 - 2014-07-22 12:04 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-08 13:46 - 2015-02-24 11:08 - 00000000 ____D C:\Users\familia senna\Desktop\UNA
2016-06-08 12:48 - 2013-09-28 22:33 - 00000340 _____ C:\Users\familia senna\AppData\Roaming\WB.CFG
2016-06-05 09:58 - 2015-11-26 13:52 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-02 14:06 - 2014-11-01 22:08 - 00002047 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2016-06-01 20:08 - 2013-07-13 13:29 - 04613632 ___SH C:\Users\familia senna\Desktop\Thumbs.db
2016-05-31 01:21 - 2014-01-12 12:19 - 00000000 ____D C:\Program Files\LG Electronics
2016-05-28 22:06 - 2012-02-24 22:11 - 00001084 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4013655571-2967389295-1980390495-1000Core.job
2016-05-21 16:58 - 2014-08-19 22:39 - 00000000 ____D C:\Users\familia senna\Documents\arquivor igreja durval
2016-05-15 14:56 - 2013-03-02 19:49 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-05-15 14:56 - 2013-03-02 19:49 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
==================== Arquivos na raiz de alguns diretórios =======
2014-04-07 17:57 - 2014-04-07 17:57 - 6000640 _____ () C:\Program Files\GUTC57B.tmp
2012-09-14 21:07 - 2014-06-05 14:11 - 0138056 _____ () C:\Users\familia senna\AppData\Roaming\PnkBstrK.sys
2015-04-22 11:49 - 2015-06-17 13:20 - 0000132 _____ () C:\Users\familia senna\AppData\Roaming\Preferências do Formato PNG do Adobe CS6
2015-04-09 12:11 - 2015-04-09 12:11 - 0018263 _____ () C:\Users\familia senna\AppData\Roaming\unins000.dat
2015-04-09 12:11 - 2015-04-09 12:11 - 0815826 _____ () C:\Users\familia senna\AppData\Roaming\unins000.exe
2015-05-08 09:14 - 2015-05-08 09:18 - 0030778 _____ () C:\Users\familia senna\AppData\Roaming\unins001.dat
2015-05-08 09:17 - 2015-05-08 09:17 - 0720082 _____ () C:\Users\familia senna\AppData\Roaming\unins001.exe
2015-06-09 10:42 - 2015-06-09 10:42 - 0017709 _____ () C:\Users\familia senna\AppData\Roaming\unins002.dat
2015-06-09 10:42 - 2015-06-09 10:41 - 0730322 _____ () C:\Users\familia senna\AppData\Roaming\unins002.exe
2013-09-28 22:33 - 2016-06-08 12:48 - 0000340 _____ () C:\Users\familia senna\AppData\Roaming\WB.CFG
2011-12-14 20:05 - 2012-07-19 18:27 - 0006656 _____ () C:\Users\familia senna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-19 22:22 - 2015-02-19 22:22 - 0234679 _____ () C:\Users\familia senna\AppData\Local\dsi1.dat
2015-02-19 22:22 - 2015-02-19 22:22 - 0161916 _____ () C:\Users\familia senna\AppData\Local\dsi2.dat
2012-10-20 19:46 - 2013-04-03 10:36 - 0348990 _____ () C:\Users\familia senna\AppData\Local\funmoods-speeddial_sf.crx
2012-10-20 19:46 - 2012-10-20 19:46 - 0031465 _____ () C:\Users\familia senna\AppData\Local\funmoods.crx
2013-08-30 22:33 - 2013-08-30 22:32 - 0077717 _____ () C:\Users\familia senna\AppData\Local\funmoods_2.3.1.crx
2013-04-03 10:36 - 2013-04-03 10:36 - 0077654 _____ () C:\Users\familia senna\AppData\Local\funmoods_2.3.crx
2013-08-30 22:33 - 2013-08-30 22:32 - 0430107 _____ () C:\Users\familia senna\AppData\Local\funmoods_speedial_v9.0.10.crx
2016-05-31 01:35 - 2016-05-31 01:35 - 0000001 _____ () C:\Users\familia senna\AppData\Local\llftool.4.40.agreement
2014-09-24 10:47 - 2014-09-27 17:21 - 0000003 _____ () C:\Users\familia senna\AppData\Local\proxy.log
2016-04-28 00:30 - 2016-04-28 00:30 - 0001875 _____ () C:\Users\familia senna\AppData\Local\recently-used.xbel
2013-12-07 16:33 - 2013-12-07 16:33 - 0000000 _____ () C:\Users\familia senna\AppData\Local\{19DB5175-A727-45F7-99B8-EF73EAC93C9A}
2015-11-30 12:24 - 2015-11-30 12:24 - 0000000 _____ () C:\Users\familia senna\AppData\Local\{63ADC8C3-FC2C-4813-9B39-1E2191EC9DC3}
2014-10-13 11:39 - 2015-02-19 16:44 - 0000227 _____ () C:\ProgramData\bc.ini
2014-11-01 21:32 - 2014-11-01 22:04 - 0000036 _____ () C:\ProgramData\suguid.txt
2014-11-01 21:33 - 2014-11-01 22:04 - 0002496 _____ () C:\ProgramData\suscan.txt
Alguns arquivos em TEMP:
====================
C:\Users\familia senna\AppData\Local\temp\AcDeltree.exe
C:\Users\familia senna\AppData\Local\temp\avgnt.exe
==================== Bamital & volsnap =================
(Não há correção automática para arquivos que não passaram na verificação.)
C:\Windows\explorer.exe => O arquivo é assinado digitalmente
C:\Windows\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\Windows\system32\wininit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\svchost.exe => O arquivo é assinado digitalmente
C:\Windows\system32\services.exe => O arquivo é assinado digitalmente
C:\Windows\system32\User32.dll => O arquivo é assinado digitalmente
C:\Windows\system32\userinit.exe => O arquivo é assinado digitalmente
C:\Windows\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\Windows\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\Windows\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente
LastRegBack: 2016-06-09 23:53
==================== Fim de FRST.txt ============================