Ir ao conteúdo
  • Cadastre-se
jones awoki limas

Aba abre sozinha nesta página http://trapflayb-bs.ru/wfb/rtk/ckwn

Recommended Posts

Olá,

 

Toda vez que abro meu navegador e clico em qualquer janela pop-up, ela me direciona para este um site que em seguida me redireciona para este: http://trapflayb-bs.ru/wfb/rtk/ckwn

Não consigo copiar o primeiro pois é muito rápido. As vezes ela abre sozinha sem clicar em nada.

 

Agradeço a ajuda!!!

ZA-Scan.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @jones awoki limas

 

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

 

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Respeite a ordem das instruções passadas.

Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

 

# Etapa nº 1 #
 
Baixe o AdwCleaner e salve em sua Área de trabalho (Desktop)

Execute o arquivo adwcleaner.exe

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Clique na aba Opções e deixe marcado apenas "Restaurar Políticas do IE" e "Restaurar Políticas do Chrome"
  • Clique no botão Verificar e aguarde o exame finalizar.
  • Clique no botão Limpar.
  • Abrirá um bloco de notas com o resultado.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.
  • O log também será salvo em C:\AdwCleaner


NOTA: Se o AdwCleaner encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC. Faça isso imediatamente, ao ser perguntado se quer reiniciar.
 
# Etapa nº 2 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Junkware Removal Tool (JRT) e salve em sua Área de trabalho (Desktop)

 

Clique duas vezes para executar o jrt.exe.
 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • A ferramenta começará o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Ao final um log se abrirá. Será salvo no desktop com o nome de JRT.txt.
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 
# Etapa nº 3 #
 
Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Faça o download do ZHPCleaner e salve em sua Área de trabalho (Desktop)

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png

  • Clique no botão Scanner.
  • A ferramenta começara o exame do seu sistema.
  • Tenha paciência pois pode demorar um pouco dependendo da quantidades de itens a examinar.
  • Em seguida clique no botão Reparar.
  • Será gerado um log chamado ZHPCleaner.txt
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite Moicano

 

Segue relatório:

# AdwCleaner v5.013 - Relatório criado 17/10/2015 às 18:43:17
# Atualizado 09/10/2015 por Xplode
# Banco de dados : 2015-10-16.1 [Servidor]
# Sistema operacional : Windows 8.1 Single Language  (x64)
# Usuário : Vanessa Musso - VANESSA
# Executando de : C:\Users\Vanessa Musso\Downloads\adwcleaner_5.013.exe
# Opção : Limpar
# Apoio : hxxp://toolslib.net/forum

***** [ Serviços ] *****


***** [ Pastas ] *****

[-] Pasta Excluído : C:\Program Files (x86)\Cheapster
[-] Pasta Excluído : C:\Users\Vanessa Musso\AppData\Local\Gameo
[-] Pasta Excluído : C:\Users\Vanessa Musso\AppData\Roaming\Gameo

***** [ Arquivos ] *****

[-] Arquivo Excluído : C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage
[-] Arquivo Excluído : C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_cdncache-a.akamaihd.net_0.localstorage-journal
[-] Arquivo Excluído : C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iMesh.lnk
[-] Arquivo Excluído : C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url

***** [ DLLs ] *****


***** [ Atalhos ] *****

[-] Atalho Desinfectado : C:\Users\Vanessa Musso\Desktop\BAckup jones 2\Documents and Settings\All Users\Desktop\Google Chrome.lnk
[-] Atalho Desinfectado : C:\Users\Vanessa Musso\Desktop\BAckup jones 2\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk

***** [ Tarefas agendadas ] *****


***** [ Registro ] *****

[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
[-] Chave Excluída : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
[-] Chave Excluída : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
[-] Chave Excluída : HKLM\SOFTWARE\Classes\iMesh.AudioCD
[-] Chave Excluída : HKLM\SOFTWARE\Classes\iMesh.Device
[-] Chave Excluída : HKLM\SOFTWARE\Classes\iMesh.file
[-] Chave Excluída : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMPlayCDAudioOnArrival
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMRipCDAudioOnArrival
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowCDAudioOnArrival
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival
[-] Chave Excluída : HKLM\SOFTWARE\Classes\WMHelperiMesh.WMHelper
[-] Chave Excluída : HKLM\SOFTWARE\Classes\WMHelperiMesh.WMHelper.1
[-] Valor Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Cheapster]
[-] Chave Excluída : HKLM\SOFTWARE\Classes\iMesh.LauncherEventHandler
[-] Chave Excluída : HKLM\SOFTWARE\Classes\iMesh.LauncherEventHandler.1
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.WMD\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.wmx\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AudioCD\shell\PlayWithiMesh
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.AAC\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.aifc\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.ape\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.au\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.cda\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.flv\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.m1v\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.m4e\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.midi\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.mkv\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.mp2\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.mp3\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.mpa\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.mpeg\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.mpv2\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.ram\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.rmi\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.snd\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.vob\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\.wm\OpenWithList\iMesh.exe
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\{969D2C61-9B16-407C-86B7-397BF4579BE6}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{363F46BE-27B4-4C8D-99E7-B1E049B84376}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{90A9B7D2-3794-45EA-9E23-140E3938D2D9}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{A753A1EC-973E-4718-AF8E-A3F554D45C44}
[-] Chave Excluída : HKLM\SOFTWARE\Classes\CLSID\{02AFA80F-4BEE-41FD-8572-214B58A9EF90}
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
[-] Chave Excluída : HKCU\Software\1ClickDownload
[-] Chave Excluída : HKCU\Software\Imesh
[-] Chave Excluída : HKCU\Software\InstallCore
[-] Chave Excluída : HKCU\Software\UpdateStar
[-] Chave Excluída : HKCU\Software\gameo
[-] Chave Excluída : HKLM\SOFTWARE\Imesh
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
[!] Chave Não Excluída : [x64] HKCU\Software\1ClickDownload
[!] Chave Não Excluída : [x64] HKCU\Software\Imesh
[!] Chave Não Excluída : [x64] HKCU\Software\InstallCore
[!] Chave Não Excluída : [x64] HKCU\Software\UpdateStar
[!] Chave Não Excluída : [x64] HKCU\Software\gameo

***** [ Navegadores ] *****

[-] [C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Excluído : br.ask.com
[-] [C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Excluído : funmoods.com
[-] [C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Excluído : hxxp://start.funmoods.com/?f=1&a=ironpub&chnl=ironpub&cd=2XzuyEtN2Y1L1QzutC0CyE0B0DyC0FyDzy0F0Bzy0B0E0AzytN0D0Tzu0StBtAyEtN1L2XzutBtFtCtFtCtFtAtCtB&cr=2004649727

*************************

:: Configurações Winsock restauradas

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7301 bytes] ##########
# AdwCleaner v5.200 - Relatório criado 21/06/2016 às 22:43:21
# Atualizado 14/06/2016 por ToolsLib
# Banco de dados : 2016-06-21.2 [Servidor]
# Sistema operacional : Windows 8.1 Single Language  (X64)
# Usuário : Vanessa Musso - VANESSA
# Executando de : C:\Users\Vanessa Musso\Downloads\adwcleaner_5.200.exe
# Opção : Limpar
# Apoio : https://toolslib.net/forum

***** [ Serviços ] *****

[-] Serviço Excluído : TheCalendarService
[-] Serviço Excluído : 12958ddeab2a21954cedd892344c539e
[-] Serviço Excluído : 7f86ec6cf2b9e7ba1709b7c38baeaae9
[!] Serviço Não Excluído : finevipyzbt

***** [ Pastas ] *****

[-] Pasta Excluído : C:\ProgramData\VideoFetcher
[#] Pasta Excluído : C:\ProgramData\Application Data\VideoFetcher
[-] Pasta Excluído : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Social2Sear
[-] Pasta Excluído : C:\Users\Public\Documents\Guid
[-] Pasta Excluído : C:\Program Files (x86)\CalendarTool
[-] Pasta Excluído : C:\Program Files (x86)\HPDef
[-] Pasta Excluído : C:\Program Files (x86)\003C293C-1466534344-003D-9CE1-3C00D1DF6549
[-] Pasta Excluído : C:\Program Files (x86)\Arikoiedrumition
[-] Pasta Excluído : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\CalendarTool
[#] Pasta Excluído : C:\Users\Vanessa Musso\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
[-] Pasta Excluído : C:\Users\Vanessa Musso\AppData\Roaming\CalendarTool
[-] Pasta Excluído : C:\Users\Vanessa Musso\AppData\Roaming\Nosibay
[-] Pasta Excluído : C:\Users\Vanessa Musso\AppData\Roaming\Store
[-] Pasta Excluído : C:\Users\Vanessa Musso\AppData\Roaming\WTools
[-] Pasta Excluído : C:\Users\Vanessa Musso\AppData\Roaming\ASPackage
[#] Pasta Excluído : C:\Users\Vanessa Musso\AppData\Roaming\store
[-] Pasta Excluído : C:\Users\Vanessa Musso\AppData\Roaming\Checkers
[-] Pasta Excluído : C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASPackage
[-] Pasta Excluído : C:\extensions

***** [ Arquivos ] *****

[-] Arquivo Excluído : C:\Users\Vanessa Musso\AppData\Roaming\Bubble Dock.boostrap.log
[-] Arquivo Excluído : C:\Users\Vanessa Musso\AppData\Roaming\Bubble Dock.installation.log
[-] Arquivo Excluído : C:\Users\Vanessa Musso\AppData\Roaming\Selection Tools.installation.log
[-] Arquivo Excluído : C:\Users\Vanessa Musso\AppData\Roaming\WindApp.boostrap.log
[-] Arquivo Excluído : C:\Users\Vanessa Musso\AppData\Roaming\WindApp.installation.log

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Atalhos ] *****


***** [ Tarefas agendadas ] *****

[-] Tarefa Excluída : Microsoft\Windows\Media Center\VideoFetcher
[-] Tarefa Excluída : Arikoiedrumition Configuration

***** [ Registro ] *****

[-] Valor Excluída : HKCU\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION [Selection Tools.exe]
[-] Chave Excluída : HKCU\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[-] Chave Excluída : HKLM\SOFTWARE\Mozilla\Firefox\{EB52F1AB-3C2B-424F-9794-833C687025CF}
[#] Valor Excluída : HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION [Selection Tools.exe]
[-] Chave Excluída : HKLM\SOFTWARE\Classes\AppID\3045035B-3C14-4698-8AC4-ADB18CC42C1E
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\92ae9452700717afa968b658d06a8656
[-] Chave Excluída : HKLM\SOFTWARE\Classes\iMesh
[-] Chave Excluída : HKLM\SOFTWARE\Classes\IMWeb.IMWebControl.1
[-] Chave Excluída : HKCU\Software\APN PIP
[-] Chave Excluída : HKCU\Software\GoldenGate
[-] Chave Excluída : HKCU\Software\Nosibay
[-] Chave Excluída : HKCU\Software\Store
[-] Chave Excluída : HKCU\Software\WajIEnhance
[-] Chave Excluída : HKCU\Software\WTools
[-] Chave Excluída : HKCU\Software\MICROSOFT\OTUT
[-] Chave Excluída : HKLM\SOFTWARE\Social2Sear
[-] Chave Excluída : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Chave Excluída : HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASPackage
[-] Chave Excluída : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
[-] Chave Excluída : [x64] HKLM\SOFTWARE\CALENDARTOOL
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Social2Sear
[-] Chave Excluída : [x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Chave Excluída : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D9BAB2C9-5236-48c3-AF02-67E799F09BBD}
[-] Chave Excluída : HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
[-] Valor Excluída : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{925C89E4-0B57-41B3-B4E9-63CE3E550F9D}]
[-] Chave Excluída : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Chave Excluída : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\televisionfanatic.dl.tb.ask.com
[-] Valor Excluída : HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [Cheapster]
[-] Valor Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Selection Tools]
[#] Valor Excluída : HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Windows\CurrentVersion\Run [Selection Tools]
[-] Valor Excluída : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WindApp]
[#] Valor Excluída : HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Windows\CurrentVersion\Run [WindApp]

***** [ Navegadores ] *****


*************************

:: Chaves "Tracing" excluídas
:: Configurações Winsock restauradas

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [13071 bytes] - [17/10/2015 18:43:17]
C:\AdwCleaner\AdwCleaner[S1].txt - [13712 bytes] - [17/10/2015 18:31:39]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [13219 bytes] ##########
 

 

 

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite Moicano 2 relatório:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.6 (04.25.2016)
Operating System: Windows 8.1 Single Language x64 
Ran by Vanessa Musso (Administrator) on 21/06/2016 at 23:53:19,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


File System: 1 

Successfully deleted: C:\ProgramData\Start Menu\Programs\(default) (Folder) 

Registry: 0 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22/06/2016 at  0:07:12,23
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite Moicano segue terceiro relatório:

 

~ ZHPCleaner v2016.6.18.75 by Nicolas Coolman (2016/06/18)
~ Run by Vanessa Musso (Administrator)  (22/06/2016 01:42:56)
~ Site : http://www.nicolascoolman.com
~ Facebook : https://www.facebook.com/nicolascoolman1
~ State version : Version OK
~ Type : Reparo
~ Report : C:\Users\Vanessa Musso\Desktop\ZHPCleaner.txt
~ Quarantine : C:\Users\Vanessa Musso\AppData\Roaming\ZHP\ZHPCleaner_Quarantine.txt
~ UAC : Activate
~ Boot Mode : Normal (Normal boot)
Windows 8.1 Single Language, 64-bit  (Build 9600)


---\\  Serviços (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Navegadores de Internet (1)
SUPRIMIDO dados: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride [Bad : <local>]  =>Hijacker.Proxy


---\\  Arquivo hosts (1)
~ O arquivo hosts é legítimo (32)


---\\  Tarefas automáticas agendadas. (0)
~ Nenhum ítem malicioso o desnecessários foi encontrado.


