Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-10-2019 Ran by Carolina (administrator) on CAROL (Hewlett-Packard Presario CQ56 Notebook PC) (05-10-2019 21:14:20) Running from C:\Users\aloisio\Downloads Loaded Profiles: Carolina (Available Profiles: Carolina & Guest) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\CYPE Ingenieros\Versão 2012\servipas\servcpas.exe (Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (Discord Inc. -> Discord Inc.) C:\Users\aloisio\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\aloisio\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\aloisio\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\aloisio\AppData\Local\Discord\app-0.0.305\Discord.exe (GAS INFORMATICA LTDA -> GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe (GAS INFORMATICA LTDA -> GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe (GAS INFORMATICA LTDA -> GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe Failed to access process -> csrss.exe Failed to access process -> csrss.exe Failed to access process -> WmiPrvSE.exe Failed to access process -> WmiPrvSE.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated -> Synaptics Incorporated) HKU\S-1-5-21-3941360438-1443855348-3531779757-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Windows -> Microsoft Corporation) HKU\S-1-5-21-3941360438-1443855348-3531779757-1000\...\Run: [Discord] => C:\Users\aloisio\AppData\Local\Discord\app-0.0.305\Discord.exe [81780056 2019-03-07] (Discord Inc. -> Discord Inc.) HKU\S-1-5-21-3941360438-1443855348-3531779757-1000\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-3941360438-1443855348-3531779757-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-3941360438-1443855348-3531779757-1000\...\Policies\Explorer: [] HKU\S-1-5-21-3941360438-1443855348-3531779757-1000\Sortware\Policies\...\system: [disablecmd] 0 HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.90\Installer\chrmstp.exe [2019-06-16] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{10880D85-AAD9-4558-ABDC-2AB1552D831F}] -> C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe [2010-08-16] (Hewlett-Packard Company -> Hewlett-Packard Company) GroupPolicy\User: Restriction ? <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0497A4DE-FFA8-4CCD-BED5-2EEB480F249E} - System32\Tasks\{0DAD60CB-EBF7-4C22-98F0-A8155FB1ED65} => C:\Windows\system32\pcalua.exe -a "C:\Users\aloisio\Downloads\Executáveis de programas\AutoCAD_2013_English_Win_64bit.exe" -d "C:\Users\aloisio\Downloads\Executáveis de programas" Task: {1C4C0931-0EDD-4723-A723-DC2C2C69897A} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(1): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate Task: {1C4C0931-0EDD-4723-A723-DC2C2C69897A} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Command(2): %windir%\system32\rundll32.exe -> invagent.dll,RunUpdate -noappraiser Task: {2B621772-47DE-4EE9-9C27-D8C371D4D547} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [143736 2019-09-12] (HP Inc. -> HP Inc.) Task: {2CC58F60-9AC2-4A97-80A5-BFB02F54F349} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-01] (Google Inc -> Google LLC) Task: {30CCC4AA-FF64-4502-9E83-B4A7851897B7} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2010-09-27] (Hewlett-Packard Company -> ) Task: {3811895B-15C2-43DD-83FA-2D8C2B2854C6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-12] (Adobe Inc. -> Adobe) Task: {405561DB-2539-4CCD-B07A-059ACA75A67E} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3941360438-1443855348-3531779757-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe Task: {47A584FF-CDEB-4EA2-AB56-59B91AF034F6} - System32\Tasks\{2400E088-582F-4CC0-AB95-20CB1B86500F} => C:\Windows\system32\pcalua.exe -a C:\Users\aloisio\Downloads\sp50718.exe -d C:\Users\aloisio\Downloads Task: {491567A8-362E-4851-8BB3-1F7947FBE943} - \GoogleUpdateService -> No File <==== ATTENTION Task: {4B46E8AE-4981-448B-82A5-3894F8719614} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [655736 2019-07-31] (HP Inc. -> HP Inc.) Task: {53F533C3-D23E-4752-B150-72A0E3DC4105} - System32\Tasks\{95199C41-7E67-46E4-B825-7C7443E4F3E9} => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe Task: {59D57570-D269-4B10-B3D8-AFB1C0148A4C} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2010-09-29] (CyberLink -> CyberLink) Task: {5A875BEE-0EE7-4011-BAD3-6DB9DE49AFD5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [4811032 2014-09-26] (Piriform Ltd -> Piriform Ltd) Task: {5F478468-DA8C-475D-A3E3-E7013C23EEDC} - System32\Tasks\{48C7248B-00CC-C02D-76C0-6E97DE0F8AAD} => C:\Windows\YaIMANa.exe [73216 1601-01-03] (Microsoft Windows -> Microsoft Corporation) Task: {7B3311CD-71F0-42ED-A6AB-7A9AAE3D5F90} - System32\Tasks\RealCreateProcessScheduledTask10306580S-1-5-21-3941360438-1443855348-3531779757-1000 => c:\program files (x86)\real\realplayer\update\realsched.exe Task: {8750FF1B-A6BF-4E76-BBEF-1C11CEEA3EFF} - System32\Tasks\{795A9593-E13B-3C75-2A24-B72BB5A1C13A} => C:\Users\aloisio\AppData\Local\yTXR.exe Task: {8C771940-7A81-4676-9E85-69A839AF2F4F} - System32\Tasks\{5DC9A008-436F-4480-8692-F20DED93ED79} => C:\Windows\system32\pcalua.exe -a C:\Users\aloisio\Downloads\avira_free_antivirus_en.exe -d "C:\Program Files (x86)\Mozilla Firefox" Task: {9242537C-6375-4200-B2D2-A37B17564105} - System32\Tasks\{2ABC85F1-9BDF-427A-9AD2-9904EB855698} => C:\Users\aloisio\Downloads\Executáveis de programas\Malwarebytes Premium 3.1.2.1733 - 2017\MalwareBytes Keygen.exe Task: {93FEDB95-37C1-472B-902F-D5AEB744CA2E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks [Argument = /run /TN "\Microsoft\Windows\Setup\gwx\refreshgwxconfig"] Task: {A1B631BF-EC3D-44A0-84DF-3DDAAEDFDA0A} - System32\Tasks\{F741584D-F201-484B-9164-4464DB5AD950} => C:\Windows\system32\pcalua.exe -a C:\Users\aloisio\Desktop\EBERICK\hdd32.exe -d C:\Users\aloisio\Desktop\EBERICK Task: {A973C9DA-1204-4AAD-ACE8-F4D8DCD8FA3E} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [38456 2010-09-27] (Hewlett-Packard Company -> ) Task: {D48AAFAF-A531-4FC6-A61E-175231ED4323} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-09-12] (Adobe Inc. -> Adobe) Task: {E74EB8A8-1449-4A5A-82B2-134D4D995F50} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(2): %windir%\system32\rundll32.exe -> aepdu.dll,AePduRunUpdate -nolegacy Task: {E74EB8A8-1449-4A5A-82B2-134D4D995F50} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => Command(3): %windir%\system32\rundll32.exe -> appraiser.dll,DoScheduledTelemetryRun Task: {FB20D6C2-D2BB-4450-90B8-54EA7E09936E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-01] (Google Inc -> Google LLC) Task: {FDA571C3-8C33-4BDF-B105-939DD6E7BCF7} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3941360438-1443855348-3531779757-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{BAF74467-C95B-4948-9BA8-5F82523B57B9}: [NameServer] 185.130.104.222,185.4.65.4,116.203.6.218,185.4.64.13 Tcpip\..\Interfaces\{BAF74467-C95B-4948-9BA8-5F82523B57B9}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{BD793A28-9F9A-43A1-9FFB-B2667DD06826}: [NameServer] 185.130.104.222,185.4.65.4,116.203.6.218,185.4.64.13,200.165.132.155 Tcpip\..\Interfaces\{FDB52E3C-1E74-416E-9EDB-615B4AD05B5F}: [NameServer] 185.130.104.222,185.4.65.4,116.203.6.218,185.4.64.13 Tcpip\..\Interfaces\{FDB52E3C-1E74-416E-9EDB-615B4AD05B5F}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3941360438-1443855348-3531779757-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com.br/ HKU\S-1-5-21-3941360438-1443855348-3531779757-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ca.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms} SearchScopes: HKLM -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/706-111074-26712-0/4?satitle={searchTerms}&mfe=Notebooks SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ca.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKLM-x32 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/706-111074-26712-0/4?satitle={searchTerms}&mfe=Notebooks SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-3941360438-1443855348-3531779757-1000 -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-3941360438-1443855348-3531779757-1000 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://ca.