Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) VersÃ£o: 08-05-2017
Executado por sherman (administrador) em SHERMAN (09-05-2017 09:57:08)
Executando a partir de C:\Users\sherman\Downloads
Perfis Carregados: sherman (Perfis DisponÃ­veis: sherman)
Platform: Windows 10 Home Single Language VersÃ£o 1511 (X64) Idioma: PortuguÃªs (Brasil)
Internet Explorer VersÃ£o 11 (Navegador padrÃ£o: Chrome)
Modo da InicializaÃ§Ã£o: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluÃ­da na fixlist, o processo serÃ¡ fechado. O arquivo nÃ£o serÃ¡ movido.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Broadcom Corp.) C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\SysWOW64\Java\SYSSHERMAN50.exe
(A.E.T. Europe B.V.) C:\Windows\System32\aetcrss1.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.551\SSScheduler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.16102.10341.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registro (Whitelisted) ====================

(Se uma entrada for incluÃ­da na fixlist, o Ã­tem no Registro serÃ¡ restaurado para o padrÃ£o ou removido. O arquivo nÃ£o serÃ¡ movido.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [CertificateRegistration] => C:\WINDOWS\system32\aetcrss1.exe [25600 2013-03-04] (A.E.T. Europe B.V.)
HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239592 2017-04-27] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213824 2017-05-03] (AVAST Software)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [RadioController] => C:\Program Files (x86)\RadioController\RfBtnHelper.exe [111216 2013-02-25] (Dritek System Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ GbPluginBb: C:\Program Files (x86)\GbPlugin\gbieh.dll [2013-10-07] (Banco do Brasil)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2016-07-30] (Caixa Economica Federal)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
HKU\S-1-5-21-246924023-445947667-1718755967-1001\...\Run: [Adobe Reader Synchronizer] => C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe [763000 2017-03-28] (Adobe Systems Incorporated)
HKU\S-1-5-21-246924023-445947667-1718755967-1001\...\Run: [HW_OPENEYE_OUC_Claro] => "C:\Program Files (x86)\Claro\UpdateDog\ouc.exe"
HKU\S-1-5-21-246924023-445947667-1718755967-1001\...\Run: [HP Deskjet 3510 series (NET)] => C:\Program Files\HP\HP Deskjet 3510 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-246924023-445947667-1718755967-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7946656 2017-04-04] (SUPERAntiSpyware)
HKU\S-1-5-21-246924023-445947667-1718755967-1001\...\RunOnce: [Uninstall C:\Users\sherman\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sherman\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
HKU\S-1-5-21-246924023-445947667-1718755967-1001\...\RunOnce: [Uninstall C:\Users\sherman\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sherman\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"
HKU\S-1-5-21-246924023-445947667-1718755967-1001\...\RunOnce: [Uninstall C:\Users\sherman\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sherman\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-246924023-445947667-1718755967-1001\...\RunOnce: [Uninstall C:\Users\sherman\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\sherman\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-246924023-445947667-1718755967-1001\...\MountPoints2: {0f01d1a9-e22d-11e5-8179-20898404d9c4} - "E:\LGAutoRun.exe" 
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1487912 2013-10-07] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1903328 2016-07-30] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\sherman\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\sherman\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\sherman\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\amd64\FileSyncShell64.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-05-03] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2015-11-17] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\sherman\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\sherman\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\sherman\AppData\Local\Microsoft\OneDrive\17.3.6799.0327\FileSyncShell.dll [2017-04-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer Backup Manager Tray.lnk [2012-12-17]
ShortcutTarget: Acer Backup Manager Tray.lnk -> C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-05-03]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.551\SSScheduler.exe (McAfee, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: RestriÃ§Ã£o <======= ATENÃÃO

==================== Internet (Whitelisted) ====================

(Se um Ã­tem for incluÃ­do na fixlist, sendo um Ã­tem do Registro, serÃ¡ removido ou restaurado para o padrÃ£o.)