---\\  Explorer ( Arquivos, Pastas) (20)
MOVIDO pasta: C:\Users\Vanessa Musso\AppData\Roaming\unins000.exe [ - Setup/Uninstall]  =>PUP.Optional.Pirrit
MOVIDO pasta: C:\Windows\Prefetch\BUBBLE DOCK UNINSTALL.EXE-39E98FD5.pf    =>PUP.Optional.BubbleDock
MOVIDO pasta: C:\Windows\Prefetch\BUBBLE DOCK UNINSTALL.EXE-50FE8AE8.pf    =>PUP.Optional.BubbleDock
MOVIDO pasta: C:\Windows\Prefetch\KMSPICO_SETUP.TMP-D0ACF0F1.pf    =>HackTool.KMSpico
MOVIDO pasta: C:\Windows\Prefetch\SELECTION TOOLS UNINSTALL.EXE-4B9682EB.pf    =>.Superfluous.Nosibay
MOVIDO pasta: C:\Windows\Prefetch\SELECTION TOOLS UNINSTALL.EXE-8B69BAC9.pf    =>.Superfluous.Nosibay
MOVIDO pasta: C:\Users\Vanessa Musso\Downloads\Microsoft Toolkit 2.5.2.exe [CODYQX4 - Microsoft Toolkit]  =>HackTool.WinActivator
MOVIDO pasta: C:\Users\Vanessa Musso\AppData\Local\Temp\component.exe [Nosibay - ]  =>.Superfluous.Nosibay
MOVIDO pasta: C:\Users\Vanessa Musso\AppData\Local\Temp\562016205032\Bubble Dock Uninstall.exe [Nosibay - Bubble Dock Uninstaller]  =>.Superfluous.Nosibay
MOVIDO pasta: C:\Users\Vanessa Musso\AppData\Local\Temp\562016204800\Selection Tools Uninstall.exe [Nosibay - Selection Tools Uninstaller]  =>.Superfluous.Nosibay
MOVIDO pasta: C:\Users\Vanessa Musso\AppData\Local\Temp\562016204539\WindApp Uninstall.exe [Nosibay - WindApp Uninstaller]  =>.Superfluous.Nosibay
MOVIDO pasta: C:\Users\Vanessa Musso\AppData\Local\Microsoft\Windows\INetCache\IE\3FPKEN7M\downloader.64470[1].exe [Nosibay - ]  =>.Superfluous.Nosibay
MOVIDO pasta: C:\Users\Vanessa Musso\AppData\Local\Microsoft\Windows\INetCache\IE\14FV6FCM\64644.WindApp.MON001.no[1].exe [Nosibay - WindApp Installer]  =>.Superfluous.Nosibay
MOVIDO pasta: C:\Users\Vanessa Musso\AppData\Local\Temp\kolsrcienas.ru_BR.exe    =>.Superfluous.HPDefender
MOVIDO pasta: C:\Windows\SECOH-QAD.exe    =>HackTool.KMSpico
MOVIDO pasta: C:\Program Files\KMSpico\Service_KMS.exe [@ByELDI - Service_KMS]  =>HackTool.KMSpico
MOVIDO arquivo: C:\Program Files\KMSpico  =>HackTool.KMSpico
MOVIDO arquivo: C:\ProgramData\Microsoft Toolkit  =>HackTool.AutoKMS
MOVIDO arquivo: C:\Users\Vanessa Musso\Music\iMesh  =>.Superfluous.iMesh
MOVIDO arquivo: C:\WINDOWS\Installer\MSIDC7A.tmp-  =>Empty


---\\  Registro ( Chaves, Valores, Dados ) (13)
SUPRIMIDO chave*: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\static.audienceinsights.net [43]  =>.Superfluous.AudienceInsights
SUPRIMIDO chave*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\download.televisionfanatic.com [34]  =>PUP.Optional.TelevisionFanatic
SUPRIMIDO chave*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\gameoapp.com [23]  =>.Superfluous.IronSourceLtd
SUPRIMIDO chave*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.audienceinsights.net [43]  =>.Superfluous.AudienceInsights
SUPRIMIDO chave*: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\televisionfanatic.com []  =>PUP.Optional.TelevisionFanatic
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\Applications\iMesh.exe []  =>.Superfluous.iMesh
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Classes\Applications\iMeshSetup-r7-n-bc.exe []  =>.Superfluous.iMesh
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\DtsEncodeTools []  =>PUP.Optional.WeatherTool
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{42B83415-4DC0-4865-B415-B5086A095B16} [hohosearch - Uninstall]  =>.Superfluous.HohoSearch
SUPRIMIDO chave*: [X64] HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} [Google Inc.]  =>Heuristic.Suspect
SUPRIMIDO chave*: HKCU\SOFTWARE\BEE455E05AB58B26FB17EBA0AA038663 []  =>Hijacker.Browser
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{D2E41F1A-3B70-4D26-B628-B83D2E5CF327} [C:\Program Files\KMSpico\Service_KMS.exe]  =>HackTool.KMSpico
SUPRIMIDO valor: HKLM\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\firewallRules\\{1386016E-54FA-4C84-92A0-BC11DC3F8740} [C:\Program Files\KMSpico\Service_KMS.exe]  =>HackTool.KMSpico


---\\  Resumo dos elementos encontrados na sua estação de trabalho (16)
https://www.nicolascoolman.info/2016/06/09/pirate-de-serveur-proxy-hijacker-proxy/  =>Hijacker.Proxy
http://www.nicolascoolman.fr/?p=914  =>PUP.Optional.Pirrit
http://www.nicolascoolman.fr/?p=177  =>PUP.Optional.BubbleDock
http://www.nicolascoolman.fr/?p=989  =>HackTool.KMSpico
https://www.nicolascoolman.info/2016/05/03/superfluous-nosibay/  =>.Superfluous.Nosibay
http://www.nicolascoolman.fr/?p=1053  =>HackTool.WinActivator
https://www.nicolascoolman.info/2016/06/05/superfluous-hpdefender/  =>.Superfluous.HPDefender
https://www.nicolascoolman.info/2016/05/04/hacktool-autokms/  =>HackTool.AutoKMS
http://www.nicolascoolman.fr/?p=427  =>.Superfluous.iMesh
http://www.nicolascoolman.fr/?p=5145  =>.Superfluous.AudienceInsights
http://www.nicolascoolman.fr/pup-televisionfanatic/  =>PUP.Optional.TelevisionFanatic
https://www.nicolascoolman.info/2016/05/02/superfluous-ironsourceltd/  =>.Superfluous.IronSourceLtd
http://www.nicolascoolman.fr/pup-optional-weathertool  =>PUP.Optional.WeatherTool
http://www.nicolascoolman.fr/?p=5145  =>.Superfluous.HohoSearch
https://www.nicolascoolman.info/2016/04/22/heuristic-suspect/  =>Heuristic.Suspect
http://www.nicolascoolman.fr/hijacker-browser/  =>Hijacker.Browser


---\\  Dodatkowe oczyszczenie. (16)
~ Chave de registro Tracing Supprimido (16)
~ Remover os relatórios antigos ZHPCleaner. (0)


---\\ Resultado de reparação
Reparação efectuada com sucesso
~ Este navegador está faltando ! (Mozilla Firefox)
~ Este navegador está faltando ! (Opera Software)


---\\ Estatísticas
~ Items scan : 275
~ Items encontrado : 0
~ items cancelados : 0
~ Items réparo : 34


~ End of clean in 00h00mn30s
~====================
ZHPCleaner-[R]-22062016-01_43_26.txt
ZHPCleaner--22062016-01_38_38.txt
 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @jones awoki limas

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o Farbar Recovery Scan Tool e salve-o na Área de Trabalho (Desktop).


32 bit (x86) ou 64 bit (x64)

 

  • Clique duas vezes para executar a ferramenta.
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Marque a caixa Arquivos 90 dias,  e clique no botão Examinar.
  • Aguarde e ao final os logs FRST.txt e Addition.txt serão salvos em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo do log  FRST.txt em sua próxima resposta.
  • Anexe o log Addition.txt

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia Brother,

 

Segue relatório:

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 20-06-2016 01
Executado por Vanessa Musso (administrador) em VANESSA (22-06-2016 10:53:03)
Executando a partir de C:\Users\Vanessa Musso\Downloads
Perfis Carregados: Vanessa Musso (Perfis Disponíveis: Vanessa Musso)
Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Vanessa Musso\Desktop\FRST64 (2).exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2013-04-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-15] (AVAST Software)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2728472 2014-12-15] (Sony Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [293768 2016-05-29] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-05-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [uTorrent] => C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-13] (BitTorrent Inc.)
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [Facebook Update] => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-11-05] (Facebook Inc.)
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [Cheapsterx64] => "C:\Program Files (x86)\Cheapster\msilnk64.exe"
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Vanessa Musso\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\RunOnce: [Uninstall C:\Users\Vanessa Musso\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vanessa Musso\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918"
ShellExecuteHooks:  - {98C066AB-D735-4339-9E52-A34875141B56} - C:\Users\Vanessa Musso\AppData\Local\Microsoft\Windows\INetCookies\tafuy.dll [418496 2016-06-21] ()
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-24] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-05-29]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Autodesk Product Design Suite 2016 Trial Tray.lnk [2016-05-29]
ShortcutTarget: Autodesk Product Design Suite 2016 Trial Tray.lnk -> C:\Autodesk\Autodesk_PRDSU_2016_TRIAL_PTB_Win_64bit_wi_pt-br\x64\PrdsTrialTray.exe (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Hosts: Há mais de uma entrada no Hosts. Veja a seção Hosts do Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{79691668-B4C3-442D-9421-47D5F024C0C1}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A052614E-CB9A-402A-9C82-788A064AE21D}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://oem.msn.com/?pc=NMJB
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13] (RealDownloader)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-24] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-05] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-24] (AVAST Software)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-05] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-05-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-05-29] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-106726862-4054988722-2312773982-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Vanessa Musso\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-106726862-4054988722-2312773982-1001: gastecnologia.com.br/sf/cef -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-106726862-4054988722-2312773982-1001: gastecnologia.com.br/sf/cef64 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [2014-12-09] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-11]

Chrome: 
=======
CHR HomePage: ChromeDefaultData2 -> hxxp://www.google.com.br/
CHR StartupUrls: ChromeDefaultData2 -> "hxxps://www.google.com.br/"
CHR Profile: C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2
CHR Extension: (Google Apresentações) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Avast SafePrice) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-01-28]
CHR Extension: (Planilhas do Google) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Documentos Google off-line) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Avast Online Security) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-05]
CHR Extension: (MailTrack para Gmail) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2016-06-02]
CHR Extension: (TZWebChartWindow) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmdhbmdklokcmpmcegmbfehjencmbeab [2016-03-05]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-24]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-24] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-24] (Avast Software)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2013-04-08] (Realsil Microelectronics Inc.) [Arquivo não assinado]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-17] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-17] (Intel Corporation)
R2 MySQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [39622144 2016-02-02] () [Arquivo não assinado]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Arquivo não assinado]
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616 2014-11-21] (Microsoft)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [487960 2014-12-15] (Sony Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Arquivo não assinado]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-05-13] ()
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095440 2016-05-29] (RealNetworks, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 ArkconfigurationSrv; "C:\Program Files (x86)\Arikoiedrumition\ArkconfigurationSrv.html5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} [X]
S2 SmgBlds; "C:\Program Files (x86)\Semughdabuck\SmgBlds.xhtm5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} [X]
S2 wonutocezbt; C:\Program Files (x86)\003C293C-1466534344-003D-9CE1-3C00D1DF6549\knssF538.tmp [X]