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF SearchScopes: HKU\S-1-5-21-3941360438-1443855348-3531779757-1000 -> {d944bb61-2e34-4dbf-a683-47e505c587dc} URL = hxxp://rover.ebay.com/rover/1/706-111074-26712-0/4?satitle={searchTerms}&mfe=Notebooks SearchScopes: HKU\S-1-5-21-3941360438-1443855348-3531779757-1000 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://br.search.yahoo.com/search?p={searchTerms}&fr=mkg028 SearchScopes: HKU\S-1-5-21-3941360438-1443855348-3531779757-1000 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation) BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Incorporated) BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> No File BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11] (Shanghai Comet Network Technology -> BitComet) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-19] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\PROGRAM FILES (X86)\GBPLUGIN\gbiehcef.dll [2016-07-25] (GAS INFORMATICA LTDA -> Caixa Economica Federal) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540007} -> C:\Program Files (x86)\GbPlugin\gbiehabn.dll [2013-06-28] (BANCO SANTANDER BRASIL S.A. -> Banco Real) BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Program Files (x86)\GbPlugin\gbiehuni.dll [2013-11-22] (BANCO ITAU S/A -> Banco Itaú Unibanco) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-19] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKU\S-1-5-21-3941360438-1443855348-3531779757-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File FireFox: ======== FF DefaultProfile: 35sw2l2w.default FF ProfilePath: C:\Users\aloisio\AppData\Roaming\Mozilla\Firefox\Profiles\35sw2l2w.default [2019-10-05] FF user.js: detected! => C:\Users\aloisio\AppData\Roaming\Mozilla\Firefox\Profiles\35sw2l2w.default\user.js [2019-06-16] FF Homepage: Mozilla\Firefox\Profiles\35sw2l2w.default -> google.com FF Extension: (United States English Spellchecker) - C:\Users\aloisio\AppData\Roaming\Mozilla\Firefox\Profiles\35sw2l2w.default\Extensions\en-US@dictionaries.addons.mozilla.org.xpi [2018-11-28] FF Extension: (Video Speed Controller) - C:\Users\aloisio\AppData\Roaming\Mozilla\Firefox\Profiles\35sw2l2w.default\Extensions\{7be2ba16-0f1e-4d93-9ebc-5164397477a9}.xpi [2019-03-04] FF Extension: (Adblock Plus - bloqueador de anúncios grátis) - C:\Users\aloisio\AppData\Roaming\Mozilla\Firefox\Profiles\35sw2l2w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-08-24] FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext => not found FF HKU\S-1-5-21-3941360438-1443855348-3531779757-1000\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E886D}] - C:\Users\aloisio\AppData\Local\GAS Tecnologia\GBBD\cef\xpi FF Extension: (GBBD Caixa Economica Federal) - C:\Users\aloisio\AppData\Local\GAS Tecnologia\GBBD\cef\xpi [2015-06-19] [Legacy] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-12] (Adobe Inc. -> ) FF Plugin: @java.com/DTPlugin,version=1.6.0_39 -> C:\Windows\system32\npdeployJava1.dll [2013-03-17] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.) FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] (Microsoft Corporation -> Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-12] (Adobe Inc. -> ) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll [2013-10-25] (Adobe Systems, Inc.) [File not signed] FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-19] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-19] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File] FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File] FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [No File] FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [No File] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-01] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-01] (Google Inc -> Google LLC) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File] FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems, Incorporated -> Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3941360438-1443855348-3531779757-1000: gastecnologia.com.br/sf/cef -> C:\Users\aloisio\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-02-23] (Caixa Econômica Federal -> GAS Tecnologia) Chrome: ======= CHR Profile: C:\Users\aloisio\AppData\Local\Google\Chrome\User Data\Default [2019-10-05] CHR Extension: (Apresentações) - C:\Users\aloisio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-01] CHR