ProxyServer: [S-1-5-21-246924023-445947667-1718755967-1001] => 127.0.0.1:56003
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{1f17ebc0-e566-4faa-aa30-2888ccc11215}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{1f17ebc0-e566-4faa-aa30-2888ccc11215}: [DhcpNameServer] 192.168.25.1
Tcpip\..\Interfaces\{6b73f3c3-ebbe-4041-bc64-64608ccd5bec}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{6b73f3c3-ebbe-4041-bc64-64608ccd5bec}: [DhcpNameServer] 192.168.25.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: RestriÃ§Ã£o <======= ATENÃÃO
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
HKU\S-1-5-21-246924023-445947667-1718755967-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-246924023-445947667-1718755967-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKU\S-1-5-21-246924023-445947667-1718755967-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-246924023-445947667-1718755967-1001 -> {92001F8A-C36B-473A-91E7-5BE0C81CF2B3} URL = hxxp://clikseguro.com/Search.aspx?cx=017847565674971774939%3Aktp_l5v6i2u&ie=ISO-8859-1&q={searchTerms}
SearchScopes: HKU\S-1-5-21-246924023-445947667-1718755967-1001 -> {E6A36BE3-880C-4F09-80F9-33DAB391BC6D} URL = hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-246924023-445947667-1718755967-1001 -> {EF120891-F0B1-4A8D-A7C9-8238C9A42FC8} URL = 
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll [2013-01-28] (Qualcomm Atheros Commnucations)
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll => Nenhum Arquivo
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2015-10-19] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-19] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: Sem Nome -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> Nenhum Arquivo
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files (x86)\GbPlugin\gbieh.dll [2013-10-07] (Banco do Brasil)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2016-07-30] (Caixa Economica Federal)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-19] (Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2015-10-19] (pdfforge GmbH)
Toolbar: HKU\S-1-5-21-246924023-445947667-1718755967-1001 -> Sem Nome - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  Nenhum Arquivo
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\sherman\AppData\Roaming\Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 [2017-05-09]
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> http", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> http_port", 21618
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> no_proxies_on", ""
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> ssl", "127.0.0.1"
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> ssl_port", 21618
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> type", 1
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 ->  type", 1
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> http_port", 43691
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> ssl_port", 43691
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> http_port", 31393
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> ssl_port", 31393
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> http_port", 11753
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> ssl_port", 11753
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> http_port", 44941
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> ssl_port", 44941
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> http_port", 7553
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> ssl_port", 7553
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> http_port", 32625
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> ssl_port", 32625
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> http_port", 56003
FF NetworkProxy: Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653 -> ssl_port", 56003
FF Extension: (Search and New Tab by Yahoo) - C:\Users\sherman\AppData\Roaming\Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653\Extensions\jid1-16aeif9OQIRKxA@jetpack.xpi [2016-10-12]
FF Extension: (JavaScript on-off applet) - C:\Users\sherman\AppData\Roaming\Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653\Extensions\{54e46280-0211-11e3-b778-0800200c9a66}.xpi [2016-10-12]
FF Extension: (QuickJava) - C:\Users\sherman\AppData\Roaming\Mozilla\Firefox\Profiles\uqabcxg0.default-1462372101653\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2016-10-12]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-04-29]
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2015-12-08] [nÃ£o assinado]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nÃ£o encontrado (a)
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\sherman\AppData\Roaming\Mozilla\Firefox\Profiles\0ots96bb.default\extensions\quick_start@gmail.com => nÃ£o encontrado (a)
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nÃ£o encontrado (a)
FF HKU\S-1-5-21-246924023-445947667-1718755967-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Users\sherman\AppData\Local\GAS Tecnologia\GBBD\abn\xpi => nÃ£o encontrado (a)
FF HKU\S-1-5-21-246924023-445947667-1718755967-1001\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\sherman\AppData\Local\GAS Tecnologia\GBBD\cef\xpi
FF Extension: (GBBD Caixa Economica Federal) - C:\Users\sherman\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2015-11-25] [nÃ£o assinado]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml [2014-07-07]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-09-30]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_148.dll [2017-04-17] ()
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\mcafee\msc\npMcSnFFPl64.dll [Nenhum Arquivo]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Nenhum Arquivo]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll [2017-04-17] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-08-25] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-19] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\msc\npMcSnFFPl.dll [Nenhum Arquivo]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2015-10-19] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-246924023-445947667-1718755967-1001: gastecnologia.com.br/sf/cef -> C:\Users\sherman\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-246924023-445947667-1718755967-1001: gastecnologia.com.br/sf/cef64 -> C:\Users\sherman\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [2015-04-02] (GAS Tecnologia)

Chrome: 
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://www.google.com.br/"
CHR NewTab: Default ->  Not-active:"chrome-extension://kpdmjodecdegfglgaapafjleomjjlpnh/newtab.html"
CHR DefaultSearchURL: Default -> hxxps://br.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://br.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default [2017-05-09]
CHR Extension: (Google ApresentaÃ§Ãµes) - C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-08]
CHR Extension: (Click the disk) - C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aebbceobfnecaajaoonanjkjgkcfddbl [2017-03-16]
CHR Extension: (FreeOnlineRadioPlayerRecorder V1) - C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aicancafipiklohohmoognddncljhkio [2015-04-18] [UpdateUrl: hxxp://autoupdate.chromewebtb.tbccint.com/sb/?productId=CT3282722&extensionData=\u003Cextension_data>] <==== ATENÃÃO
CHR Extension: (Google Docs) - C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-08]
CHR Extension: (Google Drive) - C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (Google Search) - C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-04]
CHR Extension: (Planilhas do Google) - C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-08]
CHR Extension: (McAfeeÂ® WebAdvisor) - C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2017-03-21]
CHR Extension: (Documentos Google off-line) - C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-14]
CHR Extension: (Certisign) - C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjoehgfmpefldljiipnmgnfmcbfjkaad [2016-11-24]
CHR Extension: (Yahoo Partner) - C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh [2016-11-08]
CHR Extension: (Skype) - C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-09]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09]
CHR Extension: (Gmail) - C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08]
CHR Extension: (Chrome Media Router) - C:\Users\sherman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-04]
CHR HKU\S-1-5-21-246924023-445947667-1718755967-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [aicancafipiklohohmoognddncljhkio] - C:\Users\sherman\AppData\Local\CRE\aicancafipiklohohmoognddncljhkio.crx [2014-02-19]
CHR HKLM-x32\...\Chrome\Extension: [aicancafipiklohohmoognddncljhkio] - C:\Users\sherman\AppData\Local\CRE\aicancafipiklohohmoognddncljhkio.crx [2014-02-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nÃ£o encontrado (a)>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-04-29]

==================== ServiÃ§os (Whitelisted) ====================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7346208 2017-05-03] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263304 2017-05-03] (AVAST Software)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1428656 2017-04-27] (AVG Technologies CZ, s.r.o.)
R2 BrcmCardReader; C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe [176640 2012-08-20] (Broadcom Corp.) [Arquivo nÃ£o assinado]
S3 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation)
S3 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-07-13] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658064 2012-10-23] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
S3 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2017-04-03] (GAS Tecnologia)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.551\McCHSvc.exe [404376 2017-04-18] (McAfee, Inc.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-11-02] (NTI Corporation)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2015-10-19] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2015-10-19] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2015-10-19] (pdfforge GmbH)
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [96880 2013-02-25] (Dritek System INC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2017-03-28] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)