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-24] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-24] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-15] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-24] (AVAST Software)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-03] (GAS Tecnologia)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-24] (AVAST Software)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-24] (Avast Software)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-03] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S1 eypttfre; \??\C:\WINDOWS\system32\drivers\eypttfre.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S1 lobfjsou; \??\C:\WINDOWS\system32\drivers\lobfjsou.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Três Meses Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-06-22 10:50 - 2016-06-22 10:51 - 02387456 _____ (Farbar) C:\Users\Vanessa Musso\Desktop\FRST64 (2).exe
2016-06-22 10:49 - 2016-06-22 10:50 - 02387456 _____ (Farbar) C:\Users\Vanessa Musso\Downloads\FRST64 (1).exe
2016-06-22 10:48 - 2016-06-22 10:49 - 01738240 _____ (Farbar) C:\Users\Vanessa Musso\Downloads\FRST.exe
2016-06-22 01:43 - 2016-06-22 01:43 - 00006957 _____ C:\Users\Vanessa Musso\Desktop\ZHPCleaner.txt
2016-06-22 00:53 - 2016-06-22 01:43 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\ZHP
2016-06-22 00:53 - 2016-06-22 00:53 - 00000891 _____ C:\Users\Vanessa Musso\Desktop\ZHPCleaner.lnk
2016-06-22 00:50 - 2016-06-22 00:52 - 02272256 _____ C:\Users\Vanessa Musso\Downloads\ZHPCleaner.exe
2016-06-22 00:07 - 2016-06-22 00:07 - 00000645 _____ C:\Users\Vanessa Musso\Desktop\JRT.txt
2016-06-21 23:47 - 2016-06-21 23:48 - 01610816 _____ (Malwarebytes) C:\Users\Vanessa Musso\Downloads\JRT (2).exe
2016-06-21 23:29 - 2016-06-21 23:30 - 01610816 _____ (Malwarebytes) C:\Users\Vanessa Musso\Downloads\JRT (1).exe
2016-06-21 22:52 - 2016-06-21 22:52 - 00002310 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-21 22:52 - 2016-06-21 22:52 - 00002280 _____ C:\Users\Vanessa Musso\Desktop\Google Chrome.lnk
2016-06-21 22:52 - 2016-06-21 22:52 - 00000000 ____D C:\Users\Vanessa Musso\AppData\LocalLow\uTorrent
2016-06-21 20:55 - 2016-06-21 20:55 - 03703360 _____ C:\Users\Vanessa Musso\Downloads\adwcleaner_5.200.exe
2016-06-21 20:32 - 2016-06-21 20:32 - 00002967 _____ C:\Users\Vanessa Musso\Desktop\MakeMoney 10!.lnk
2016-06-21 20:32 - 2016-06-21 20:32 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMoney 10!
2016-06-21 20:32 - 2016-06-21 20:32 - 00000000 ____D C:\Program Files (x86)\MakeMoney 10!
2016-06-21 20:17 - 2016-06-21 20:27 - 29121536 _____ C:\Users\Vanessa Musso\Downloads\Instala.exe
2016-06-21 16:13 - 2016-06-21 16:13 - 00001247 _____ C:\Users\Vanessa Musso\Desktop\Continue Last version Installation.lnk
2016-06-21 15:46 - 2016-06-21 15:50 - 00000000 ____D C:\Program Files (x86)\Reoicult
2016-06-21 15:46 - 2016-06-21 15:48 - 00000000 ____D C:\Program Files (x86)\Ckavesycwoy
2016-06-21 15:46 - 2016-06-21 15:46 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-06-21 15:45 - 2016-06-21 22:51 - 00000000 ____D C:\Program Files (x86)\mpck
2016-06-21 15:34 - 2016-06-21 15:35 - 00000000 ____D C:\Program Files\92ae9452700717afa968b658d06a8656
2016-06-21 15:33 - 2016-06-21 15:33 - 00008942 _____ C:\WINDOWS\System32\Tasks\Semughdabuck Builder
2016-06-21 15:31 - 2016-06-22 10:45 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-06-21 15:31 - 2016-06-22 01:49 - 00000000 ____D C:\Program Files (x86)\Cashrurut
2016-06-21 15:31 - 2016-06-21 22:46 - 00000000 ____D C:\Program Files (x86)\Prurly
2016-06-21 15:31 - 2016-06-21 15:33 - 00000000 ____D C:\Program Files (x86)\Semughdabuck
2016-06-21 15:30 - 2016-06-21 15:30 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\NanoNet
2016-06-21 11:50 - 2016-06-21 11:50 - 00494664 _____ C:\Users\Vanessa Musso\Downloads\Tabela de Preços Albano 05-16.pdf
2016-06-21 08:35 - 2016-06-14 14:13 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-21 08:35 - 2016-06-14 14:13 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-20 20:46 - 2016-06-20 21:06 - 01468513 _____ C:\Users\Vanessa Musso\Desktop\DISTRIBUIDORES E ATACADISTAS VEILING.xlsx
2016-06-20 14:05 - 2016-06-20 14:05 - 00003474 _____ C:\Users\Vanessa Musso\Downloads\comprovante (28).html
2016-06-20 11:43 - 2016-06-20 11:43 - 00142495 _____ C:\WINDOWS\2cdae02d91692a634545c5b4daa18a38.exe
2016-06-20 11:42 - 2016-06-20 11:42 - 00079944 _____ C:\WINDOWS\system32\Drivers\12958ddeab2a21954cedd892344c539e.sys
2016-06-17 18:12 - 2016-06-20 20:37 - 00182042 _____ C:\Users\Vanessa Musso\Downloads\Prospecção Geral.xlsx
2016-06-15 23:32 - 2016-06-15 23:33 - 01216134 _____ C:\Users\Vanessa Musso\Downloads\Guia Prático de Criação de Galinhas - Valdir Rocha.pdf
2016-06-15 23:01 - 2016-06-03 14:11 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-06-15 23:01 - 2016-06-03 10:38 - 01413120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 23:01 - 2016-06-02 14:51 - 00050352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 23:01 - 2016-05-29 12:04 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 23:01 - 2016-05-29 12:04 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-06-15 23:01 - 2016-05-29 12:04 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 23:01 - 2016-05-29 12:04 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 23:01 - 2016-05-29 12:04 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-06-15 23:01 - 2016-05-29 12:04 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 23:01 - 2016-04-14 12:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-15 23:01 - 2016-04-14 12:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-06-15 23:01 - 2016-04-12 12:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 23:01 - 2016-04-12 12:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 23:01 - 2016-01-31 16:17 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2016-06-15 23:01 - 2016-01-31 15:07 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-06-15 23:01 - 2016-01-31 14:42 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-06-15 23:01 - 2016-01-31 14:14 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-06-15 22:52 - 2016-05-21 14:28 - 25802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 22:52 - 2016-05-21 13:57 - 20341248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 22:52 - 2016-05-20 19:02 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 22:52 - 2016-05-20 18:29 - 13815808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 22:52 - 2016-05-20 18:14 - 04610048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 22:52 - 2016-05-20 18:11 - 15420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 22:52 - 2016-05-20 17:46 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 22:52 - 2016-05-20 17:34 - 01544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 22:51 - 2016-05-20 19:09 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 22:51 - 2016-05-20 19:08 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 22:51 - 2016-05-20 18:57 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 22:51 - 2016-05-20 18:55 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-06-15 22:51 - 2016-05-20 18:54 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-06-15 22:51 - 2016-05-20 18:50 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 22:51 - 2016-05-20 18:44 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-06-15 22:51 - 2016-05-20 18:27 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-06-15 22:51 - 2016-05-20 18:25 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-06-15 22:51 - 2016-05-20 18:25 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-06-15 22:51 - 2016-05-20 18:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-06-15 22:51 - 2016-05-20 18:21 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-06-15 22:51 - 2016-05-20 18:19 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-06-15 22:51 - 2016-05-20 18:16 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-06-15 22:51 - 2016-05-20 18:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-06-15 22:51 - 2016-05-20 18:11 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-06-15 22:51 - 2016-05-20 18:09 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 22:51 - 2016-05-20 18:09 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-06-15 22:51 - 2016-05-20 18:08 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-06-15 22:51 - 2016-05-20 18:08 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 22:51 - 2016-05-20 18:06 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-06-15 22:51 - 2016-05-20 17:42 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 22:51 - 2016-05-20 17:38 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 22:51 - 2016-05-20 17:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-06-15 22:51 - 2016-05-20 17:23 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-06-15 22:31 - 2016-05-12 15:38 - 00135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 22:31 - 2016-05-12 14:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2016-06-15 22:31 - 2016-05-12 13:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 22:31 - 2016-05-12 13:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 22:31 - 2016-05-12 13:07 - 01360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 22:31 - 2016-05-12 12:59 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 22:31 - 2016-05-12 12:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 22:31 - 2016-05-12 12:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 22:30 - 2016-05-16 18:13 - 00563016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 22:30 - 2016-05-16 18:13 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 22:30 - 2016-05-16 18:13 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 22:30 - 2016-05-16 18:13 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 22:30 - 2016-05-14 17:01 - 00363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 22:30 - 2016-05-14 17:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 22:30 - 2016-05-13 20:09 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-06-15 22:30 - 2016-05-13 20:07 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 22:30 - 2016-05-13 20:07 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 22:30 - 2016-05-13 20:07 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 22:30 - 2016-05-13 20:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 22:30 - 2016-05-13 19:34 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-06-15 22:30 - 2016-05-13 18:58 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 22:30 - 2016-05-13 18:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-06-15 22:30 - 2016-05-13 18:45 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 22:30 - 2016-05-13 18:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 22:30 - 2016-05-13 18:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 22:30 - 2016-05-09 18:35 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-06-15 22:30 - 2016-05-09 17:56 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-06-15 22:30 - 2016-05-09 17:45 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 22:30 - 2016-05-09 17:23 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 22:30 - 2016-05-06 12:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 22:30 - 2016-05-06 12:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 22:25 - 2016-05-18 02:31 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 22:25 - 2016-05-18 02:31 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 22:25 - 2016-05-13 20:04 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 22:25 - 2016-05-13 19:19 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 22:00 - 2016-05-18 20:15 - 01379040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 21:59 - 2016-05-18 17:35 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-08 01:29 - 2016-01-07 20:42 - 00993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-06-08 01:29 - 2016-01-07 20:42 - 00987848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2016-06-08 01:29 - 2016-01-07 20:42 - 00690016 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-06-08 01:29 - 2016-01-07 20:42 - 00484552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2016-06-08 01:27 - 2016-06-08 01:27 - 00022396 _____ C:\ZA-Scan.txt
2016-06-08 00:28 - 2016-06-08 00:28 - 00000000 ____D C:\zoek_backup
2016-06-08 00:26 - 2016-06-08 00:27 - 01370112 _____ C:\Users\Vanessa Musso\Desktop\ZA-Scan.exe
2016-06-05 20:50 - 2016-06-05 20:51 - 00000920 _____ C:\WINDOWS\SysWOW64\${LOGFILE}
2016-06-05 15:31 - 2016-06-21 15:44 - 00001894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2016-06-05 15:31 - 2016-06-05 20:45 - 00001708 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk
2016-06-05 15:29 - 2016-06-21 15:44 - 00001876 _____ C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk
2016-06-05 15:14 - 2016-06-05 15:14 - 00000000 ____D C:\Users\Todos os Usuários\UniqueId
2016-06-05 15:14 - 2016-06-05 15:14 - 00000000 ____D C:\ProgramData\UniqueId
2016-06-05 14:57 - 2016-06-05 15:01 - 12504256 _____ (Corel Corporation) C:\Users\Vanessa Musso\Downloads\CorelDRAWGraphicsSuiteX8Installer_RW.exe
2016-06-05 12:53 - 2016-06-05 12:53 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2016-06-05 12:53 - 2016-06-05 12:53 - 00027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2016-06-04 13:30 - 2016-06-04 13:30 - 00003140 _____ C:\WINDOWS\System32\Tasks\{C854BB84-73CD-45B7-A5A8-775F01CBF0D0}
2016-06-04 13:10 - 2016-06-05 15:50 - 00000000 ____D C:\Users\Vanessa Musso\Documents\MEGAsync Downloads
2016-06-04 13:09 - 2016-06-08 00:01 - 00000000 ___RD C:\Users\Vanessa Musso\Documents\MEGAsync
2016-06-04 13:03 - 2016-06-04 13:03 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\Mega Limited
2016-06-04 13:00 - 2016-06-04 13:02 - 10645952 _____ (MEGA Limited) C:\Users\Vanessa Musso\Downloads\MEGAsyncSetup.exe
2016-05-30 22:39 - 2016-05-30 22:40 - 05636504 _____ C:\Users\Vanessa Musso\Downloads\[Viver de Blog] 87 Ferramentas Marketing Digital.pdf
2016-05-30 20:11 - 2016-05-30 20:11 - 00000998 _____ C:\Users\Vanessa Musso\Desktop\Cartão de visitaspage2.htm
2016-05-30 20:11 - 2016-05-30 20:11 - 00000689 _____ C:\Users\Vanessa Musso\Desktop\Cartão de visitaspage3.htm
2016-05-30 20:11 - 2016-05-30 20:11 - 00000529 _____ C:\Users\Vanessa Musso\Desktop\Cartão de visitas.htm
2016-05-30 20:11 - 2016-05-30 20:11 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\images
2016-05-29 17:16 - 2016-05-29 17:16 - 00000000 ____D C:\Users\Public\Downloads\Norton
2016-05-29 15:53 - 2016-05-29 16:06 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\Akamai
2016-05-29 15:49 - 2016-05-29 20:47 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\Autodesk
2016-05-29 15:49 - 2016-05-29 20:47 - 00000000 ____D C:\Users\Todos os Usuários\Autodesk
2016-05-29 15:49 - 2016-05-29 20:47 - 00000000 ____D C:\ProgramData\Autodesk
2016-05-29 15:49 - 2016-05-29 15:49 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\Autodesk
2016-05-29 15:48 - 2016-05-29 15:48 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autodesk
2016-05-29 15:48 - 2016-05-29 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64
2016-05-29 15:48 - 2016-05-29 15:48 - 00000000 ____D C:\Program Files\K-Lite Codec Pack x64
2016-05-29 15:48 - 2012-06-09 15:21 - 00206336 _____ C:\WINDOWS\system32\unrar64.dll
2016-05-29 15:48 - 2011-12-07 15:37 - 00148992 _____ ( ) C:\WINDOWS\system32\lagarith.dll
2016-05-29 15:47 - 2016-05-29 15:52 - 00000000 ____D C:\Autodesk
2016-05-29 15:26 - 2016-05-29 15:26 - 00003396 _____ C:\WINDOWS\System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-106726862-4054988722-2312773982-1001
2016-05-29 15:25 - 2016-05-29 15:47 - 82739312 _____ C:\Users\Vanessa Musso\Downloads\Autodesk_PRDSU_2016_TRIAL_PTB_Win_64bit_wi_pt-br_Setup.exe
2016-05-29 15:24 - 2016-05-29 15:24 - 00338296 _____ (Autodesk Inc.) C:\Users\Vanessa Musso\Downloads\Autodesk_PRDSU_2016_TRIAL_PTB_Win_64bit_wi_pt-br_Setup_webinstall.exe
2016-05-29 15:23 - 2016-05-29 15:23 - 00003438 _____ C:\WINDOWS\System32\Tasks\RealDownloader Update Check
2016-05-29 15:04 - 2016-05-29 22:36 - 00000000 ____D C:\Users\Todos os Usuários\Norton
2016-05-29 15:04 - 2016-05-29 22:36 - 00000000 ____D C:\ProgramData\Norton
2016-05-29 15:04 - 2016-05-29 15:04 - 00000000 ____D C:\Users\Todos os Usuários\NortonInstaller
2016-05-29 15:04 - 2016-05-29 15:04 - 00000000 ____D C:\ProgramData\NortonInstaller
2016-05-29 14:56 - 2016-05-29 14:56 - 00003376 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-106726862-4054988722-2312773982-1001
2016-05-29 14:56 - 2016-05-29 14:56 - 00003322 _____ C:\WINDOWS\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-106726862-4054988722-2312773982-1001
2016-05-29 14:56 - 2016-05-29 14:56 - 00001237 _____ C:\Users\Public\Desktop\RealPlayer (RealTimes).lnk
2016-05-29 14:56 - 2016-05-29 14:56 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\RealNetworks
2016-05-29 14:55 - 2016-05-29 14:55 - 00207752 _____ (RealNetworks, Inc.) C:\WINDOWS\SysWOW64\rmoc3260.dll
2016-05-29 14:55 - 2016-05-29 14:55 - 00000000 ____D C:\Users\Todos os Usuários\RealNetworks
2016-05-29 14:55 - 2016-05-29 14:55 - 00000000 ____D C:\ProgramData\RealNetworks
2016-05-29 14:55 - 2016-05-29 14:55 - 00000000 ____D C:\Program Files (x86)\RealNetworks
2016-05-29 14:54 - 2016-05-29 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2016-05-29 14:53 - 2016-05-29 14:56 - 00000000 ____D C:\Program Files (x86)\Real
2016-05-29 14:52 - 2016-06-05 15:33 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\Real
2016-05-29 14:52 - 2016-05-29 14:52 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\Real
2016-05-29 14:09 - 2016-05-29 15:23 - 00000000 ____D C:\Users\Todos os Usuários\Real
2016-05-29 14:09 - 2016-05-29 15:23 - 00000000 ____D C:\ProgramData\Real
2016-05-29 14:07 - 2016-05-29 14:08 - 01092272 _____ (RealNetworks, Inc.) C:\Users\Vanessa Musso\Downloads\RealPlayer_br (1).exe
2016-05-28 15:01 - 2016-05-28 15:01 - 00012725 _____ C:\Users\Vanessa Musso\Downloads\Conspiração.e.Poder.2016.1080p.WWW.BLUDV.COM.torrent
2016-05-25 18:13 - 2016-05-25 18:13 - 00665863 _____ C:\Users\Vanessa Musso\Downloads\Outlook.com.zip
2016-05-25 18:13 - 2016-05-25 18:13 - 00001535 _____ C:\Users\Vanessa Musso\Desktop\Outlook.com - Atalho.lnk
2016-05-22 22:59 - 2016-05-22 22:59 - 03324412 _____ C:\Users\Vanessa Musso\Desktop\o castelo.pdf
2016-05-17 23:02 - 2016-05-17 23:02 - 02201356 _____ C:\Users\Vanessa Musso\Downloads\13-maio.pdf
2016-05-17 22:51 - 2016-05-17 22:52 - 00598700 _____ C:\Users\Vanessa Musso\Downloads\nada-de-novo (1).pdf
2016-05-17 22:51 - 2016-05-17 22:51 - 00598700 _____ C:\Users\Vanessa Musso\Downloads\nada-de-novo.pdf
2016-05-15 20:53 - 2016-05-15 21:27 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\RECEITAS DO AOKI
2016-05-10 20:03 - 2016-03-15 22:58 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-05-10 20:03 - 2016-03-15 22:58 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-05-10 20:03 - 2016-03-14 13:50 - 00316760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2016-05-10 20:03 - 2016-03-11 21:49 - 02466136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-05-10 20:03 - 2016-03-11 21:47 - 00160160 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2016-05-10 20:03 - 2016-03-11 21:47 - 00121912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2016-05-10 20:03 - 2016-03-10 14:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsparse.dll
2016-05-10 20:03 - 2016-03-10 13:55 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-05-10 20:03 - 2016-03-10 13:52 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-05-10 20:03 - 2016-03-10 13:48 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsparse.dll
2016-05-10 20:03 - 2016-03-10 13:42 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-05-10 20:03 - 2016-03-05 14:44 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-05-10 20:03 - 2016-03-05 14:04 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-10 20:03 - 2016-02-27 15:28 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-05-10 20:03 - 2016-02-27 14:57 - 03273728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-05-10 20:03 - 2016-02-27 14:19 - 03820544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-05-10 20:03 - 2016-02-27 13:32 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-05-10 19:35 - 2016-03-31 03:50 - 01307328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-10 19:35 - 2016-03-31 00:40 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-05-10 19:34 - 2016-04-22 16:14 - 00725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-05-10 19:34 - 2016-04-22 15:52 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-05-10 19:32 - 2016-04-10 04:48 - 00738096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-10 19:32 - 2016-04-10 04:48 - 00613624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-05-10 19:32 - 2016-04-10 01:21 - 01763376 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-10 19:32 - 2016-04-10 01:21 - 01489088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-05-10 19:32 - 2016-04-09 18:58 - 00534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-10 19:32 - 2016-04-09 18:50 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-05-10 19:32 - 2016-04-06 18:13 - 00137976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-05-10 19:32 - 2016-04-06 15:20 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-05-10 19:32 - 2016-04-06 15:19 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-05-10 19:32 - 2016-04-06 15:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-05-10 19:32 - 2016-04-06 14:49 - 00120384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-05-10 19:32 - 2016-04-06 13:57 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-05-10 19:32 - 2016-04-06 13:52 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-10 19:32 - 2016-04-06 12:48 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-05-10 19:32 - 2016-03-28 22:42 - 07446368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-10 19:26 - 2016-04-11 03:21 - 00074584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2016-05-10 19:26 - 2016-04-10 02:37 - 01549144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-08 15:21 - 2016-05-22 22:44 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Nova pasta (6)
2016-05-03 19:48 - 2016-05-03 19:57 - 00588596 _____ C:\Users\Vanessa Musso\Desktop\HC Investimentos - como atualizar a cotação de ações pelo excel.xlsm
2016-05-03 19:39 - 2016-05-03 19:39 - 00588281 _____ C:\Users\Vanessa Musso\Downloads\HC Investimentos - como atualizar a cotação de ações pelo excel.xlsm
2016-05-01 19:59 - 2016-05-01 19:59 - 01243459 _____ C:\Users\Vanessa Musso\Downloads\metodo-cr-como-comecar-a-investir.pdf
2016-05-01 19:47 - 2016-05-01 19:48 - 00543499 _____ C:\Users\Vanessa Musso\Downloads\estacio-a-volatilidade-e-amiga-de-quem-tem-paciencia-ligt3-dois-gatilhos-de-7-ja-caminham.pdf
2016-04-30 21:51 - 2016-04-30 21:51 - 00372325 _____ C:\Users\Vanessa Musso\Downloads\socopa_planilhas_v1004_x64 (1).zip
2016-04-30 21:49 - 2016-04-30 21:49 - 00020143 _____ C:\Users\Vanessa Musso\Downloads\socopa_planilhas_demonstracao.xlsx
2016-04-30 21:47 - 2016-04-30 21:48 - 00372325 _____ C:\Users\Vanessa Musso\Downloads\socopa_planilhas_v1004_x64.zip
2016-04-30 21:36 - 2016-04-30 21:36 - 00381023 _____ C:\Users\Vanessa Musso\Downloads\socopa_planilhas_v1004.zip
2016-04-29 19:27 - 2016-04-29 21:50 - 00008509 _____ C:\Users\Vanessa Musso\Desktop\CUSTOS DISK JAPA.xlsx
2016-04-27 00:10 - 2016-04-27 00:10 - 00728211 _____ C:\Users\Vanessa Musso\Downloads\ibovespa-a-200-mil-pontos (2).pdf
2016-04-26 23:43 - 2016-04-26 23:43 - 00218746 _____ C:\Users\Vanessa Musso\Downloads\queremos-um-supercombo.pdf
2016-04-26 23:39 - 2016-04-26 23:39 - 00249119 _____ C:\Users\Vanessa Musso\Downloads\bola-sete-na-cacapa.pdf
2016-04-26 00:39 - 2016-04-26 00:40 - 01874745 _____ C:\Users\Vanessa Musso\Downloads\guerra-de-satelites-o-nascimento-do-proximo-boom-de-defesa.pdf
2016-04-26 00:33 - 2016-04-26 00:33 - 00728211 _____ C:\Users\Vanessa Musso\Downloads\ibovespa-a-200-mil-pontos (1).pdf
2016-04-26 00:33 - 2016-04-26 00:33 - 00356899 _____ C:\Users\Vanessa Musso\Downloads\temporada-de-caca-as-melhores-acoes.pdf
2016-04-26 00:26 - 2016-04-26 00:26 - 00269080 _____ C:\Users\Vanessa Musso\Downloads\light-ligt3-a-vencedora-do-desafio-eletrico.pdf
2016-04-26 00:26 - 2016-04-26 00:26 - 00196648 _____ C:\Users\Vanessa Musso\Downloads\a-incerteza-continua-o-que-faremos (1).pdf
2016-04-26 00:24 - 2016-04-26 00:24 - 00368555 _____ C:\Users\Vanessa Musso\Downloads\nova-recomendacao-compra-de-light-ligt3-preco-teto-de-r970.pdf
2016-04-26 00:01 - 2016-04-26 00:01 - 00024126 _____ C:\Users\Vanessa Musso\Downloads\JSCP e Div (1).xlsx
2016-04-25 23:58 - 2016-04-25 23:58 - 00024126 _____ C:\Users\Vanessa Musso\Downloads\JSCP e Div.xlsx
2016-04-25 23:57 - 2016-04-25 23:57 - 00271655 _____ C:\Users\Vanessa Musso\Downloads\Banrisul - Correspondencia Estado Folha PT.pdf
2016-04-25 23:56 - 2016-04-25 23:56 - 00265171 _____ C:\Users\Vanessa Musso\Downloads\Convite_Agenda_Portugues 1T16.pdf
2016-04-25 23:56 - 2016-04-25 23:56 - 00237597 _____ C:\Users\Vanessa Musso\Downloads\Comunicado ao Mercado - CVM ERGSul.pdf
2016-04-25 23:54 - 2016-04-25 23:54 - 00304021 _____ C:\Users\Vanessa Musso\Downloads\Banrisul_Aviso_aos_Acionistas_JSCP_201_4T2015_03.12(CVM).pdf
2016-04-25 23:52 - 2016-04-25 23:52 - 00061086 _____ C:\Users\Vanessa Musso\Downloads\Banrisul_Comunicado_ao_Mercado_Conversão_de_Ações_2015_12_10.pdf
2016-04-25 23:50 - 2016-04-25 23:50 - 00306337 _____ C:\Users\Vanessa Musso\Downloads\Banrisul_Aviso_aos_Acionistas_JSCP_202_1t2016_(CVM) 10 03 15.pdf
2016-04-23 15:42 - 2016-05-19 22:03 - 00002373 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-04-22 13:01 - 2016-04-22 13:02 - 04959005 _____ C:\Users\Vanessa Musso\Downloads\12-abril.pdf
2016-04-22 12:53 - 2016-04-22 12:54 - 00362790 _____ C:\Users\Vanessa Musso\Downloads\quem-sao-seus-inquilinos.pdf
2016-04-22 12:45 - 2016-04-22 12:45 - 00593069 _____ C:\Users\Vanessa Musso\Downloads\semana-tranquila.pdf
2016-04-22 12:36 - 2016-04-22 12:36 - 00649386 _____ C:\Users\Vanessa Musso\Downloads\ibovespa-a-200-mil-pontos.pdf
2016-04-22 12:32 - 2016-04-22 12:32 - 00196648 _____ C:\Users\Vanessa Musso\Downloads\a-incerteza-continua-o-que-faremos.pdf
2016-04-16 08:43 - 2016-04-16 08:43 - 04708350 _____ C:\Users\Vanessa Musso\Downloads\Novo Catálogo Fiori - .pdf
2016-04-16 00:26 - 2016-04-16 01:03 - 00012219 _____ C:\Users\Vanessa Musso\Downloads\modelo-dre-contaazul.xlsx
2016-04-15 19:04 - 2016-04-15 19:04 - 00000305 _____ C:\Users\Vanessa Musso\Downloads\ATT00001.htm
2016-04-14 22:13 - 2016-04-14 22:45 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Brigadeiros Gourmet
2016-04-14 00:12 - 2016-04-14 00:12 - 00062262 _____ C:\Users\Vanessa Musso\Desktop\aula-como-avaliar-qualquer-acao-em-5-minutos.pdf
2016-04-14 00:09 - 2016-04-16 01:03 - 00000160 _____ C:\Users\Vanessa Musso\Desktop\Novo Documento de Texto (3).txt
2016-04-13 04:29 - 2016-02-02 15:16 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-04-13 04:27 - 2016-03-28 10:21 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-04-13 04:27 - 2016-03-11 11:48 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-04-13 04:27 - 2016-03-10 14:03 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-13 04:27 - 2016-03-10 13:48 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-04-13 04:27 - 2016-03-02 22:39 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-04-13 04:27 - 2016-03-02 22:39 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-04-13 04:27 - 2016-02-05 11:46 - 01455104 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2016-04-13 04:27 - 2016-01-21 16:35 - 00952928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-04-13 04:27 - 2016-01-21 15:42 - 00786152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-04-13 04:17 - 2016-03-03 13:47 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-13 04:17 - 2016-03-03 13:33 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-04-13 04:17 - 2016-02-08 22:31 - 22365472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-04-13 04:17 - 2016-02-08 22:31 - 19794896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-04-13 04:17 - 2016-02-08 22:31 - 02757616 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-04-13 04:17 - 2016-02-08 22:31 - 02412576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-04-13 04:17 - 2016-02-08 22:31 - 00273264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-13 04:17 - 2016-02-08 17:55 - 02712576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-04-13 04:17 - 2016-02-08 17:15 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-04-13 04:17 - 2016-02-08 17:02 - 01197056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-04-13 04:17 - 2016-02-08 16:43 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-04-13 04:17 - 2016-02-08 16:40 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-04-13 04:17 - 2016-02-08 16:39 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-04-13 04:17 - 2016-02-08 16:37 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-04-13 04:17 - 2016-02-08 16:35 - 00954880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-04-13 04:17 - 2016-02-08 16:34 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-04-13 04:17 - 2016-02-08 16:33 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-04-13 04:17 - 2016-02-08 15:50 - 03120640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-04-13 04:17 - 2016-02-08 14:55 - 02592256 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-04-13 04:17 - 2016-02-08 14:33 - 01278464 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-04-13 04:17 - 2016-02-08 14:02 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-04-13 04:17 - 2016-02-08 14:00 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-04-13 04:17 - 2016-02-08 13:58 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-04-13 04:17 - 2016-02-08 13:55 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-04-13 04:17 - 2016-02-08 13:53 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2016-04-13 04:17 - 2016-02-08 13:53 - 01348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-04-13 04:17 - 2016-02-08 13:50 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-04-13 04:17 - 2016-02-08 13:50 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-04-13 04:17 - 2016-02-08 13:48 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-04-13 04:17 - 2016-02-08 13:47 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2016-04-13 04:17 - 2016-02-08 13:44 - 00955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-04-13 04:17 - 2016-02-03 12:14 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2016-04-13 04:17 - 2016-02-02 14:51 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAuto.dll
2016-04-13 04:17 - 2016-02-02 14:19 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAuto.dll
2016-04-13 04:17 - 2016-02-02 14:01 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmAgent.dll
2016-04-13 04:17 - 2016-02-02 13:51 - 02609152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-04-13 04:17 - 2016-02-02 13:48 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2016-04-13 04:17 - 2016-02-02 13:46 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmAgent.dll
2016-04-13 04:17 - 2016-02-02 13:41 - 02170880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-04-13 04:17 - 2016-02-02 13:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2016-04-13 04:17 - 2016-01-27 12:18 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2016-04-13 04:17 - 2014-11-07 23:38 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-04-13 04:17 - 2014-11-07 23:17 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-04-13 04:11 - 2016-03-10 16:17 - 01133752 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-04-13 04:11 - 2016-03-10 14:48 - 00862720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-04-13 04:11 - 2016-03-10 14:43 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-04-13 04:11 - 2016-03-10 13:55 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-13 04:11 - 2016-03-10 13:42 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-04-13 04:11 - 2016-03-03 13:13 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-13 04:11 - 2016-02-11 17:17 - 01737088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-04-13 04:11 - 2016-02-11 17:17 - 01663184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-13 04:11 - 2016-02-11 17:17 - 01523208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-13 04:11 - 2016-02-11 17:17 - 01490120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-13 04:11 - 2016-02-11 17:17 - 01358952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-13 04:11 - 2016-02-11 17:16 - 01501488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-04-13 04:11 - 2016-02-09 15:07 - 00246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-04-13 04:11 - 2016-02-06 20:05 - 00551256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2016-04-13 04:11 - 2016-02-05 16:07 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-04-13 04:11 - 2016-02-05 12:11 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-13 04:11 - 2016-02-05 12:11 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-13 04:11 - 2016-02-05 12:07 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-04-13 04:11 - 2016-02-05 12:02 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-13 04:11 - 2016-02-04 15:07 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpsapi.dll
2016-04-13 04:11 - 2016-02-04 14:35 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpsapi.dll
2016-04-13 04:11 - 2016-02-04 13:23 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2016-04-13 04:11 - 2016-02-04 13:22 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2016-04-13 04:11 - 2016-02-03 12:11 - 01673728 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-04-13 04:11 - 2016-02-02 14:18 - 01574912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2016-04-13 04:11 - 2016-02-02 14:15 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2016-04-13 04:11 - 2016-01-31 14:17 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeui.exe
2016-04-13 04:11 - 2016-01-26 16:15 - 00072024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2016-04-13 04:11 - 2016-01-22 02:22 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-04-13 04:11 - 2016-01-22 02:11 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-04-13 04:11 - 2016-01-20 19:40 - 00099672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2016-04-09 20:51 - 2016-04-16 00:31 - 00040057 _____ C:\Users\Vanessa Musso\Downloads\CP-Quanto-Investir-para-Ficar-Milionario.xlsx
2016-04-09 18:55 - 2016-04-09 18:56 - 00577755 _____ C:\Users\Vanessa Musso\Downloads\Conteúdo Programático (3).pdf
2016-04-09 17:38 - 2016-04-09 17:39 - 00103891 _____ C:\Users\Vanessa Musso\Downloads\Conteúdo programático (2).pdf
2016-04-03 10:43 - 2016-04-03 10:43 - 00000000 ____H C:\Users\Vanessa Musso\AppData\Local\BIT7F73.tmp
2016-04-03 10:42 - 2016-04-03 10:42 - 00000000 _____ C:\Users\Vanessa Musso\AppData\Local\{3AC4BAFF-A0AF-4304-A5EB-40899DCEAD3F}
2016-03-30 21:08 - 2016-03-30 21:08 - 01082368 _____ C:\WINDOWS\SysWOW64\Universal.dpp
2016-03-29 00:23 - 2016-03-29 01:46 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Invest
2016-03-26 10:27 - 2016-03-26 10:27 - 00242066 _____ C:\Users\Vanessa Musso\Downloads\estacio-estc3-de-volta-para-o-futuromais-uma-bezerra.pdf
2016-03-24 18:57 - 2016-03-24 18:57 - 00400928 _____ () C:\Users\Vanessa Musso\Downloads\combatarms (1).exe
2016-03-24 18:55 - 2016-03-24 19:09 - 00000000 ____D C:\Users\Vanessa Musso\Documents\LevelUp Data
2016-03-24 18:53 - 2016-03-24 18:53 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\IsolatedStorage
2016-03-24 18:53 - 2016-03-24 18:53 - 00000000 ____D C:\Users\Todos os Usuários\levelup downloader
2016-03-24 18:53 - 2016-03-24 18:53 - 00000000 ____D C:\temp
2016-03-24 18:53 - 2016-03-24 18:53 - 00000000 ____D C:\ProgramData\levelup downloader
2016-03-24 18:49 - 2016-06-07 23:38 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\Deployment
2016-03-24 18:49 - 2016-03-24 18:49 - 00400928 _____ () C:\Users\Vanessa Musso\Downloads\combatarms.exe