Extension: (Documentos) - C:\Users\aloisio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-01] CHR Extension: (Google Drive) - C:\Users\aloisio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-01] CHR Extension: (YouTube) - C:\Users\aloisio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-01] CHR Extension: (Planilhas) - C:\Users\aloisio\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-01] CHR Extension: (Documentos Google off-line) - C:\Users\aloisio\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-28] CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\aloisio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-01] CHR Extension: (Gmail) - C:\Users\aloisio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-01] CHR Extension: (Chrome Media Router) - C:\Users\aloisio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-28] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203264 2010-09-30] (Microsoft Windows Hardware Compatibility Publisher -> AMD) S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-15] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) S4 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (Shanghai Comet Network Technology -> www.BitComet.com) R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [631520 2016-07-25] (GAS INFORMATICA LTDA -> GAS Tecnologia) R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [358264 2019-08-07] (HP Inc. -> HP Inc.) R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-08-16] (Hewlett-Packard Company) [File not signed] R2 Servidor de hardlocks de rede; C:\CYPE Ingenieros\Versão 2012\servipas\servcpas.exe [98304 2012-05-15] () [File not signed] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644144 2018-07-23] (TeamViewer GmbH -> TeamViewer GmbH) R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [925744 2016-06-23] (GAS INFORMATICA LTDA -> GAS Tecnologia LTDA) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation) S2 KMService; no ImagePath S2 WMPNetworkSvc; no ImagePath ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 AIDA64Driver; no ImagePath R2 aksdf; C:\Windows\System32\DRIVERS\aksdf.sys [65024 2006-12-13] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.) R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [90240 2006-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.) R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [18688 2006-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.) R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [7767552 2010-09-30] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.) R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [279040 2010-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [73856 2010-05-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [28800 2010-05-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Windows -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL) R3 athr; C:\Windows\System32\DRIVERS\athrx.sys [3678720 2012-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.) R0 AtiPcie; C:\Windows\System32\DRIVERS\AtiPcie64.sys [16440 2010-06-17] (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-05-15] (Avira Operations GmbH & Co. KG -> Avira GmbH) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-05-15] (Avira Operations GmbH & Co. KG -> Avira GmbH) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2011-09-16] (Avira Operations GmbH & Co. KG -> Avira GmbH) S3 catchme; no ImagePath R3 clwvd; C:\Windows\System32\DRIVERS\clwvd.sys [31088 2010-09-29] (CyberLink -> CyberLink Corporation) S0 GbpKm; C:\Windows\SysWOW64\drivers\GbpKm.sys [47192 2012-12-04] (GAS INFORMATICA LTDA -> GAS Tecnologia) R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-03] (GAS INFORMATICA LTDA -> GAS Tecnologia) R2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [314368 2006-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Aladdin Knowledge Systems Ltd.) S3 hwdatacard; C:\Windows\System32\DRIVERS\ZDDriver.sys [122496 2010-01-20] (Microsoft Windows Hardware Compatibility Publisher -> ZD Secret Incorporated) S3 MBAMSwissArmy; no ImagePath R2 multikey; C:\Windows\System32\DRIVERS\multikey.sys [76040 2013-05-12] (上海域联软件技术有限公司 -> Chingachguk & Denger2k (Elite & SP edition)) S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Microsoft Windows Hardware Compatibility Publisher -> Primax Ltd) R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc. -> SafeNet, Inc.