R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [311808 2017-05-03] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [190256 2017-05-03] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [334576 2017-05-03] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [49016 2017-05-03] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [38296 2017-05-03] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [32600 2017-05-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [128648 2017-05-03] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [101152 2017-05-03] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [75704 2017-05-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1007160 2017-05-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [569192 2017-05-03] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [158368 2017-05-03] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [339696 2017-05-03] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-12-08] (GAS Tecnologia)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R3 Ps2Kb2Hid; C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys [26736 2013-02-25] (Dritek System Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
R3 SzCCID; C:\WINDOWS\system32\DRIVERS\SzCCID.sys [40448 2011-01-21] (Generic)
S3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-12-08] (GAS Tecnologia LTDA)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U1 aswbdisk; nÃ£o ImagePath
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; \SystemRoot\System32\drivers\ew_juextctrl.sys [X]
S3 huawei_wwanecm; \SystemRoot\system32\DRIVERS\ew_juwwanecm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluÃ­da na fixlist, serÃ¡ removida do Registro. O arquivo nÃ£o serÃ¡ movido, a menos que seja colocado separadamente.)


==================== Um MÃªs Criados arquivos e pastas ========

(Se uma entrada for incluÃ­da na fixlist, o arquivo/pasta serÃ¡ movido.)

2017-05-09 09:57 - 2017-05-09 09:57 - 00033168 _____ C:\Users\sherman\Downloads\FRST.txt
2017-05-09 09:56 - 2017-05-09 09:57 - 00000000 ____D C:\FRST
2017-05-09 09:55 - 2017-05-09 09:56 - 02429440 _____ (Farbar) C:\Users\sherman\Downloads\FRST64.exe
2017-05-09 09:54 - 2017-05-09 09:55 - 01769984 _____ (Farbar) C:\Users\sherman\Downloads\FRST.exe
2017-05-08 12:24 - 2017-05-08 12:24 - 00878928 _____ C:\Users\sherman\Downloads\CARTÃO PONTO III-ilovepdf-compressed.pdf
2017-05-08 12:22 - 2017-05-08 12:22 - 00752086 _____ C:\Users\sherman\Downloads\CARTÃO PONTO I.compressed.pdf
2017-05-08 12:16 - 2017-05-08 12:16 - 01063842 _____ C:\Users\sherman\Downloads\REGISTRO DO EMPREGADO.compressed.pdf
2017-05-08 12:05 - 2017-05-08 12:05 - 03769638 _____ C:\Users\sherman\Downloads\9Âª ALTERAÃÃO CONTRATUAL - LUNA-ilovepdf-compressed.pdf
2017-05-08 11:52 - 2017-05-08 11:52 - 03775671 _____ C:\Users\sherman\Downloads\9Âª ALTERAÃÃO CONTRATUAL - LUNA.PDF
2017-05-08 11:52 - 2017-05-08 11:52 - 03216560 _____ C:\Users\sherman\Downloads\9Âª AlteraÃ§Ã£o do Contrato Social Alvorada.pdf
2017-05-08 10:12 - 2017-05-08 10:12 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-05-08 08:07 - 2017-05-08 08:07 - 00664262 _____ C:\Users\sherman\Downloads\reclamatoria jairton.pdf
2017-05-07 18:38 - 2017-05-07 18:38 - 00000955 _____ C:\Users\Public\Desktop\AVG.lnk
2017-05-07 18:38 - 2017-05-07 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-05-03 20:17 - 2017-05-03 20:17 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\SWCUTemp
2017-05-03 20:17 - 2017-05-03 20:17 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-05-03 19:48 - 2017-05-08 11:48 - 00000530 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 73e4c970-1602-403b-82cb-dcd5e41291bd.job
2017-05-03 19:48 - 2017-05-07 15:56 - 00000530 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 7ed94f75-cf7f-49cf-b6e4-4b7f27394f0d.job
2017-05-03 19:48 - 2017-05-03 19:48 - 00003758 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 7ed94f75-cf7f-49cf-b6e4-4b7f27394f0d
2017-05-03 19:48 - 2017-05-03 19:48 - 00003676 _____ C:\WINDOWS\System32\Tasks\SUPERAntiSpyware Scheduled Task 73e4c970-1602-403b-82cb-dcd5e41291bd
2017-05-03 19:47 - 2017-05-03 19:47 - 29874696 _____ (SUPERAntiSpyware) C:\Users\sherman\Downloads\SUPERAntiSpywarePro.exe
2017-05-03 19:47 - 2017-05-03 19:47 - 00001853 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
2017-05-03 19:47 - 2017-05-03 19:47 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\SUPERAntiSpyware.com
2017-05-03 19:47 - 2017-05-03 19:47 - 00000000 ____D C:\Users\sherman\AppData\Roaming\SUPERAntiSpyware.com
2017-05-03 19:47 - 2017-05-03 19:47 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2017-05-03 19:47 - 2017-05-03 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-05-03 19:47 - 2017-05-03 19:47 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2017-05-03 19:44 - 2017-05-03 19:44 - 29874552 _____ (SUPERAntiSpyware) C:\Users\sherman\Downloads\SUPERAntiSpyware.exe
2017-05-03 19:36 - 2017-05-03 19:36 - 00000017 _____ C:\Users\sherman\AppData\Local\resmon.resmoncfg
2017-05-03 17:14 - 2017-05-03 17:14 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\McAfee Security Scan
2017-05-03 17:14 - 2017-05-03 17:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-05-03 17:14 - 2017-05-03 17:14 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2017-05-03 16:33 - 2017-05-03 16:33 - 00000000 ___HD C:\$WINDOWS.~BT
2017-05-03 16:11 - 2017-05-05 09:23 - 00000000 ____D C:\AdwCleaner
2017-05-03 16:10 - 2017-05-03 16:11 - 04102600 _____ C:\Users\sherman\Desktop\adwcleaner_6.046.exe
2017-05-03 16:04 - 2017-05-03 16:04 - 00098299 _____ C:\Users\sherman\Downloads\FlashSetup-1493820410.zip
2017-05-03 15:38 - 2017-05-03 15:38 - 00032600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-05-03 15:38 - 2017-05-03 15:38 - 00004012 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1493836736
2017-05-03 15:38 - 2017-05-03 15:38 - 00001092 _____ C:\Users\Public\Desktop\Avast SafeZone Browser.lnk
2017-05-03 15:38 - 2017-05-03 15:38 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-05-03 15:36 - 2017-05-03 15:36 - 00001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2017-05-03 15:36 - 2017-05-03 15:36 - 00001971 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-05-03 15:36 - 2017-05-03 15:36 - 00000000 ____D C:\Users\sherman\AppData\Roaming\AVAST Software