==================== Três Meses Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-06-22 10:53 - 2015-10-17 19:13 - 00021993 _____ C:\Users\Vanessa Musso\Downloads\FRST.txt
2016-06-22 10:51 - 2015-10-17 19:13 - 00000000 ____D C:\FRST
2016-06-22 10:48 - 2014-11-08 23:44 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7D7F53BF-49ED-4B82-98E5-1E113D227D91}
2016-06-22 01:01 - 2014-11-03 12:23 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-22 00:46 - 2014-11-05 20:41 - 00000976 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA.job
2016-06-22 00:02 - 2014-11-03 12:18 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-106726862-4054988722-2312773982-1001
2016-06-21 23:52 - 2014-11-03 13:34 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\uTorrent
2016-06-21 22:49 - 2015-01-02 10:00 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-06-21 22:48 - 2014-11-03 12:23 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-21 22:47 - 2013-08-22 11:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-21 22:45 - 2014-11-08 23:23 - 00000000 ____D C:\Users\Vanessa Musso
2016-06-21 21:46 - 2014-11-05 20:41 - 00000954 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core.job
2016-06-21 21:09 - 2015-10-17 18:31 - 00000000 ____D C:\AdwCleaner
2016-06-21 16:51 - 2015-01-20 13:14 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\pgto internet
2016-06-21 12:36 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\rescache
2016-06-21 12:14 - 2014-11-03 12:01 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\Packages
2016-06-21 10:16 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-21 08:37 - 2013-08-22 10:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-06-21 08:33 - 2013-08-22 11:44 - 00579840 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-21 08:27 - 2014-12-10 16:53 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-21 08:27 - 2013-08-22 12:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-06-21 08:27 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Inf
2016-06-20 14:29 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-20 14:29 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-20 14:21 - 2012-07-26 04:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-20 13:52 - 2014-11-04 13:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-20 13:40 - 2014-11-04 13:00 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-17 00:12 - 2016-02-07 18:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-06-17 00:12 - 2015-06-30 17:46 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-06-16 23:58 - 2013-08-22 10:25 - 00000167 _____ C:\WINDOWS\win.ini
2016-06-16 00:31 - 2016-03-12 10:23 - 00000000 ___RD C:\Users\Vanessa Musso\Desktop\Backup Flor S.A 07 02 16
2016-06-13 22:30 - 2014-11-26 09:54 - 01451520 ___SH C:\Users\Vanessa Musso\Desktop\Thumbs.db
2016-06-09 19:36 - 2015-01-02 10:00 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-06-09 19:36 - 2015-01-02 10:00 - 00000000 ____D C:\ProgramData\GbPlugin
2016-06-09 19:35 - 2014-11-03 13:42 - 00000000 ____D C:\Program Files (x86)\WinRAR
2016-06-08 00:00 - 2016-02-06 19:07 - 00000000 ____D C:\Users\Todos os Usuários\MySQL
2016-06-08 00:00 - 2016-02-06 19:07 - 00000000 ____D C:\ProgramData\MySQL
2016-06-08 00:00 - 2016-02-06 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
2016-06-07 23:59 - 2014-11-14 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Level Up!
2016-06-07 23:59 - 2014-11-14 19:12 - 00000000 ____D C:\Level Up! Games
2016-06-07 23:50 - 2015-05-01 13:45 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-06-07 23:44 - 2015-04-30 17:44 - 00000000 ____D C:\Users\Todos os Usuários\Corel
2016-06-07 23:44 - 2015-04-30 17:44 - 00000000 ____D C:\ProgramData\Corel
2016-06-07 23:43 - 2015-04-30 17:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Suite de Aplicativos Gráficos CorelDRAW X4
2016-06-05 21:47 - 2015-09-27 19:32 - 00000000 ____D C:\Users\Vanessa Musso\.oracle_jre_usage
2016-06-05 21:46 - 2015-03-04 23:38 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-06-05 21:46 - 2015-03-01 20:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-05 21:45 - 2015-03-04 23:37 - 00000000 ____D C:\Program Files (x86)\Java
2016-06-05 20:57 - 2014-11-03 13:42 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-05 20:57 - 2014-11-03 13:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-06-05 14:10 - 2015-04-29 23:59 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Flor SA
2016-06-05 11:28 - 2014-09-24 11:04 - 01797166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-05 11:28 - 2014-09-24 10:19 - 00774900 _____ C:\WINDOWS\system32\prfh0416.dat
2016-06-05 11:28 - 2014-09-24 10:19 - 00158494 _____ C:\WINDOWS\system32\prfc0416.dat
2016-06-04 13:29 - 2015-11-29 21:11 - 00000000 ____D C:\FloriculturasManager
2016-05-29 22:36 - 2014-12-15 18:49 - 00000000 ____D C:\Users\Todos os Usuários\Package Cache
2016-05-29 22:36 - 2014-12-15 18:49 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-29 14:54 - 2003-02-20 23:42 - 00360840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll
2016-05-25 18:24 - 2015-04-07 20:14 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-05-25 18:24 - 2015-04-07 20:14 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-05-23 23:19 - 2016-03-18 23:30 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Nova pasta (5)