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [560184 2012-07-04] (Duplex Secure Ltd -> Duplex Secure Ltd.) S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL6.SYS [292864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV6.SYS [1485312 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT6.SYS [740864 2009-06-10] (Microsoft Windows -> Conexant Systems, Inc.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Apple, Inc.) [File not signed] R3 usbfilter; C:\Windows\System32\DRIVERS\usbfilter.sys [38528 2010-04-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2014-09-02] (GAS INFORMATICA LTDA -> GAS Tecnologia LTDA) R1 wsddfac; C:\Windows\System32\drivers\wsddfac.sys [101080 2019-10-05] (GAS INFORMATICA LTDA -> GAS Tecnologia) R1 wsddntf; C:\Windows\System32\DRIVERS\wsddntf.sys [36984 2016-06-16] (GAS INFORMATICA LTDA -> GAS Tecnologia) S1 wsddpp; C:\Windows\system32\drivers\wsddpp.sys [97376 2016-06-08] (GAS INFORMATICA LTDA -> GAS Tecnologia) S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X] S1 gbpddfac; system32\drivers\gbpddfac64.sys [X] S0 gbpddreg; system32\drivers\gbpddreg64.sys [X] S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X] S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X] S3 motandroidusb; System32\Drivers\motoandroid.sys [X] S3 motccgp; system32\DRIVERS\motccgp.sys [X] S3 motccgpfl; system32\DRIVERS\motccgpfl.sys [X] S3 motmodem; system32\DRIVERS\motmodem.sys [X] S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X] S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X] S3 motport; system32\DRIVERS\motport.sys [X] S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X] S3 MsgPlusDriver; system32\DRIVERS\MsgPlusDriver.sys [X] S1 YjhkYTY0MGU2NjQ5; system32\drivers\YjhkYTY0MGU2NjQ5.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Three months (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-10-05 21:14 - 2019-10-05 21:27 - 000032452 _____ C:\Users\aloisio\Downloads\FRST.txt 2019-10-05 21:12 - 2019-10-05 21:22 - 000000000 ____D C:\FRST 2019-10-05 21:12 - 2019-10-05 21:12 - 001615360 _____ (Farbar) C:\Users\aloisio\Downloads\FRST64.exe 2019-10-04 16:26 - 2019-10-04 16:26 - 000770189 _____ C:\Users\aloisio\Downloads\Títulos de crédito-modelos, definições, notas especiais e endosso-MMM.pdf 2019-10-04 16:26 - 2019-10-04 16:26 - 000537536 _____ C:\Users\aloisio\Downloads\Direito Empresarial II-Títulos de Crédito-Introdução.pdf 2019-10-04 16:26 - 2019-10-04 16:26 - 000206319 _____ C:\Users\aloisio\Downloads\Noções introdutórias-MMM.pdf 2019-10-04 16:26 - 2019-10-04 16:26 - 000104181 _____ C:\Users\aloisio\Downloads\Lei Uniforme de Genebra - decreto 57.663-1966.pdf 2019-10-03 18:52 - 2019-10-03 18:52 - 003980316 _____ C:\Users\aloisio\Downloads\Alexandre Cebrian e Victor Eduardo Rios Gonçalves - 2019 - Direito Processual Penal Esquematizado®-2.pdf 2019-10-03 18:52 - 2019-10-03 18:52 - 003265378 _____ C:\Users\aloisio\Downloads\CADERNO DE PROCESSO PENAL - PARTE I 2019.pdf 2019-10-03 18:45 - 2019-10-03 18:46 - 005886297 _____ C:\Users\aloisio\Downloads\DIREITO PENAL PARTE ESPECIAL ESQUEMATIZADO 2016 PDF_20950640.pdf 2019-09-30 17:03 - 2019-09-30 17:03 - 000434312 _____ C:\Users\aloisio\Downloads\regulamentogeral(2).pdf 2019-09-30 17:03 - 2019-09-30 17:03 - 000434312 _____ C:\Users\aloisio\Downloads\regulamentogeral(1).pdf 2019-09-30 17:02 - 2019-09-30 17:02 - 000434312 _____ C:\Users\aloisio\Downloads\regulamentogeral.pdf 2019-09-29 00:14 - 2019-10-05 16:34 - 000000000 ____D C:\Users\aloisio\AppData\Roaming\Discord 2019-09-29 00:14 - 2019-09-29 00:14 - 000002171 _____ C:\Users\aloisio\Desktop\Discord.lnk 2019-09-29 00:14 - 2019-09-29 00:14 - 000000000 ____D C:\Users\aloisio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc 2019-09-29 00:13 - 2019-09-29 00:14 - 000000000 ____D C:\Users\aloisio\AppData\Local\SquirrelTemp 2019-09-29 00:13 - 2019-09-29 00:14 - 000000000 ____D C:\Users\aloisio\AppData\Local\Discord 