2017-05-03 15:35 - 2017-05-05 09:28 - 00004268 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-05-03 15:35 - 2017-05-03 15:35 - 00569192 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-05-03 15:35 - 2017-05-03 15:35 - 00400456 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-05-03 15:35 - 2017-05-03 15:35 - 00339696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-05-03 15:35 - 2017-05-03 15:35 - 00158368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-05-03 15:35 - 2017-05-03 15:35 - 00128648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-05-03 15:35 - 2017-05-03 15:35 - 00101152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-05-03 15:35 - 2017-05-03 15:35 - 00075704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-05-03 15:35 - 2017-05-03 15:35 - 00038296 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-05-03 15:35 - 2017-05-03 15:35 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2017-05-03 15:35 - 2017-05-03 15:34 - 01007160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-05-03 15:35 - 2017-05-03 15:34 - 00334576 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-05-03 15:35 - 2017-05-03 15:34 - 00311808 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-05-03 15:35 - 2017-05-03 15:34 - 00190256 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-05-03 15:35 - 2017-05-03 15:34 - 00049016 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-05-03 15:32 - 2017-05-03 15:32 - 06919904 _____ (AVAST Software) C:\Users\sherman\Downloads\avast_free_antivirus_setup_online (1).exe
2017-05-03 11:21 - 2017-05-03 11:21 - 00000000 ____D C:\$SysReset
2017-05-03 10:53 - 2017-05-09 06:08 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-05-03 10:51 - 2017-05-03 10:52 - 03620960 _____ (AVG Technologies CZ, s.r.o.) C:\Users\sherman\Downloads\AVG_Protection_Free_698.exe
2017-05-03 10:28 - 2017-05-03 15:38 - 00000000 ____D C:\Program Files\AVAST Software
2017-05-03 10:18 - 2017-05-03 10:27 - 06919904 _____ (AVAST Software) C:\Users\sherman\Downloads\avast_free_antivirus_setup_online.exe
2017-05-02 19:16 - 2017-05-02 19:16 - 00095803 _____ C:\Users\sherman\Downloads\Flash-Setup144531225.zip
2017-05-02 10:11 - 2017-05-02 10:11 - 00003741 _____ C:\Users\sherman\Downloads\AssinadorTJPR (8).jnlp
2017-05-02 10:11 - 2017-05-02 10:11 - 00000000 ____D C:\Users\sherman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Assinador de Arquivos
2017-04-25 16:49 - 2017-04-25 16:49 - 00097167 _____ C:\Users\sherman\Downloads\JavaSetup_Installer_Versao.0.234.5.4.3.7.91.21.zip
2017-04-24 09:22 - 2017-04-24 09:22 - 00144784 _____ C:\Users\sherman\AppData\Local\GDIPFONTCACHEV1.DAT
2017-04-20 10:57 - 2017-04-20 10:57 - 00106447 _____ C:\Users\sherman\Downloads\NÃ£o confirmado 116464.crdownload
2017-04-20 09:39 - 2017-04-20 09:39 - 00003743 _____ C:\Users\sherman\Downloads\AssinadorTJPR (7).jnlp
2017-04-19 15:01 - 2017-04-19 15:01 - 00068731 _____ C:\Users\sherman\Desktop\manifestaÃ§Ã£o A.I.J - Diego Henrique Alexandrino-assinado.pdf.p7z
2017-04-19 14:57 - 2017-04-19 14:57 - 00002846 _____ C:\Users\sherman\Desktop\certificado.cer
2017-04-19 10:40 - 2017-04-19 10:40 - 44039072 _____ C:\Users\sherman\Downloads\NÃ£o confirmado 410280.crdownload
2017-04-19 10:39 - 2017-04-19 10:40 - 44039072 _____ C:\Users\sherman\Downloads\Firefox Setup 45.8.0esr.exe
2017-04-19 10:30 - 2017-04-19 10:36 - 00000000 ____D C:\Users\sherman\AppData\LocalLow\Mozilla
2017-04-19 10:30 - 2017-04-19 10:30 - 45406000 _____ C:\Users\sherman\Downloads\NÃ£o confirmado 991335.crdownload
2017-04-19 10:29 - 2017-04-19 10:29 - 45406000 _____ C:\Users\sherman\Downloads\Firefox Setup 52.0.2esr.exe
2017-04-19 10:04 - 2017-04-19 10:04 - 00738368 _____ (Oracle Corporation) C:\Users\sherman\Downloads\JavaSetup8u131.exe
2017-04-19 10:00 - 2017-04-19 10:03 - 00001300 _____ C:\Users\sherman\Downloads\launch-advogados (1).jnlp
2017-04-19 09:50 - 2017-04-19 09:50 - 00001300 _____ C:\Users\sherman\Downloads\launch-advogados.jnlp
2017-04-18 10:26 - 2017-04-18 10:26 - 00003822 _____ C:\Users\sherman\Downloads\AssinadorTJPR (6).jnlp
2017-04-18 10:24 - 2017-04-18 10:24 - 00524420 _____ C:\Users\sherman\Desktop\manifestaÃ§Ã£o A.I.J - Diego Henrique Alexandrino.pdf.p7s
2017-04-18 10:23 - 2017-04-18 10:24 - 00060881 _____ C:\Users\sherman\Desktop\manifestaÃ§Ã£o A.I.J - Diego Henrique Alexandrino.pdf
2017-04-18 10:18 - 2017-04-18 10:18 - 00003870 _____ C:\Users\sherman\Downloads\AssinadorTJPR (5).jnlp
2017-04-18 10:12 - 2017-04-18 10:13 - 00003805 _____ C:\Users\sherman\Downloads\AssinadorTJPR (4).jnlp
2017-04-18 10:08 - 2017-04-18 10:08 - 00003869 _____ C:\Users\sherman\Downloads\AssinadorTJPR (3).jnlp
2017-04-18 10:07 - 2017-04-18 10:07 - 00003805 _____ C:\Users\sherman\Downloads\AssinadorTJPR (2).jnlp
2017-04-17 13:06 - 2017-04-17 13:06 - 00512176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-04-17 11:03 - 2017-04-17 11:03 - 00214158 _____ C:\Users\sherman\Downloads\FlashPlayer Atualizar (1).exe
2017-04-17 10:58 - 2017-04-17 10:58 - 00003420 _____ C:\WINDOWS\System32\Tasks\SYSSHERMAN50
2017-04-17 10:58 - 2017-04-17 10:58 - 00000152 _____ C:\WINDOWS\SysWOW64\SHERMANx.ocx
2017-04-17 10:58 - 2017-04-17 10:58 - 00000000 ____D C:\WINDOWS\SysWOW64\Java
2017-04-17 10:57 - 2017-04-17 10:57 - 00214158 _____ C:\Users\sherman\Downloads\FlashPlayer Atualizar.exe
2017-04-13 15:49 - 2017-04-13 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-04-13 15:13 - 2017-05-03 15:38 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\AVAST Software
2017-04-13 15:13 - 2017-05-03 15:38 - 00000000 ____D C:\ProgramData\AVAST Software
2017-04-13 15:13 - 2017-04-13 15:13 - 06903192 _____ (AVAST Software) C:\Users\sherman\Downloads\avast_free_antivirus_setup_online_b1d.exe