==================== Arquivos na raiz de alguns diretórios =======

2015-04-28 09:58 - 2015-04-28 09:58 - 0016726 _____ () C:\Users\Vanessa Musso\AppData\Roaming\unins000.dat
2016-04-03 10:43 - 2016-04-03 10:43 - 0000000 ____H () C:\Users\Vanessa Musso\AppData\Local\BIT7F73.tmp
2015-01-31 12:40 - 2015-12-04 21:40 - 0022528 _____ () C:\Users\Vanessa Musso\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-03 10:42 - 2016-04-03 10:42 - 0000000 _____ () C:\Users\Vanessa Musso\AppData\Local\{3AC4BAFF-A0AF-4304-A5EB-40899DCEAD3F}
2014-11-08 15:29 - 2014-11-08 15:29 - 0000011 _____ () C:\ProgramData\.tv7
2015-04-30 17:47 - 2016-01-06 22:41 - 0000088 __RSH () C:\ProgramData\3EA4D33338.sys
2015-04-30 17:47 - 2016-01-06 22:42 - 0002828 ___SH () C:\ProgramData\KGyGaAvL.sys

Alguns arquivos em TEMP:
====================
C:\Users\Vanessa Musso\AppData\Local\Temp\AcDeltree.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\c6ac0830-2ccc-4a92-812b-1666eb440d71.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\Corel Universal Keygen 2015 Free Serial Key for al.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\ex2.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\ex4.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\F068.tmp.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\fsd90D9.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\ICReinstall_F068.tmp.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\kolsrchlnas.ru_BR.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\libeay32.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\msvcr120.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\NGM.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\NGMDll.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\NGMResource.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\NGMSetup.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\nsaA.tmp.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\PidGenX.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\sqlite3.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\stubhelper.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\unicows.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\VideoBox.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\{3E3523B6-159E-44AE-AD30-F42CF3982F08}-51.0.2704.103_51.0.2704.84_chrome_updater.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\{A5E29AC8-BA3B-4EB4-B104-21FC5CBE6A37}-48.0.2564.97_47.0.2526.111_chrome_updater_3stage.exe


==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-06-20 14:29

==================== Fim de FRST.txt ============================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @jones awoki limas

 

Amigo quem seria Vanessa:

 

Executado por Vanessa Musso

 

O FRST deve ser executado diretamente da Área de Trabalho (Desktop), no entanto você executou da pasta:

 

Executando a partir de C:\Users\Vanessa Musso\Downloads

 

Delete-o daí, baixe um novo para o Desktop, execute o FRST, marque a opção Addition e clique no botão Examinar.

 

Anexe os logs.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá Amigo,

 

Vanessa Musso Limas é minha esposa, rssss.

segue relatório a partir da area de trabalho:

 

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 02-07-2016
Executado por Vanessa Musso (2016-07-04 10:42:30)
Executando a partir de C:\Users\Vanessa Musso\Desktop
Windows 8.1 Single Language (Update) (X64) (2014-11-09 02:37:03)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-106726862-4054988722-2312773982-500 - Administrator - Disabled)
Convidado (S-1-5-21-106726862-4054988722-2312773982-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-106726862-4054988722-2312773982-1009 - Limited - Enabled)
Vanessa Musso (S-1-5-21-106726862-4054988722-2312773982-1001 - Administrator - Enabled) => C:\Users\Vanessa Musso