2019-09-29 00:11 - 2019-09-29 00:12 - 061370712 _____ (Discord Inc.) C:\Users\aloisio\Downloads\DiscordSetup.exe 2019-09-28 22:17 - 2019-09-28 22:17 - 000648864 _____ C:\Users\aloisio\Downloads\5289-21806-1-PB.pdf 2019-09-21 16:31 - 2019-10-04 13:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2019-09-14 20:13 - 2019-09-14 20:13 - 000663829 _____ C:\Users\aloisio\Downloads\Caderno_Pratica_Civel(1).pdf 2019-09-14 18:44 - 2019-09-14 18:44 - 000123200 _____ C:\Users\aloisio\Downloads\texto_4808744.pdf 2019-09-14 17:24 - 2019-09-14 17:56 - 000000000 ____D C:\Program Files\WiperSoft 2019-09-14 17:24 - 2019-09-14 17:24 - 000000000 ____D C:\Users\aloisio\AppData\Local\CrashRpt 2019-09-14 17:21 - 2019-09-14 17:22 - 011579960 _____ (WiperSoft ) C:\Users\aloisio\Downloads\wipersoft_setup_1_1_1100.exe 2019-09-14 17:09 - 2019-09-14 17:12 - 002427504 _____ (Wiper Software, UAB) C:\Users\aloisio\Downloads\WiperSoft-installer.exe 2019-09-12 18:34 - 2019-09-12 18:34 - 000027350 _____ C:\Users\aloisio\Downloads\RIOJ206748076626_1.pdf 2019-08-31 21:39 - 2019-08-31 21:39 - 000483020 _____ C:\Users\aloisio\Downloads\stj-revista-sumulas-2014_41_capSumula430.pdf 2019-08-31 08:59 - 2019-08-31 08:59 - 000572977 _____ C:\Users\aloisio\Downloads\imm5257e.pdf 2019-08-24 18:51 - 2019-08-24 18:51 - 000485080 _____ C:\Users\aloisio\Downloads\8o PERÍODO.pdf 2019-08-17 20:40 - 2019-08-17 20:40 - 000030754 _____ C:\Users\aloisio\Downloads\SANSÕES PREVISTA PARA OS ADVOGADOA AULA 04.pdf 2019-08-17 16:06 - 2019-08-17 16:06 - 000038812 _____ C:\Users\aloisio\Downloads\rn 262.pdf 2019-08-17 15:42 - 2019-08-17 15:42 - 002838753 _____ C:\Users\aloisio\Downloads\OrozimboNonato.pdf 2019-08-17 12:31 - 2019-08-17 12:31 - 001647311 _____ C:\Users\aloisio\Downloads\Fundo_Saude_Aposentados 2019-08-17 10:35 - 2019-08-17 10:35 - 001647311 _____ C:\Users\aloisio\Downloads\Fundo_Saude_Aposentados.pdf 2019-08-16 18:12 - 2019-08-16 18:12 - 000748211 _____ C:\Users\aloisio\Downloads\DFs-FSFX-2017.pdf 2019-08-16 18:10 - 2019-08-16 18:10 - 003681431 _____ C:\Users\aloisio\Downloads\USISAUDE_MANUAL_USIMINAS.pdf 2019-08-16 18:10 - 2019-08-16 18:10 - 003681431 _____ C:\Users\aloisio\Downloads\USISAUDE_MANUAL_USIMINAS(1).pdf 2019-08-16 16:52 - 2019-08-17 18:34 - 000000000 ____D C:\Users\aloisio\Documents\Direito 2019-08-16 16:48 - 2019-08-16 16:49 - 020398345 _____ C:\Users\aloisio\Downloads\STJ_201800574856_1_integra(1).pdf 2019-08-15 20:04 - 2019-08-15 20:04 - 000064005 _____ C:\Users\aloisio\Downloads\285441136-Direito-Tributario-Aliomar-Baleeiro.pdf 2019-08-15 20:00 - 2019-08-15 20:00 - 000445567 _____ C:\Users\aloisio\Downloads\cp038913.pdf 2019-08-15 19:58 - 2019-08-15 19:58 - 003097238 _____ C:\Users\aloisio\Downloads\2003-Direito-Tributario-Brasileiro-Luciano-Amaro-Ed-20-2014(2).pdf 2019-08-15 19:58 - 2019-08-15 19:58 - 003097238 _____ C:\Users\aloisio\Downloads\2003-Direito-Tributario-Brasileiro-Luciano-Amaro-Ed-20-2014(1).pdf 2019-08-06 22:53 - 2019-08-06 22:53 - 000902522 _____ C:\Users\aloisio\Downloads\stj-revista-sumulas-2009_6_capSumula84.pdf 2019-08-06 22:53 - 2019-08-06 22:53 - 000902522 _____ C:\Users\aloisio\Downloads\stj-revista-sumulas-2009_6_capSumula84(2).pdf 2019-08-06 22:53 - 2019-08-06 22:53 - 000902522 _____ C:\Users\aloisio\Downloads\stj-revista-sumulas-2009_6_capSumula84(1).pdf 2019-08-03 09:32 - 2019-08-03 09:33 - 000000000 ____D C:\Users\aloisio\Documents\Cibele 2019-08-03 09:31 - 2019-08-03 09:31 - 000464658 _____ C:\Users\aloisio\Downloads\Apelação - Revisional Contrato Erica.pdf 2019-08-01 21:14 - 2019-08-01 21:14 - 002177526 _____ C:\Users\aloisio\Downloads\OAB_14ED_ONLINE - 9788582422175.pdf 2019-08-01 21:14 - 2019-08-01 21:14 - 001353174 _____ C:\Users\aloisio\Downloads\11_DIREITO TRABALHO_SROAB_7ed.pdf 2019-08-01 21:14 - 2019-08-01 21:14 - 000177857 _____ C:\Users\aloisio\Downloads\ERRATA_Como Passar na OAB_14ED_Constitucional_138.pdf 2019-08-01 19:33 - 2019-08-01 19:35 - 067491348 _____ C:\Users\aloisio\Downloads\wetransfer-78273e.zip 2019-07-27 14:07 - 2019-07-27 14:07 - 000450328 _____ C:\Users\aloisio\Downloads\770e5d6af3008e90e6d9ed7c996ab7fb.pdf 2019-07-25 21:45 - 2019-07-25 21:45 - 000000000 ____D C:\Users\aloisio\AppData\Local\Anki 