2017-04-12 21:06 - 2017-03-28 06:11 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-04-12 21:06 - 2017-03-28 06:05 - 06536248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-04-12 21:06 - 2017-03-28 05:59 - 00262400 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2017-04-12 21:06 - 2017-03-28 05:52 - 00168360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-04-12 21:06 - 2017-03-28 05:51 - 00602256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-04-12 21:06 - 2017-03-28 05:50 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-04-12 21:06 - 2017-03-28 04:53 - 06958304 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-04-12 21:06 - 2017-03-28 04:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-04-12 21:06 - 2017-03-28 04:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-04-12 21:06 - 2017-03-28 04:45 - 00958120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-04-12 21:06 - 2017-03-28 04:44 - 02944592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-04-12 21:06 - 2017-03-28 04:44 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-04-12 21:06 - 2017-03-28 04:41 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-04-12 21:06 - 2017-03-28 04:40 - 05240440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-04-12 21:06 - 2017-03-28 04:08 - 00546968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-04-12 21:06 - 2017-03-28 04:08 - 00316248 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-04-12 21:06 - 2017-03-28 04:06 - 01522664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-04-12 21:06 - 2017-03-28 04:06 - 01370736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-04-12 21:06 - 2017-03-28 03:41 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-04-12 21:06 - 2017-03-28 03:37 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-04-12 21:06 - 2017-03-28 03:26 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-04-12 21:06 - 2017-03-28 03:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-04-12 21:06 - 2017-03-28 03:23 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-04-12 21:06 - 2017-03-28 03:17 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-04-12 21:06 - 2017-03-28 03:12 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-04-12 21:06 - 2017-03-28 03:10 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-04-12 21:06 - 2017-03-28 03:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-04-12 21:06 - 2017-03-28 03:06 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2017-04-12 21:06 - 2017-03-28 03:01 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2017-04-12 21:06 - 2017-03-28 02:57 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-04-12 21:06 - 2017-03-28 02:56 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-04-12 21:06 - 2017-03-28 02:53 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2017-04-12 21:06 - 2017-03-28 02:47 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-04-12 21:06 - 2017-03-28 02:43 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2017-04-12 21:06 - 2017-03-28 02:42 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-04-12 21:06 - 2017-03-28 02:41 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-04-12 21:06 - 2017-03-28 02:35 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2017-04-12 21:06 - 2017-03-28 02:33 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-04-12 21:06 - 2017-03-28 02:33 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-04-12 21:06 - 2017-03-28 02:32 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2017-04-12 21:06 - 2017-03-28 02:19 - 02911744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-04-12 21:06 - 2017-03-28 02:18 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-04-12 21:06 - 2017-03-28 02:18 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-04-12 21:06 - 2017-03-28 02:11 - 01501696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-04-12 21:06 - 2017-03-28 02:08 - 02878976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-04-12 21:06 - 2017-03-28 02:04 - 06296064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-04-12 21:06 - 2017-03-28 01:47 - 04405248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-04-12 21:06 - 2017-03-28 01:45 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2017-04-12 21:06 - 2017-03-28 01:41 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-04-12 21:06 - 2017-03-28 01:13 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-04-12 21:06 - 2017-03-18 13:41 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-04-12 21:05 - 2017-03-28 07:20 - 00100192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-04-12 21:05 - 2017-03-28 07:18 - 01997840 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-04-12 21:05 - 2017-03-28 07:17 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-04-12 21:05 - 2017-03-28 07:17 - 00800080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-04-12 21:05 - 2017-03-28 06:51 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2017-04-12 21:05 - 2017-03-28 06:18 - 08710320 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-04-12 21:05 - 2017-03-28 06:12 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-04-12 21:05 - 2017-03-28 06:11 - 03698216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-04-12 21:05 - 2017-03-28 06:06 - 06604992 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-04-12 21:05 - 2017-03-28 05:51 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-04-12 21:05 - 2017-03-28 05:28 - 01777792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-04-12 21:05 - 2017-03-28 05:12 - 00388888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-04-12 21:05 - 2017-03-28 05:05 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-04-12 21:05 - 2017-03-28 04:52 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-04-12 21:05 - 2017-03-28 04:42 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-04-12 21:05 - 2017-03-28 04:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-04-12 21:05 - 2017-03-28 04:31 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-04-12 21:05 - 2017-03-28 04:29 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-04-12 21:05 - 2017-03-28 04:21 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-04-12 21:05 - 2017-03-28 04:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-04-12 21:05 - 2017-03-28 04:17 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-04-12 21:05 - 2017-03-28 04:16 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2017-04-12 21:05 - 2017-03-28 04:14 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-04-12 21:05 - 2017-03-28 04:10 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-04-12 21:05 - 2017-03-28 04:01 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-04-12 21:05 - 2017-03-28 03:56 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2017-04-12 21:05 - 