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)
CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden
Cheapster for Google Chrome (HKLM-x32\...\Cheapster_Chrome) (Version: 1.0.0.915 - Koyote-Lab inc) <==== ATENÇÃO
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
doPDF (Version: 8.1.920 - Softland) Hidden
doPDF 8 (HKLM-x32\...\{7ced5c6b-4b09-4bd7-8707-b3cce8eead22}) (Version: 8.1.920 - Softland)
EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version:  - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.10.5.13_WHQL (HKLM\...\Elantech) (Version: 11.10.5.13 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Floriculturas Manager (HKLM-x32\...\ST6UNST #1) (Version:  - )
Galeria de Fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - )
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
K-Lite Codec Pack 9.8.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.8.0 - )
MakeMoney 10! (HKLM-x32\...\{9E35D32B-00B8-4EC8-A086-565FF4784182}) (Version: 10.0.99 - Starta - Empreendedorismo e Inovação)
MergeModule_x64 (Version: 9.1.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.1.00 - Sony Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
MySQL Server 5.7 (HKLM\...\{2B08DE80-EE6F-489E-88CA-100046FB9763}) (Version: 5.7.11 - Oracle Corporation)
novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{17BD99A4-9C11-47D4-91AF-8814DD3FFCC2}) (Version: 8.1.920 - Softland)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{B6E0BB99-B532-4EC1-9D84-ACC8CED590B3}) (Version: 8.1.920 - Softland)
novaPDF 8 Printer Driver (HKLM\...\{3A1637B5-233D-47B1-B89F-EBF718C04CFD}) (Version: 8.1.920 - Softland)
OpenOffice 4.1.1 (HKLM-x32\...\{503D2C42-D698-43BC-97FE-3610F4E8CDDC}) (Version: 4.11.9775 - Apache Software Foundation)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Plano de Negócio (HKLM-x32\...\{D233EC4A-EF4B-4CCA-AE37-7994A3E1A483}) (Version: 2.0.4 - SEBRAE)
PlayMemories Home (HKLM-x32\...\{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}) (Version: 4.1.00.12152 - Sony Corporation)
PMB_ModeEditor (x32 Version: 9.1.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 9.1.00 - Sony Corporation) Hidden
qksee (HKLM-x32\...\qksee) (Version:  - Taiwan Shui Mu Chih Ching Technology Limited) <==== ATENÇÃO
RealDownloader (x32 Version: 18.1.4.137 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.4.142 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.4 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
TZWebChart Chrome Compat versão 1.0 (HKLM-x32\...\{11B4A1FB-2794-4E0E-B96D-8E8611FED667}_is1) (Version: 1.0 - Tradezone - IT Evolution)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden
Video Downloader (x32 Version: 1.1.0 - RealNetworks) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinZip (HKLM-x32\...\WinZip) (Version: 2.2.40 - Winzipper Pvt Ltd.) <==== ATENÇÃO
X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.6.8 - X Codec Pack team)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {07605517-216F-4533-B3BE-0770929D7530} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2016-05-13] (RealNetworks, Inc.)
Task: {0B8E4CF9-AA0D-4EFA-8AAC-05B6EB3CEA4E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-05] (Facebook Inc.)
Task: {22FB0059-9011-4FD2-A05B-E18116D1C309} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {28027D36-8669-4212-8F17-17B61823F339} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {5D2092CE-F1C0-475F-8F6D-DEA5CB98DDAB} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-05-13] ()
Task: {60366634-ADEB-4059-A94A-DBA7CD3148A4} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-106726862-4054988722-2312773982-1001 => C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-19] (Microsoft Corporation)
Task: {775776E8-4738-4BBF-90D2-F8EFC254017A} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\TXQQBrowser\Update\BEE455E05AB58B26FB17EBA0AA038663\Update\BrowserUpdate.exe [2016-04-25] (Tencent) <==== ATENÇÃO
Task: {93E6214D-71BA-4939-93AD-AAD31B36D9C8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-05] (Facebook Inc.)
Task: {9A0EFFF5-43DB-4AB0-A01B-AC98DFAA7150} - System32\Tasks\Semughdabuck Builder => C:\Program Files (x86)\Semughdabuck\SmgBldts.exe [2016-06-20] ()
Task: {9ACE707B-7DC3-4A61-9E96-748D88414B93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {9FEAB704-BA7A-4BD5-A55A-30E0B61FF4F9} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {BB76340F-31BF-42DC-9519-5ED92BEF31C1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {C09037B4-EBA3-42DA-BF13-430CE02DB155} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
Task: {C4EE6676-AF5B-41B1-A69D-72E9D2056BC2} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {CA0FCC68-DAE3-4F5C-86B6-F8B69C1DF5CE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {CCD2161D-7951-434A-9932-B73EE712F199} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D6B1F080-3FDE-4F99-A20D-F0A664F81AD9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {F38542EF-3C29-4C8D-B1F4-7B4F47C401F5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {F68DD45D-F9F6-4978-9605-6EAF1BF1AD38} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2014-11-21] ()
Task: {F94D331E-5975-4488-A0DE-9659DE9C28F0} - System32\Tasks\{C854BB84-73CD-45B7-A5A8-775F01CBF0D0} => pcalua.exe -a C:\WINDOWS\st6unst.exe -c -n "C:\FloriculturasManager\ST6UNST.LOG"
Task: {FA06CE44-F3CB-4E26-BF71-DF94D2C6DFB7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-24] (AVAST Software)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core.job => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA.job => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\Download Codecs & Tools.lnk -> hxxp://www.codecs.com/ (Nenhum Arquivo)
Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\Talk about Codecs.lnk -> hxxp://codecs.com/forum (Nenhum Arquivo)
Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\X Codec Pack homepage.lnk -> hxxp://www.xpcodecpack.com/ (Nenhum Arquivo)

==================== Módulos Carregados (Whitelisted) ==============

2016-05-19 22:02 - 2016-05-19 22:02 - 00959168 _____ () C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-02-02 01:53 - 2016-02-02 01:53 - 39622144 _____ () C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
2016-02-02 01:55 - 2016-02-02 01:55 - 00333312 _____ () C:\Program Files\MySQL\MySQL Server 5.7\lib\plugin\keyring_file.dll
2014-11-21 19:06 - 2014-11-21 19:06 - 00137368 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-06-03 23:11 - 2014-06-03 23:11 - 00798576 _____ () c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Draw\PsiClient.dll
2016-05-13 14:27 - 2016-05-13 14:27 - 00714992 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2015-07-24 22:03 - 2015-07-24 22:03 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-24 22:03 - 2015-07-24 22:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-29 11:15 - 2016-06-29 11:15 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16062900\algo.dll
2016-06-29 17:51 - 2016-06-29 17:51 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16062901\algo.dll
2016-07-04 00:48 - 2016-07-04 00:48 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16070301\algo.dll
2016-06-29 09:09 - 2016-02-14 23:21 - 00582144 _____ () C:\Program Files (x86)\qksee\curlpp.dll
2016-06-29 09:09 - 2016-06-28 23:38 - 00065784 _____ () C:\Program Files (x86)\qksee\zlib1.dll
2016-06-29 09:09 - 2016-06-29 09:09 - 00582144 _____ () C:\Program Files (x86)\WinZipper\curlpp.dll
2016-06-29 09:09 - 2016-06-29 09:09 - 00066560 _____ () C:\Program Files (x86)\WinZipper\zlib1.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2016-05-13 14:27 - 2016-05-13 14:27 - 00077552 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
2016-05-29 14:54 - 2016-05-29 14:54 - 00022800 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\mediautil.dll
2015-07-24 22:03 - 2015-07-24 22:03 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-18 11:01 - 2012-07-18 15:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-05-13 14:20 - 2016-05-13 14:20 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2016-05-29 14:54 - 2016-05-29 14:54 - 00654608 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Lib\r1api.dll
2016-06-18 00:04 - 2016-06-15 06:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 00:04 - 2016-06-15 06:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-06-18 00:04 - 2016-06-15 06:15 - 17599640 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\caixa.gov.br -> imagem.caixa.gov.br

==================== Hosts Conteúdo: ==========================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 10:25 - 2016-06-21 15:36 - 00001038 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 clients2.google.com 
127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com

==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CB4F4E25-AEC5-4EE4-AF0B-9571994E14E4}] => (Allow) C:\Users\Vanessa Musso\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{11F2D4D9-66A2-479B-8AA7-000E4590FA68}] => (Allow) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A59307A3-2557-4618-9919-A89AE38311C7}] => (Allow) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9FC05A92-269A-4AD7-9BA5-28A1F136CE89}] => (Allow) LPort=1900
FirewallRules: [{D0C56131-F94E-4DD1-AF1B-B4510A7AA254}] => (Allow) LPort=2869
FirewallRules: [{DFBFD68D-60D3-469E-BF8B-64ADD45ECE5B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [TCP Query User{2C4E19D5-8DC5-4AAA-B73E-4B07E9164E07}C:\program files (x86)\philips\mediamanager\twonkymanager.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkymanager.exe
FirewallRules: [UDP Query User{F43064C2-8C9E-43C1-B9B5-0B64D56CC2EA}C:\program files (x86)\philips\mediamanager\twonkymanager.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkymanager.exe
FirewallRules: [TCP Query User{AF65F942-7007-4F6E-AACC-4A113F47A7CC}C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe
FirewallRules: [UDP Query User{3E40E999-D346-4459-8746-B5EC3BDA63EF}C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe
FirewallRules: [{5CA268D2-D2B6-454A-89CF-2F3A58409C57}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe
FirewallRules: [{46B9B203-B88C-4C0F-AC16-F483B79193E9}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe
FirewallRules: [{1D7C6D3C-F214-4722-BAF3-38927E786FF4}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{747D8045-E917-405D-9E0A-B93375B2051B}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{96C902B5-E584-4D82-B719-CA206A97C808}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{994FFEEC-8A20-4DF7-AFFF-633ECFC285D3}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{B6A6D811-8A79-424E-A00B-700CE239C4BC}] => (Allow) C:\Program Files (x86)\TVMOBiLi\bin\tvMobiliService.exe
FirewallRules: [{C3A08EBA-7D05-4DF4-B1D3-7CA8B8290A00}] => (Allow) LPort=8501
FirewallRules: [{A85E346C-7FB9-4CA0-A4C9-29F2E8DBD8CA}] => (Allow) LPort=8501
FirewallRules: [{EF1B2C42-BB87-42C2-B355-47BF1E43D134}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{A131DE02-FD8D-4592-BD20-5B103C9525A4}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{9269504F-7FDF-40FF-93EE-FC85CAB60F19}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
FirewallRules: [{10264800-7CE2-4624-A9DC-4EDC458F2F03}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{690FCEE5-ABC9-4BDA-90D8-488DBA3A6FD1}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{07013D7F-48AF-44A8-9206-C954F99A53CE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{CA735CAE-5CF9-4DE8-BDC6-F48B13C04153}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5345C1EE-BE85-4816-A6D9-66EBB45B2350}] => (Allow) C:\Users\Vanessa Musso\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{28621DB5-E1B4-4142-A66D-544E8313D8A6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1260428E-F5C7-42E0-BBB4-81C20351033E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{79CEFEEA-BC27-4313-BD60-A08170E68ED2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4FBBBD86-8A27-4D63-B733-567CED0CE851}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{29A9E71B-F313-4A42-B34F-C33494CBDA85}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{E359857F-8FC6-4726-9DC6-3AC9B3407C72}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4A9EF3A8-6CA3-4A07-A650-CD52A903ED64}] => (Allow) LPort=3306
FirewallRules: [{5E648112-03E2-4F91-B38E-AB5DEFB61D0F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C35AB92E-FCE3-4A8B-B10F-17BC2653F3AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{36BD014C-21DF-4947-8835-36B95FD7336C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{838145EF-3105-4B37-8CAE-6002B2E75BDA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{FA7EC0A9-2418-453C-8DDD-CB9077291ABF}C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [UDP Query User{5C8131F8-EC1C-405A-8D16-43469861E9FB}C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [{ED451CAE-1C5D-4EC4-87B2-235F6AFB68E8}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [TCP Query User{862C2861-322B-4DF4-BD46-FB6536199B21}C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{59AF6811-88AA-4543-8562-145816AD8879}C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe
FirewallRules: [{1C964E36-A8CA-4850-ACD9-3CDDB6B5BAB1}] => (Allow) LPort=1688
FirewallRules: [{BA44EAEF-63C0-4C2D-ACB4-4FC3063CFC6E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{616E1816-C1C9-4F83-B2EC-24A3FFCB624E}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{1D6B90E3-33D4-40EF-8F7C-8C461EC66EFA}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe

==================== Pontos de Restauração =========================

16-06-2016 23:34:33 Windows Update
20-06-2016 13:38:24 Windows Update
21-06-2016 20:31:27 Installed MakeMoney 10!
21-06-2016 23:53:30 JRT Pre-Junkware Removal
28-06-2016 11:15:42 Windows Update
03-07-2016 11:24:13 Chrome Cleanup Tool

==================== Dispositivos Apresentando Falhas No Gerenciador =============


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (07/01/2016 05:19:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vanessa)
Description: Falha na ativação do aplicativo Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (07/01/2016 05:18:49 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vanessa)
Description: Falha na ativação do aplicativo Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (07/01/2016 04:43:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: CorelPP.exe, versão: 17.1.0.572, carimbo de data/hora: 0x538e8a18
Nome do módulo com falha: corelpp.dll, versão: 17.1.0.572, carimbo de data/hora: 0x538e8d97
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000877fbc
ID do processo com falha: 0x1acc
Hora de início do aplicativo com falha: 0xCorelPP.exe0
Caminho do aplicativo com falha: CorelPP.exe1
Caminho do módulo com falha: CorelPP.exe2
ID do Relatório: CorelPP.exe3
Nome completo do pacote com falha: CorelPP.exe4
ID do aplicativo relativo ao pacote com falha: CorelPP.exe5

Error: (07/01/2016 04:43:35 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicativo: CorelPP.exe
Versão do Framework: v4.0.30319
Descrição: O processo foi terminado devido a uma exceção sem tratamento.
Informações da Exceção: código da exceção c0000005, endereço da exceção 00007FF877387FBC
Pilha:

Error: (07/01/2016 12:19:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: CorelDrw.exe, versão: 17.1.0.572, carimbo de data/hora: 0x538e8a1a
Nome do módulo com falha: CrlFrmWk.dll, versão: 17.1.0.572, carimbo de data/hora: 0x538e8b14
Código de exceção: 0xc0000005
Deslocamento da falha: 0x00000000001b8fff
ID do processo com falha: 0xe98
Hora de início do aplicativo com falha: 0xCorelDrw.exe0
Caminho do aplicativo com falha: CorelDrw.exe1
Caminho do módulo com falha: CorelDrw.exe2
ID do Relatório: CorelDrw.exe3
Nome completo do pacote com falha: CorelDrw.exe4
ID do aplicativo relativo ao pacote com falha: CorelDrw.exe5

Error: (07/01/2016 12:19:52 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicativo: CorelDrw.exe
Versão do Framework: v4.0.30319
Descrição: O processo foi terminado devido a uma exceção sem tratamento.
Informações da Exceção: código da exceção c0000005, endereço da exceção 00007FF88B408FFF
Pilha:

Error: (06/30/2016 07:02:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: CorelDrw.exe, versão: 17.1.0.572, carimbo de data/hora: 0x538e8a1a
Nome do módulo com falha: CdrGfx.dll, versão: 17.1.0.572, carimbo de data/hora: 0x538e8b78
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000008bd5f
ID do processo com falha: 0x1798
Hora de início do aplicativo com falha: 0xCorelDrw.exe0
Caminho do aplicativo com falha: CorelDrw.exe1
Caminho do módulo com falha: CorelDrw.exe2
ID do Relatório: CorelDrw.exe3
Nome completo do pacote com falha: CorelDrw.exe4
ID do aplicativo relativo ao pacote com falha: CorelDrw.exe5

Error: (06/30/2016 07:02:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicativo: CorelDrw.exe
Versão do Framework: v4.0.30319
Descrição: O processo foi terminado devido a uma exceção sem tratamento.
Informações da Exceção: código da exceção c0000005, endereço da exceção 00007FF888EEBD5F
Pilha:

Error: (06/30/2016 03:02:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: CorelDRW.exe, versão: 17.1.0.572, carimbo de data/hora: 0x538e8a1a
Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.18233, carimbo de data/hora: 0x56bb4ebb
Código de exceção: 0xc0000374
Deslocamento da falha: 0x00000000000f1b70
ID do processo com falha: 0x1860
Hora de início do aplicativo com falha: 0xCorelDRW.exe0
Caminho do aplicativo com falha: CorelDRW.exe1
Caminho do módulo com falha: CorelDRW.exe2
ID do Relatório: CorelDRW.exe3
Nome completo do pacote com falha: CorelDRW.exe4
ID do aplicativo relativo ao pacote com falha: CorelDRW.exe5

Error: (06/29/2016 05:43:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SpfService64.exe, versão: 1.3.0.9090, carimbo de data/hora: 0x4e684dec
Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.18233, carimbo de data/hora: 0x56bb4ebb
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000003e8b6
ID do processo com falha: 0x1074
Hora de início do aplicativo com falha: 0xSpfService64.exe0
Caminho do aplicativo com falha: SpfService64.exe1
Caminho do módulo com falha: SpfService64.exe2
ID do Relatório: SpfService64.exe3
Nome completo do pacote com falha: SpfService64.exe4
ID do aplicativo relativo ao pacote com falha: SpfService64.exe5


Erros de Sistema:
=============
Error: (07/03/2016 11:56:27 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/03/2016 11:55:57 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/02/2016 11:44:33 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/02/2016 11:44:02 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/01/2016 05:19:01 PM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: Microsoft.Reader

Error: (07/01/2016 05:18:49 PM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: Microsoft.Reader.AppXqwpk1t4bvqdvwhxhbyg53psw2e2hmdrd.mca

Error: (07/01/2016 11:49:54 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/01/2016 11:49:23 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (06/30/2016 09:37:55 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (06/30/2016 09:37:25 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


CodeIntegrity:
===================================
  Date: 2015-08-12 12:01:16.210
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Informações da Memória =========================== 

Processador: Intel(R) Celeron(R) CPU 1037U @ 1.80GHz
Percentagem de memória em uso: 74%
RAM física total: 3932.14 MB
RAM física disponível: 1016.45 MB
Virtual Total: 7033.62 MB
Virtual disponível: 1652.99 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:449.07 GB) (Free:106.92 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Fim de Addition.txt ============================

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @jones awoki limas

 

Primeiro

 

Desinstale os seguintes programas:

 

Cheapster for Google Chrome
qksee
WinZi

 

Segundo

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Baixe o arquivo (fixlist.txt) no anexo deste post e salve-o na Área de Trabalho (Desktop).

Execute o FRST.exe (ou FRST64.exe) e clique no botão Corrigir.

Aguarde... ao final será gerado o log Fixlog.txt  salvo em sua Área de Trabalho (Desktop).

Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

fixlist.txt

Compartilhar este post


Link para o post
Compartilhar em outros sites

Meu caro Moicano,

 

Quero agradecer por se prontificado a me ajudar, obrigado!

 

Segue abaixo o solicitado:

 

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 02-07-2016
Executado por Vanessa Musso (2016-07-06 20:47:13) Run:1
Executando a partir de C:\Users\Vanessa Musso\Desktop
Perfis Carregados: Vanessa Musso (Perfis Disponíveis: Vanessa Musso)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
Cheapster for Google Chrome (HKLM-x32\...\Cheapster_Chrome) (Version: 1.0.0.915 - Koyote-Lab inc) <==== ATENÇÃO
qksee (HKLM-x32\...\qksee) (Version:  - Taiwan Shui Mu Chih Ching Technology Limited) <==== ATENÇÃO
WinZip (HKLM-x32\...\WinZip) (Version: 2.2.40 - Winzipper Pvt Ltd.) <==== ATENÇÃO
Task: {775776E8-4738-4BBF-90D2-F8EFC254017A} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\TXQQBrowser\Update\BEE455E05AB58B26FB17EBA0AA038663\Update\BrowserUpdate.exe [2016-04-25] (Tencent) <==== ATENÇÃO
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [Cheapsterx64] => "C:\Program Files (x86)\Cheapster\msilnk64.exe"
S2 ArkconfigurationSrv; "C:\Program Files (x86)\Arikoiedrumition\ArkconfigurationSrv.html5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} [X]
C:\Program Files (x86)\Arikoiedrumition\ArkconfigurationSrv.html5
S2 SmgBlds; "C:\Program Files (x86)\Semughdabuck\SmgBlds.xhtm5" {79740E79-A383-47A7-B513-3DF6563D007F} {8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83} [X]
C:\Program Files (x86)\Semughdabuck\SmgBlds.xhtm5
S2 wonutocezbt; C:\Program Files (x86)\003C293C-1466534344-003D-9CE1-3C00D1DF6549\knssF538.tmp [X]
C:\Program Files (x86)\003C293C-1466534344-003D-9CE1-3C00D1DF6549\knssF538.tmp
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
S1 eypttfre; \??\C:\WINDOWS\system32\drivers\eypttfre.sys [X]
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
S1 lobfjsou; \??\C:\WINDOWS\system32\drivers\lobfjsou.sys [X]
2016-04-03 10:43 - 2016-04-03 10:43 - 0000000 ____H () C:\Users\Vanessa Musso\AppData\Local\BIT7F73.tmp
2015-04-30 17:47 - 2016-01-06 22:41 - 0000088 __RSH () C:\ProgramData\3EA4D33338.sys
2015-04-30 17:47 - 2016-01-06 22:42 - 0002828 ___SH () C:\ProgramData\KGyGaAvL.sys
2016-06-29 09:09 - 2016-02-14 23:21 - 00582144 _____ () C:\Program Files (x86)\qksee\curlpp.dll
2016-06-29 09:09 - 2016-06-28 23:38 - 00065784 _____ () C:\Program Files (x86)\qksee\zlib1.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\AcDeltree.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\c6ac0830-2ccc-4a92-812b-1666eb440d71.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\Corel Universal Keygen 2015 Free Serial Key for al.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\ex2.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\ex4.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\F068.tmp.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\fsd90D9.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\ICReinstall_F068.tmp.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\kolsrchlnas.ru_BR.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\libeay32.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\msvcr120.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\NGM.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\NGMDll.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\NGMResource.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\NGMSetup.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\nsaA.tmp.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\PidGenX.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\sqlite3.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\stubhelper.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\unicows.dll
C:\Users\Vanessa Musso\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\VideoBox.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\{3E3523B6-159E-44AE-AD30-F42CF3982F08}-51.0.2704.103_51.0.2704.84_chrome_updater.exe
C:\Users\Vanessa Musso\AppData\Local\Temp\{A5E29AC8-BA3B-4EB4-B104-21FC5CBE6A37}-48.0.2564.97_47.0.2526.111_chrome_updater_3stage.exe
Hosts:
CMD: ipconfig /flushdns
EmptyTemp:

*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
Cheapster for Google Chrome (HKLM-x32\...\Cheapster_Chrome) (Version: 1.0.0.915 - Koyote-Lab inc) <==== ATENÇÃO => Erro: Nenhuma correção automática foi encontrada para esta entrada.
qksee (HKLM-x32\...\qksee) (Version:  - Taiwan Shui Mu Chih Ching Technology Limited) <==== ATENÇÃO => Erro: Nenhuma correção automática foi encontrada para esta entrada.
WinZip (HKLM-x32\...\WinZip) (Version: 2.2.40 - Winzipper Pvt Ltd.) <==== ATENÇÃO => Erro: Nenhuma correção automática foi encontrada para esta entrada.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{775776E8-4738-4BBF-90D2-F8EFC254017A}" => chave removido (a) com sucesso.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{775776E8-4738-4BBF-90D2-F8EFC254017A}" => chave removido (a) com sucesso.
C:\WINDOWS\System32\Tasks\Browser Updater Task(Core) => movido com sucesso
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Browser Updater Task(Core)" => chave removido (a) com sucesso.
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Cheapsterx64 => valor removido (a) com sucesso.
ArkconfigurationSrv => serviço removido (a) com sucesso.
"C:\Program Files (x86)\Arikoiedrumition\ArkconfigurationSrv.html5" => não encontrado (a).
SmgBlds => serviço removido (a) com sucesso.
C:\Program Files (x86)\Semughdabuck\SmgBlds.xhtm5 => movido com sucesso
wonutocezbt => serviço não encontrado (a).
"C:\Program Files (x86)\003C293C-1466534344-003D-9CE1-3C00D1DF6549\knssF538.tmp" => não encontrado (a).
EagleX64 => serviço removido (a) com sucesso.
eypttfre => serviço removido (a) com sucesso.
gbpddfac => serviço removido (a) com sucesso.
gbpddreg => serviço removido (a) com sucesso.
lobfjsou => serviço removido (a) com sucesso.
"C:\Users\Vanessa Musso\AppData\Local\BIT7F73.tmp" => não encontrado (a).
C:\ProgramData\3EA4D33338.sys => movido com sucesso
C:\ProgramData\KGyGaAvL.sys => movido com sucesso
"C:\Program Files (x86)\qksee\curlpp.dll" => não encontrado (a).
"C:\Program Files (x86)\qksee\zlib1.dll" => não encontrado (a).
C:\Users\Vanessa Musso\AppData\Local\Temp\AcDeltree.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\c6ac0830-2ccc-4a92-812b-1666eb440d71.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\Corel Universal Keygen 2015 Free Serial Key for al.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\ex2.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\ex4.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\F068.tmp.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\fsd90D9.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\ICReinstall_F068.tmp.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\jre-8u77-windows-au.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\jre-8u91-windows-au.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\kolsrchlnas.ru_BR.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\libeay32.dll => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\msvcr120.dll => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\NGM.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\NGMDll.dll => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\NGMResource.dll => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\NGMSetup.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\nsaA.tmp.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\PidGenX.dll => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\sqlite3.dll => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\stubhelper.dll => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\unicows.dll => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\vcredist_x86.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\VideoBox.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\{3E3523B6-159E-44AE-AD30-F42CF3982F08}-51.0.2704.103_51.0.2704.84_chrome_updater.exe => movido com sucesso
C:\Users\Vanessa Musso\AppData\Local\Temp\{A5E29AC8-BA3B-4EB4-B104-21FC5CBE6A37}-48.0.2564.97_47.0.2526.111_chrome_updater_3stage.exe => movido com sucesso
C:\Windows\System32\Drivers\etc\hosts => movido com sucesso
Hosts restaurado com sucesso.

=========  ipconfig /flushdns =========


Configura��o de IP do Windows

Libera��o do Cache do DNS Resolver bem-sucedida.

========= Fim de CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 16777216 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31305595 B
Java, Flash, Steam htmlcache => 8965 B
Windows/system/drivers => 217732694 B
Edge => 0 B
Chrome => 22211124 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 1359 B
LocalService => 577510 B
NetworkService => 120934 B
Vanessa Musso => 2178305335 B

RecycleBin => 22637344728 B
EmptyTemp: => 23.4 GB de dados temporários Removidos.

================================


O sistema precisou ser reiniciado.

==== Fim de Fixlog 21:04:09 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom dia amigo,

 

Tem mais um detalhe, agora a pouco meu navegador travou e quando reiniciei apareceu isto:

 

http://www.nuesearch.com/?type=hp&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX

 

Será que alguém está acessando remotamente meu pc? Não entrei em site nenhum, não baixei nada e do nada esta M.rda aí...

 

beleza! obrigado

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @jones awoki limas

 

Não meu amigo, pode ficar tranquilo! :)

 

Baixe a Malwarebytes Anti-Malware (MBAM).
 
Clique duas vezes no mbam-setup.exe para instalar o programa.

  • Desmarque a caixa Ativar trial gratuito do MalwareBytes Anti-Malware PRO.
  • Se houver atualizações a serem feitas, serão baixadas e instaladas..
  • Clique em Configurações, clique em Detecção e proteção, marque Verificar por Rootkits.
  • Volte ao Painel e por fim clique em Verificar agora.
  • Começará então o exame. Aguarde, pois pode demorar.
  • Ao acabar o exame, se houver itens encontrados, certifique-se que estejam todas marcados e clique no botão Remover Selecionadas
  • Ao final da desinfecção, poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Histórico -> Registros do aplicativo na janela principal do programa.
  • Clique duas vezes no log (Registro de verificação). Utilize o formato .txt para exportar o log.
  • O log de Proteção é desnecessário para a análise, exporte sempre o log correto.
  • Selecione, copie e cole o conteúdo deste log em sua próxima resposta.

 

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

beleza Moicano! 