2019-07-25 21:44 - 2019-07-25 22:50 - 000000000 ____D C:\Users\aloisio\AppData\Roaming\Anki2 2019-07-24 21:42 - 2019-07-24 21:43 - 000000000 ____D C:\Program Files\Anki 2019-07-24 21:42 - 2019-07-24 21:42 - 000000559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anki.lnk 2019-07-24 21:42 - 2019-07-24 21:42 - 000000547 _____ C:\Users\Public\Desktop\Anki.lnk 2019-07-24 21:32 - 2019-07-24 21:34 - 085918088 _____ C:\Users\aloisio\Downloads\anki-2.1.14-windows.exe 2019-07-22 22:49 - 2019-07-22 22:49 - 000725397 _____ C:\Users\aloisio\Downloads\2-termo-de-audiencia-audiencia-criminal-11.pdf 2019-07-22 22:49 - 2019-07-22 22:49 - 000232410 _____ C:\Users\aloisio\Downloads\1-auto-de-prisao-em-flagrante-audiencia-criminal-11.pdf 2019-07-22 22:02 - 2019-07-22 22:02 - 000725871 _____ C:\Users\aloisio\Downloads\1-termo-de-audiencia-audiencia-criminal-10.pdf 2019-07-22 22:02 - 2019-07-22 22:02 - 000231332 _____ C:\Users\aloisio\Downloads\1-auto-de-prisao-em-flagrante-audiencia-criminal-10.pdf 2019-07-22 21:39 - 2019-07-22 21:39 - 000120370 _____ C:\Users\aloisio\Downloads\1-auto-de-prisao-em-flagrante-audiencia-criminal-9.pdf 2019-07-22 21:38 - 2019-07-22 21:38 - 000751098 _____ C:\Users\aloisio\Downloads\2-termo-de-audiencia-audiencia-criminal-9.pdf 2019-07-22 21:14 - 2019-07-22 21:15 - 014660643 _____ C:\Users\aloisio\Downloads\audiencia-instrucao-trabalhista-13-autos-n-0024085-37-2016-5-24-0021.pdf 2019-07-22 21:00 - 2019-07-22 21:00 - 002248833 _____ C:\Users\aloisio\Downloads\0025349-34.2016.5.24.0007.pdf 2019-07-22 20:34 - 2019-07-22 20:34 - 000917600 _____ C:\Users\aloisio\Downloads\0025423-88.2016.5.24.0007.pdf 2019-07-22 18:57 - 2019-07-22 18:57 - 000036756 _____ C:\Users\aloisio\Downloads\criminal.pdf 2019-07-22 18:57 - 2019-07-22 18:57 - 000032799 _____ C:\Users\aloisio\Downloads\trabalhista.pdf 2019-07-22 18:57 - 2019-07-22 18:57 - 000032799 _____ C:\Users\aloisio\Downloads\trabalhista(1).pdf 2019-07-20 16:16 - 2019-07-20 16:16 - 021403201 _____ C:\Users\aloisio\Downloads\0706912-36.2019.8.07.0001(1).pdf 2019-07-20 16:16 - 2019-07-20 16:16 - 008697599 _____ C:\Users\aloisio\Downloads\digitalizar0005.pdf 2019-07-20 16:16 - 2019-07-20 16:16 - 002040232 _____ C:\Users\aloisio\Downloads\digitalizar0004.pdf 2019-07-20 16:16 - 2019-07-20 16:16 - 000229460 _____ C:\Users\aloisio\Downloads\digitalizar0003.pdf 2019-07-20 16:15 - 2019-07-20 16:16 - 020398345 _____ C:\Users\aloisio\Downloads\STJ_201800574856_1_integra.pdf 2019-07-16 21:57 - 2019-07-16 21:57 - 001444509 _____ C:\Users\aloisio\Downloads\bb62dc1462df43fc0f7209a9c24e8d92(1).pdf 2019-07-16 21:21 - 2019-07-16 21:21 - 000998454 _____ C:\Users\aloisio\Downloads\3cbbda0a7c8cc6b9d1659de1533a3192.pdf 2019-07-16 21:19 - 2019-07-16 21:19 - 001444509 _____ C:\Users\aloisio\Downloads\bb62dc1462df43fc0f7209a9c24e8d92.pdf 2019-07-16 20:43 - 2019-07-16 20:43 - 000930708 _____ C:\Users\aloisio\Downloads\f8f43a821346b27b11da619d62d0f7d5.pdf 2019-07-13 23:14 - 2019-07-13 23:14 - 001080793 _____ C:\Users\aloisio\Downloads\FGTS-_orientações-_sem_decisao_STF.pdf ==================== Three months (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-10-05 21:24 - 2010-10-20 02:09 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2019-10-05 16:40 - 2016-11-26 13:02 - 000000000 ____D C:\Users\aloisio\AppData\LocalLow\Mozilla 2019-10-05 16:39 - 2009-07-14 01:45 - 000026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2019-10-05 16:39 - 2009-07-14 01:45 - 000026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2019-10-05 16:33 - 2013-03-17 17:00 - 000000000 ____D C:\ProgramData\GbPlugin 2019-10-05 15:38 - 2018-08-10 15:40 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2019-10-05 15:38 - 2016-01-12 21:23 - 000101080 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\wsddfac.sys 2019-10-05 15:38 - 2013-07-08 13:38 - 000031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\SysWOW64\Drivers\gbpndisrd.sys 2019-10-05 15:38 - 2013-07-08 13:38 - 000010266 _____ C:\Windows\SysWOW64\Drivers\ndisrd.cat 2019-10-05 15:38 - 2013-07-08 13:38 - 000001402 _____ C:\Windows\SysWOW64\Drivers\gas.cer 2019-10-05 15:38 - 2013-03-17 17:00 - 000000000 ____D C:\Program Files (x86)\GbPlugin 