2017-03-28 03:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-04-12 21:05 - 2017-03-28 03:54 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-04-12 21:05 - 2017-03-28 03:53 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-04-12 21:05 - 2017-03-28 03:51 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-04-12 21:05 - 2017-03-28 03:48 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-04-12 21:05 - 2017-03-28 03:46 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-04-12 21:05 - 2017-03-28 03:44 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2017-04-12 21:05 - 2017-03-28 03:26 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-04-12 21:05 - 2017-03-28 03:20 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-04-12 21:05 - 2017-03-28 03:12 - 01729536 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-04-12 21:05 - 2017-03-28 03:06 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-04-12 21:05 - 2017-03-28 03:05 - 07977984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-04-12 21:05 - 2017-03-28 03:01 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-04-12 21:05 - 2017-03-28 02:56 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-04-12 21:05 - 2017-03-28 02:53 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-04-12 21:05 - 2017-03-28 02:44 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-04-12 21:05 - 2017-03-28 02:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-04-12 21:05 - 2017-03-28 02:41 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-04-12 21:05 - 2017-03-28 02:40 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-04-12 21:05 - 2017-03-28 02:39 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2017-04-12 21:05 - 2017-03-28 02:36 - 04895744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-04-12 21:05 - 2017-03-28 02:36 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-04-12 21:05 - 2017-03-28 02:29 - 22375424 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-04-12 21:05 - 2017-03-28 02:22 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-04-12 21:05 - 2017-03-28 02:20 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-04-12 21:05 - 2017-03-28 02:06 - 07856640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-04-12 21:05 - 2017-03-28 01:48 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-04-12 21:05 - 2017-03-28 01:46 - 19344896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-04-12 21:05 - 2017-03-28 01:45 - 18671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-04-12 21:05 - 2017-03-28 01:45 - 12134912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-04-12 21:05 - 2017-03-28 01:31 - 05670912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-04-12 21:05 - 2017-03-20 22:36 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-04-12 21:05 - 2017-03-18 17:39 - 22560744 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-04-12 21:04 - 2017-03-28 07:19 - 00202480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-04-12 21:04 - 2017-03-28 07:14 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-04-12 21:04 - 2017-03-28 07:12 - 00061792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-04-12 21:04 - 2017-03-28 06:08 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-04-12 21:04 - 2017-03-28 06:05 - 01540216 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-04-12 21:04 - 2017-03-28 06:05 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-04-12 21:04 - 2017-03-28 06:03 - 01128104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-04-12 21:04 - 2017-03-28 06:03 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-04-12 21:04 - 2017-03-28 05:30 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-04-12 21:04 - 2017-03-28 05:29 - 01986912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-04-12 21:04 - 2017-03-28 05:29 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-04-12 21:04 - 2017-03-28 05:29 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-04-12 21:04 - 2017-03-28 05:28 - 01594928 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2017-04-12 21:04 - 2017-03-28 04:52 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-04-12 21:04 - 2017-03-28 04:51 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-04-12 21:04 - 2017-03-28 04:50 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-04-12 21:04 - 2017-03-28 04:48 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-04-12 21:04 - 2017-03-28 04:40 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-04-12 21:04 - 2017-03-28 04:38 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2017-04-12 21:04 - 2017-03-28 04:37 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-04-12 21:04 - 2017-03-28 04:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2017-04-12 21:04 - 2017-03-28 04:20 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-04-12 21:04 - 2017-03-28 04:20 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2017-04-12 21:04 - 2017-03-28 04:18 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-04-12 21:04 - 2017-03-28 04:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-04-12 21:04 - 2017-03-28 04:13 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-04-12 21:04 - 2017-03-28 04:09 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-04-12 21:04 - 2017-03-28 03:55 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2017-04-12 21:04 - 2017-03-28 03:53 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-04-12 21:04 - 2017-03-28 03:41 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-04-12 21:04 - 2017-03-28 03:40 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2017-04-12 21:04 - 2017-03-28 03:21 - 03586048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-04-12 21:04 - 2017-03-28 03:19 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-04-12 21:04 - 2017-03-28 03:16 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-04-12 21:04 - 2017-03-28 02:55 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-04-12 21:04 - 2017-03-28 02:42 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-04-12 21:04 - 2017-03-28 02:30 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2017-04-12 21:04 - 2017-03-28 02:20 - 24604160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-04-12 21:04 - 2017-03-28 02:01 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll

==================== Um MÃªs Modificados arquivos e pastas ========

(Se uma entrada for incluÃ­da na fixlist, o arquivo/pasta serÃ¡ movido.)

2017-05-09 09:52 - 2017-01-24 08:05 - 00103424 _____ C:\Users\sherman\Desktop\CARDÃPIO.xls
2017-05-09 09:51 - 2014-07-07 14:14 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{FCF99C5B-650F-43D2-B8BC-054B9506D948}
2017-05-09 06:13 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-09 06:11 - 2015-10-30 04:24 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-08 12:29 - 2013-05-27 11:36 - 00000000 ____D C:\Users\sherman\AppData\Roaming\Mozilla
2017-05-08 10:13 - 2014-02-17 14:58 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-05-05 10:58 - 2016-03-03 12:57 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-05 10:10 - 2016-03-03 13:33 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-05 09:19 - 2015-11-05 07:57 - 00000000 ____D C:\Users\sherman\AppData\Local\AvgSetupLog
2017-05-03 20:14 - 2015-10-30 03:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2017-05-03 20:13 - 2014-02-19 17:37 - 00000000 ____D C:\Users\sherman\AppData\LocalLow\FreeOnlineRadioPlayerRecorder_V1
2017-05-03 20:13 - 2014-02-19 17:37 - 00000000 ____D C:\Program Files (x86)\FreeOnlineRadioPlayerRecorder_V1
2017-05-03 17:14 - 2017-01-27 11:41 - 00002013 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-05-03 17:14 - 2015-11-13 06:38 - 00000000 ____D C:\Program Files\McAfee Security Scan
2017-05-03 16:23 - 2015-11-05 07:57 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\Avg
2017-05-03 16:23 - 2015-11-05 07:57 - 00000000 ____D C:\ProgramData\Avg
2017-05-03 16:19 - 2016-03-03 13:08 - 00000000 ____D C:\Users\sherman
2017-05-03 15:35 - 2015-07-22 09:43 - 00000000 ____D C:\Program Files\Common Files\AV
2017-05-03 15:06 - 2016-10-18 09:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-03 15:04 - 2015-07-22 09:41 - 00000000 ____D C:\Program Files (x86)\AVG
2017-05-03 14:56 - 2013-08-13 08:25 - 00000000 ____D C:\Users\sherman\AppData\Local\ElevatedDiagnostics
2017-05-03 11:06 - 2013-02-25 11:23 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\Norton
2017-05-03 11:06 - 2013-02-25 11:23 - 00000000 ____D C:\ProgramData\Norton
2017-05-03 10:43 - 2013-02-25 11:23 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\NortonInstaller
2017-05-03 10:43 - 2013-02-25 11:23 - 00000000 ____D C:\ProgramData\NortonInstaller
2017-05-03 10:42 - 2016-03-03 13:28 - 01819594 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-03 10:42 - 2015-10-30 16:12 - 00785460 _____ C:\WINDOWS\system32\prfh0416.dat
2017-05-03 10:42 - 2015-10-30 16:12 - 00154246 _____ C:\WINDOWS\system32\prfc0416.dat
2017-05-03 10:42 - 2015-10-30 04:21 - 00000000 ____D C:\WINDOWS\INF
2017-05-02 11:58 - 2017-04-03 10:44 - 00030720 _____ C:\Users\sherman\Desktop\LOTOFÃCIL.xls
2017-05-02 10:11 - 2017-03-29 10:45 - 00002429 _____ C:\Users\sherman\Desktop\Assinador de Arquivos.lnk
2017-05-02 09:49 - 2015-04-08 15:02 - 00003586 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-02 09:49 - 2015-04-08 15:02 - 00003462 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-04-24 09:23 - 2016-06-06 16:20 - 00000000 ____D C:\Users\sherman\Desktop\Casorio
2017-04-20 17:54 - 2016-08-15 11:01 - 00000000 ____D C:\Users\sherman\Desktop\CORRETAGEM
2017-04-19 10:08 - 2016-10-12 08:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-04-19 10:08 - 2014-02-19 16:19 - 00000000 ____D C:\Program Files (x86)\Java
2017-04-19 10:08 - 2014-02-17 10:06 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\Oracle
2017-04-19 10:08 - 2014-02-17 10:06 - 00000000 ____D C:\ProgramData\Oracle
2017-04-19 10:07 - 2016-10-12 08:40 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-04-17 17:53 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\rescache
2017-04-17 14:49 - 2013-06-29 10:05 - 00000000 ____D C:\Program Files (x86)\PSafe
2017-04-17 14:49 - 2013-05-24 12:03 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-04-17 13:06 - 2015-05-28 15:17 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-04-17 13:06 - 2015-05-28 15:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-04-17 13:01 - 2015-10-30 04:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-04-17 13:01 - 2015-10-30 04:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-04-17 13:01 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-04-17 13:01 - 2015-10-30 04:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2017-04-17 13:01 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-04-17 13:01 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files\Windows Defender
2017-04-17 13:01 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-04-17 13:01 - 2015-10-30 04:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-04-17 12:35 - 2015-10-30 04:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-04-17 12:35 - 2015-07-30 08:02 - 00000000 ____D C:\Users\sherman\AppData\Local\Avg
2017-04-17 12:28 - 2013-05-27 11:49 - 00000000 ____D C:\Users\sherman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-17 12:28 - 2013-05-27 11:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-04-17 12:28 - 2013-05-27 11:49 - 00000000 ____D C:\Program Files\WinRAR
2017-04-17 12:23 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-04-17 12:23 - 2014-02-25 17:14 - 00004460 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-04-17 12:22 - 2015-10-30 04:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-04-17 10:46 - 2015-10-30 03:28 - 00065536 ___SH C:\WINDOWS\system32\config\ELAM
2017-04-13 15:49 - 2015-07-15 17:14 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2017-04-13 15:49 - 2015-07-15 17:14 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-04-13 15:49 - 2015-07-15 17:14 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\Skype
2017-04-13 15:49 - 2015-07-15 17:14 - 00000000 ____D C:\ProgramData\Skype
2017-04-13 15:48 - 2017-01-04 08:55 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\Package Cache
2017-04-13 15:48 - 2017-01-04 08:55 - 00000000 ____D C:\ProgramData\Package Cache
2017-04-13 15:44 - 2013-07-30 16:46 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-04-13 15:40 - 2015-10-30 04:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-04-13 15:40 - 2013-05-27 11:18 - 148601744 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-04-13 15:33 - 2015-05-28 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-04-13 15:17 - 2016-10-18 09:48 - 00000000 ____D C:\temp
2017-04-12 21:35 - 2016-03-06 18:29 - 00000000 ____D C:\Users\sherman\Desktop\GISLAINE
2017-04-12 18:31 - 2017-01-23 09:56 - 00003278 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-04-12 18:31 - 2016-03-03 14:09 - 00002416 _____ C:\Users\sherman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-04-12 18:31 - 2013-05-24 12:55 - 00000000 ___RD C:\Users\sherman\SkyDrive
2017-04-11 10:45 - 2013-07-30 09:50 - 00000000 ____D C:\Users\Todos os UsuÃ¡rios\GbPlugin
2017-04-11 10:45 - 2013-07-30 09:50 - 00000000 ____D C:\ProgramData\GbPlugin