2019-10-05 15:37 - 2009-07-14 02:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-10-04 13:29 - 2012-05-19 19:22 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-10-03 18:42 - 2011-08-30 19:41 - 000000000 ____D C:\Users\aloisio\AppData\Local\CrashDumps 2019-09-29 01:00 - 2009-07-14 00:20 - 000000000 ____D C:\Windows\inf 2019-09-29 00:21 - 2011-08-30 19:16 - 000000000 ____D C:\Users\aloisio\Documents\Youcam 2019-09-29 00:19 - 2016-03-22 17:24 - 000000000 ____D C:\Users\aloisio\Documents\FADIPA 2019-09-21 17:06 - 2011-12-08 12:48 - 000000000 ____D C:\Windows\system32\Tasks\Games 2019-09-21 16:21 - 2009-07-14 01:45 - 000451232 _____ C:\Windows\system32\FNTCACHE.DAT 2019-09-14 17:24 - 2011-08-29 20:08 - 000121152 _____ C:\Users\aloisio\AppData\Local\GDIPFONTCACHEV1.DAT 2019-09-14 17:04 - 2018-09-01 14:09 - 000003406 _____ C:\Windows\system32\Tasks\{48C7248B-00CC-C02D-76C0-6E97DE0F8AAD} 2019-09-14 17:04 - 2017-07-15 09:37 - 000003096 _____ C:\Windows\system32\Tasks\{2ABC85F1-9BDF-427A-9AD2-9904EB855698} 2019-09-14 16:55 - 2015-02-27 20:01 - 000000000 ____D C:\Users\aloisio\Downloads\Executáveis de programas 2019-09-14 16:51 - 2018-09-08 00:39 - 000000000 ____D C:\Qoobox 2019-09-14 16:43 - 2012-07-22 21:43 - 000000000 ____D C:\Users\aloisio\AppData\Roaming\TeamViewer 2019-09-14 16:43 - 2011-12-06 21:36 - 000000000 ____D C:\Users\aloisio\AppData\Roaming\Media Player Classic 2019-09-14 16:42 - 2015-01-26 12:54 - 000000000 ____D C:\Windows\Minidump 2019-09-12 18:26 - 2018-04-07 12:18 - 000004462 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier 2019-09-12 18:26 - 2012-05-01 11:09 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2019-09-12 18:26 - 2012-05-01 11:09 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater 2019-09-12 18:26 - 2011-12-19 15:35 - 000000000 ____D C:\Windows\system32\Macromed 2019-09-12 18:26 - 2011-08-31 20:38 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2019-09-07 23:08 - 2012-07-04 14:41 - 000000000 ____D C:\Users\aloisio\AppData\Roaming\BitComet ==================== Files in the root of some directories ================ 2013-03-23 14:47 - 2013-03-23 14:49 - 000000339 _____ () C:\Users\aloisio\AppData\Roaming\net.telestream.producer.xml 2013-04-14 11:01 - 2013-04-14 11:01 - 000000000 _____ () C:\Users\aloisio\AppData\Roaming\TS3Patch.lck 2013-12-15 10:15 - 2013-12-15 10:16 - 000016873 _____ () C:\Users\aloisio\AppData\Roaming\unins001.dat 2013-12-15 10:15 - 2013-12-15 10:15 - 000728225 _____ () C:\Users\aloisio\AppData\Roaming\unins001.exe 2012-02-19 15:33 - 2012-02-19 15:33 - 000018303 _____ () C:\Users\aloisio\AppData\Roaming\UserTile.png 2015-11-17 21:32 - 2015-11-17 21:32 - 000000000 _____ () C:\Users\aloisio\AppData\Roaming\Microsoft\A478.tmp 2018-11-10 11:42 - 2019-03-23 12:11 - 006387208 _____ () C:\Users\aloisio\AppData\Local\dump007.dat 1601-01-03 21:33 - 1601-01-03 21:33 - 000186368 ____N (Microsoft Corporation) C:\Users\aloisio\AppData\Local\ipubEANAhI.exe 2014-03-27 23:34 - 2014-03-27 23:34 - 000000017 _____ () C:\Users\aloisio\AppData\Local\resmon.resmoncfg 2018-09-01 14:08 - 2018-09-01 14:08 - 000000003 _____ () C:\Users\aloisio\AppData\Local\wbem.ini ==================== FLock ================ 2018-09-23 14:16 C:\Users\aloisio\AppData\Local\backup_log 2018-09-26 19:01 C:\Users\aloisio\AppData\Local\Canon Network Tool 2018-09-29 21:29 C:\Users\aloisio\AppData\Local\Canon Network Tool_rt 2018-09-08 09:22 C:\Users\aloisio\AppData\Local\Media Network Sharing 2018-09-11 08:28 C:\Users\aloisio\AppData\Local\NTUSER.DAT 2018-09-15 11:04 C:\Users\aloisio\AppData\Local\PortableApps.com ==================== FCheck ================================ (If an entry is included in the fixlist, the file/folder will be moved.) FCheck: C:\Windows\SysWOW64\Drivers\ati2xhxx.sys [2019-01-13] <==== ATTENTION (zero byte File/Folder) FCheck: C:\Windows\SysWOW64\Drivers\clbdriver.sys [2018-11-15] <==== ATTENTION (zero byte File/Folder) FCheck: C:\Windows\SysWOW64\Drivers\msliksurserv.sys [2019-01-13] <==== ATTENTION (zero byte File/Folder) ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) LastRegBack: 2019-09-30 17:43 ==================== End of FRST.txt ============================