==================== Arquivos na raiz de alguns diretÃ³rios =======

2015-03-25 17:18 - 2015-03-25 17:18 - 0017823 _____ () C:\Users\sherman\AppData\Roaming\unins001.dat
2015-03-25 17:18 - 2015-03-25 17:18 - 0730322 _____ () C:\Users\sherman\AppData\Roaming\unins001.exe
2014-04-22 10:51 - 2014-09-23 08:47 - 0000126 _____ () C:\Users\sherman\AppData\Roaming\WB.CFG
2013-08-03 05:46 - 2013-09-25 07:58 - 0000119 _____ () C:\Users\sherman\AppData\Local\ap_UA-24552437-8.txt
2013-08-03 05:46 - 2013-08-13 08:51 - 0000116 _____ () C:\Users\sherman\AppData\Local\ap_UA-24552437-9.txt
2015-05-27 09:37 - 2014-03-12 12:31 - 0210944 _____ (VDC Company) C:\Users\sherman\AppData\Local\CommonLauncher.exe
2015-05-27 09:37 - 2014-03-21 10:25 - 0109568 _____ () C:\Users\sherman\AppData\Local\ContentAgent.exe
2015-06-17 19:00 - 2015-06-17 19:00 - 0003584 _____ () C:\Users\sherman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-25 09:17 - 2015-11-25 09:38 - 0007260 _____ () C:\Users\sherman\AppData\Local\HWVendorDetection.log
2016-03-31 08:11 - 2016-03-31 08:11 - 0004096 ____H () C:\Users\sherman\AppData\Local\keyfile3.drm
2015-05-27 09:37 - 2013-03-18 17:45 - 1122304 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\sherman\AppData\Local\libeay32.dll
2015-05-27 09:37 - 2011-06-11 00:58 - 0421200 _____ (Microsoft Corporation) C:\Users\sherman\AppData\Local\msvcp100.dll
2015-05-27 09:37 - 2011-06-11 00:58 - 0773968 _____ (Microsoft Corporation) C:\Users\sherman\AppData\Local\msvcr100.dll
2015-05-27 09:37 - 2013-08-07 15:32 - 2598912 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\sherman\AppData\Local\QtCore4.dll
2015-05-27 09:37 - 2013-06-27 10:16 - 8581632 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\sherman\AppData\Local\QtGui4.dll
2015-05-27 09:37 - 2013-06-27 10:10 - 1053696 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\sherman\AppData\Local\QtNetwork4.dll
2015-05-27 09:37 - 2013-06-27 11:29 - 13112320 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Users\sherman\AppData\Local\QtWebKit4.dll
2017-05-03 19:36 - 2017-05-03 19:36 - 0000017 _____ () C:\Users\sherman\AppData\Local\resmon.resmoncfg
2015-05-27 09:37 - 2013-03-18 17:45 - 0274432 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\sherman\AppData\Local\ssleay32.dll
2013-05-24 14:21 - 2013-05-24 14:21 - 0000057 _____ () C:\ProgramData\Ament.ini
2013-11-22 08:40 - 2013-11-22 08:40 - 0170344 _____ (Baidu, Inc.) C:\ProgramData\FileSplitUpLoad.dll

Arquivos para serem movidos ou deletados:
====================
C:\ProgramData\FileSplitUpLoad.dll
C:\Users\Todos os UsuÃ¡rios\FileSplitUpLoad.dll


Alguns arquivos em TEMP:
====================
2017-04-17 10:57 - 2015-10-30 04:19 - 0451072 _____ (Microsoft Corporation) C:\Users\sherman\AppData\Local\Temp\ps.exe

==================== Bamital & volsnap ======================

(NÃ£o hÃ¡ correÃ§Ã£o automÃ¡tica para arquivos que nÃ£o passaram na verificaÃ§Ã£o.)

C:\WINDOWS\system32\winlogon.exe => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo Ã© assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo Ã© assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo Ã© assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo Ã© assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo Ã© assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo Ã© assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo Ã© assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo Ã© assinado digitalmente

LastRegBack: 2017-05-08 12:33

==================== Fim de FRST.txt ============================