 

O log está aí embaixo:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Data da verificação: 08/07/2016
Hora da verificação: 09:58
Arquivo de registro: log malware.txt
Administrador: Sim

Versão: 2.2.1.1043
Banco de dados de malware: v2016.07.08.04
Banco de dados de rootkit: v2016.05.27.01
Licença: Gratuita
Proteção contra malware: Desabilitado
Proteção contra website malicioso: Desabilitado
Autoproteção: Desabilitado

Sistema operacional: Windows 8.1
CPU: x64
Sistema de arquivos: NTFS
Usuário: Vanessa Musso

Tipo de verificação: Verificação da ameaça
Resultado: Concluído
Objetos verificados: 345472
Tempo decorrido: 1 hr, 33 min, 42 seg

Memória: Habilitado
Inicialização: Habilitado
Sistema de arquivos: Habilitado
Arquivos compactados: Habilitado
Rootkits: Habilitado
Heurística: Habilitado
PUP: Habilitado
PUM: Habilitado

Processos: 0
(Nenhum item malicioso detectado)

Módulos: 0
(Nenhum item malicioso detectado)

Chaves de registro: 0
(Nenhum item malicioso detectado)

Valores de registro: 0
(Nenhum item malicioso detectado)

Dados de registro: 0
(Nenhum item malicioso detectado)

Pastas: 0
(Nenhum item malicioso detectado)

Arquivos: 0
(Nenhum item malicioso detectado)

Setores físicos: 0
(Nenhum item malicioso detectado)


(end)

 

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite Brother,

 

Valeu:thumbsup:

 

Segue o Log FRST:

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 10-07-2016 01
Executado por Vanessa Musso (administrador) em VANESSA (11-07-2016 21:27:34)
Executando a partir de C:\Users\Vanessa Musso\Desktop\Limpeza
Perfis Carregados: Vanessa Musso (Perfis Disponíveis: Vanessa Musso)
Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(BitTorrent Inc.) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(BitTorrent Inc.) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(Akamai Technologies, Inc.) C:\Users\Vanessa Musso\AppData\Local\Akamai\netsession_win.exe
(BitTorrent Inc.) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(Akamai Technologies, Inc.) C:\Users\Vanessa Musso\AppData\Local\Akamai\netsession_win.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Autodesk, Inc.) C:\Autodesk\Autodesk_PRDSU_2016_TRIAL_PTB_Win_64bit_wi_pt-br\x64\PrdsTrialTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2013-04-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-15] (AVAST Software)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2728472 2014-12-15] (Sony Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [293768 2016-05-29] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-05-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [uTorrent] => C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-13] (BitTorrent Inc.)
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [Facebook Update] => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-11-05] (Facebook Inc.)
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Vanessa Musso\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\RunOnce: [Uninstall C:\Users\Vanessa Musso\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vanessa Musso\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918"
ShellExecuteHooks:  - {98C066AB-D735-4339-9E52-A34875141B56} -  Nenhum Arquivo [ ]
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-24] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-07-08]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Autodesk Product Design Suite 2016 Trial Tray.lnk [2016-07-08]
ShortcutTarget: Autodesk Product Design Suite 2016 Trial Tray.lnk -> C:\Autodesk\Autodesk_PRDSU_2016_TRIAL_PTB_Win_64bit_wi_pt-br\x64\PrdsTrialTray.exe (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{79691668-B4C3-442D-9421-47D5F024C0C1}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A052614E-CB9A-402A-9C82-788A064AE21D}: [DhcpNameServer] 192.168.1.1
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13] (RealDownloader)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-24] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-05] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-24] (AVAST Software)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-05] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-05-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-05-29] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-106726862-4054988722-2312773982-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Vanessa Musso\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-106726862-4054988722-2312773982-1001: gastecnologia.com.br/sf/cef -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-106726862-4054988722-2312773982-1001: gastecnologia.com.br/sf/cef64 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [2014-12-09] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-11]

Chrome: 
=======
CHR HomePage: ChromeDefaultData2 -> hxxp://www.nuesearch.com/?type=hp&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX
CHR StartupUrls: ChromeDefaultData2 -> "hxxp://www.nuesearch.com/?type=hp&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX"
CHR DefaultSearchURL: ChromeDefaultData2 -> hxxp://www.nuesearch.com/search/?type=ds&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX&q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData2 -> nuesearch
CHR Profile: C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2
CHR Extension: (Google Apresentações) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Avast SafePrice) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-01-28]
CHR Extension: (Planilhas do Google) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Documentos Google off-line) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Avast Online Security) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-05]
CHR Extension: (MailTrack para Gmail) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2016-07-07]
CHR Extension: (TZWebChartWindow) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmdhbmdklokcmpmcegmbfehjencmbeab [2016-03-05]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-24]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-24] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-24] (Avast Software)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2013-04-08] (Realsil Microelectronics Inc.) [Arquivo não assinado]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-17] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-17] (Intel Corporation)
R2 MySQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [39622144 2016-02-02] () [Arquivo não assinado]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Arquivo não assinado]
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616 2014-11-21] (Microsoft)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [487960 2014-12-15] (Sony Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Arquivo não assinado]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-05-13] ()
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095440 2016-05-29] (RealNetworks, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-24] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-24] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-24] (AVAST Software)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-03] (GAS Tecnologia)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-24] (AVAST Software)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-24] (Avast Software)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-03] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-11 07:55 - 2016-07-11 07:55 - 00388587 _____ C:\WINDOWS\SysWOW64\rsslogs.20160711075451
2016-07-10 00:12 - 2016-07-11 07:55 - 00053111 _____ C:\WINDOWS\SysWOW64\rsslogs.20160710001113
2016-07-09 21:08 - 2016-07-09 21:11 - 00021655 _____ C:\Users\Vanessa Musso\Desktop\silvas (Salvo automaticamente).xlsx
2016-07-09 20:19 - 2016-07-10 00:12 - 00059894 _____ C:\WINDOWS\SysWOW64\rsslogs.20160709201840
2016-07-09 17:02 - 2016-07-09 20:18 - 00019220 _____ C:\WINDOWS\SysWOW64\rsslogs.20160709013126
2016-07-08 22:05 - 2016-07-09 17:02 - 00030500 _____ C:\WINDOWS\SysWOW64\rsslogs.20160708220436
2016-07-08 21:30 - 2016-07-08 21:32 - 02309816 _____ C:\Users\Vanessa Musso\Downloads\INSTALAR_DJMIXER5.zip
2016-07-08 09:45 - 2016-07-08 19:18 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-08 09:42 - 2016-07-08 12:54 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-08 09:42 - 2016-07-08 09:42 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2016-07-08 09:42 - 2016-07-08 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-08 09:42 - 2016-07-08 09:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-08 09:42 - 2016-07-08 09:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-08 09:42 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-07-08 09:42 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-07-08 09:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-07-08 09:35 - 2016-07-08 09:38 - 22851472 _____ (Malwarebytes ) C:\Users\Vanessa Musso\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-07 19:50 - 2016-07-07 20:15 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Fotos Merlo Artesanato
2016-07-07 11:47 - 2016-07-07 11:47 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52593140.html
2016-07-07 11:47 - 2016-07-07 11:47 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52540140.html
2016-07-07 11:47 - 2016-07-07 11:47 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52539890.html
2016-07-07 11:47 - 2016-07-07 11:47 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\WinZiper
2016-07-07 11:47 - 2016-07-07 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-07-07 11:46 - 2016-07-07 23:57 - 00000001 _____ C:\WINDOWS\SysWOW64\br.html
2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52487093.html
2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52486718.html
2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52482750.html
2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52482453.html
2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52475765.html
2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52475515.html
2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52467750.html
2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52467265.html
2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52464250.html
2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52463921.html
2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52449343.html
2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\br_52448000.html
2016-07-07 11:45 - 2016-07-07 11:45 - 00000000 ____D C:\WINDOWS\SysWOW64\_TSpm
2016-07-07 08:40 - 2016-07-11 21:27 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Limpeza
2016-07-06 20:44 - 2016-07-06 20:44 - 00003778 _____ C:\Users\Vanessa Musso\Downloads\fixlist (1).txt
2016-07-06 20:41 - 2016-07-06 20:41 - 00003778 _____ C:\Users\Vanessa Musso\Downloads\fixlist.txt
2016-07-04 09:31 - 2016-07-08 10:31 - 00020541 _____ C:\Users\Vanessa Musso\Downloads\silvas.xlsx
2016-06-30 13:45 - 2016-06-30 15:50 - 158908247 _____ C:\Users\Vanessa Musso\Desktop\Cópia_de_segurança_de_fotos limpas para catálogo.cdr
2016-06-30 11:58 - 2016-07-08 09:38 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Fotos Artesanato Nova Vida
2016-06-29 19:26 - 2016-06-29 19:26 - 00494664 _____ C:\Users\Vanessa Musso\Downloads\Tabela de Preços Albano 05-16 (1).pdf
2016-06-29 18:33 - 2016-06-29 18:33 - 00000000 ____D C:\Program Files (x86)\k4um3yr7
2016-06-29 17:48 - 2016-06-29 17:48 - 00000270 _____ C:\Users\Vanessa Musso\Desktop\CorelDRAW Graphics Suite X7.txt
2016-06-29 17:30 - 2016-07-08 12:54 - 00003055 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X7 (64-Bit).lnk
2016-06-29 17:30 - 2016-07-08 12:54 - 00003007 _____ C:\Users\Public\Desktop\CorelDRAW X7 (64-Bit).lnk
2016-06-29 17:30 - 2016-06-29 17:30 - 00000000 ____D C:\Program Files (x86)\gs
2016-06-29 17:26 - 2016-06-29 17:26 - 00000000 ____D C:\Users\Public\Documents\Corel
2016-06-29 17:25 - 2016-06-29 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)
2016-06-29 17:23 - 2016-06-29 17:24 - 00000000 ____D C:\Program Files\Corel
2016-06-29 12:47 - 2016-06-29 12:47 - 00203080 _____ C:\Users\Vanessa Musso\Downloads\IMG-20160629-WA0001.jpg.jpeg
2016-06-29 12:47 - 2016-06-29 12:47 - 00124681 _____ C:\Users\Vanessa Musso\Downloads\IMG-20160629-WA0000.jpg.jpeg
2016-06-29 12:33 - 2016-06-29 12:33 - 00000000 ____D C:\Program Files (x86)\opv0a6y9
2016-06-29 10:55 - 2016-06-29 10:56 - 00999424 _____ C:\Users\Vanessa Musso\Downloads\GMA.plnx
2016-06-29 10:55 - 2016-06-29 10:56 - 00999424 _____ C:\Users\Vanessa Musso\Downloads\GMA.Bak
2016-06-29 10:53 - 2016-06-29 10:53 - 00880640 _____ C:\Users\Vanessa Musso\Downloads\CDProtection.plnx
2016-06-29 10:53 - 2016-06-29 10:53 - 00880640 _____ C:\Users\Vanessa Musso\Downloads\CDProtection.Bak
2016-06-29 10:39 - 2016-06-29 10:39 - 00528384 _____ C:\Users\Vanessa Musso\Downloads\CiaDoCao.plnx
2016-06-29 10:39 - 2016-06-29 10:39 - 00528384 _____ C:\Users\Vanessa Musso\Downloads\CiaDoCao.Bak
2016-06-29 10:33 - 2016-06-29 10:33 - 00000000 ____D C:\Program Files (x86)\oqk8ovam
2016-06-29 10:08 - 2016-06-29 10:09 - 00000000 ____D C:\Program Files (x86)\iicbxnka
2016-06-29 09:38 - 2016-06-29 09:41 - 06230532 _____ (Softland) C:\Users\Vanessa Musso\Downloads\dopdf-full.exe
2016-06-29 09:09 - 2016-07-08 12:56 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-06-29 09:09 - 2016-06-29 09:09 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\eCyber
2016-06-29 09:08 - 2016-06-29 09:08 - 00000000 ____D C:\Program Files (x86)\TXQQBrowser
2016-06-29 09:08 - 2016-06-29 09:08 - 00000000 ____D C:\Program Files (x86)\t10rur95
2016-06-28 17:20 - 2016-06-28 17:20 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Nova pasta (7)
2016-06-28 17:19 - 2016-06-28 17:20 - 00002359 _____ C:\Users\Vanessa Musso\Downloads\Outlook.com (1).zip
2016-06-22 19:14 - 2016-06-22 19:14 - 00099596 _____ C:\Users\Vanessa Musso\Downloads\RE BUBA=REPRESENTANTE (Anexos).zip
2016-06-22 19:08 - 2016-06-22 19:08 - 00000000 ____D C:\Users\Vanessa Musso\.cache
2016-06-22 10:49 - 2016-06-22 10:50 - 02387456 _____ (Farbar) C:\Users\Vanessa Musso\Downloads\FRST64 (1).exe
2016-06-22 10:48 - 2016-06-22 10:49 - 01738240 _____ (Farbar) C:\Users\Vanessa Musso\Downloads\FRST.exe
2016-06-22 00:53 - 2016-06-22 01:43 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\ZHP
2016-06-22 00:50 - 2016-06-22 00:52 - 02272256 _____ C:\Users\Vanessa Musso\Downloads\ZHPCleaner.exe
2016-06-21 23:47 - 2016-06-21 23:48 - 01610816 _____ (Malwarebytes) C:\Users\Vanessa Musso\Downloads\JRT (2).exe
2016-06-21 23:29 - 2016-06-21 23:30 - 01610816 _____ (Malwarebytes) C:\Users\Vanessa Musso\Downloads\JRT (1).exe
2016-06-21 22:52 - 2016-07-09 20:18 - 00000000 ____D C:\Users\Vanessa Musso\AppData\LocalLow\uTorrent
2016-06-21 22:52 - 2016-07-08 12:53 - 00002310 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-21 22:52 - 2016-07-08 12:52 - 00002280 _____ C:\Users\Vanessa Musso\Desktop\Google Chrome.lnk
2016-06-21 20:55 - 2016-06-21 20:55 - 03703360 _____ C:\Users\Vanessa Musso\Downloads\adwcleaner_5.200.exe
2016-06-21 20:32 - 2016-07-08 12:52 - 00002967 _____ C:\Users\Vanessa Musso\Desktop\MakeMoney 10!.lnk
2016-06-21 20:32 - 2016-06-21 20:32 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMoney 10!
2016-06-21 20:32 - 2016-06-21 20:32 - 00000000 ____D C:\Program Files (x86)\MakeMoney 10!
2016-06-21 20:17 - 2016-06-21 20:27 - 29121536 _____ C:\Users\Vanessa Musso\Downloads\Instala.exe
2016-06-21 16:13 - 2016-07-08 12:52 - 00001247 _____ C:\Users\Vanessa Musso\Desktop\Continue Last version Installation.lnk
2016-06-21 15:46 - 2016-06-21 15:46 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-06-21 15:45 - 2016-06-21 22:51 - 00000000 ____D C:\Program Files (x86)\mpck
2016-06-21 15:30 - 2016-06-21 15:30 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\NanoNet
2016-06-21 11:50 - 2016-06-21 11:50 - 00494664 _____ C:\Users\Vanessa Musso\Downloads\Tabela de Preços Albano 05-16.pdf
2016-06-21 08:35 - 2016-06-14 14:13 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-21 08:35 - 2016-06-14 14:13 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-20 20:46 - 2016-07-07 21:07 - 01467447 _____ C:\Users\Vanessa Musso\Desktop\DISTRIBUIDORES E ATACADISTAS VEILING.xlsx
2016-06-20 14:05 - 2016-06-20 14:05 - 00003474 _____ C:\Users\Vanessa Musso\Downloads\comprovante (28).html
2016-06-20 11:43 - 2016-06-20 11:43 - 00142495 _____ C:\WINDOWS\2cdae02d91692a634545c5b4daa18a38.exe
2016-06-17 18:12 - 2016-06-20 20:37 - 00182042 _____ C:\Users\Vanessa Musso\Downloads\Prospecção Geral.xlsx
2016-06-15 23:32 - 2016-06-15 23:33 - 01216134 _____ C:\Users\Vanessa Musso\Downloads\Guia Prático de Criação de Galinhas - Valdir Rocha.pdf
2016-06-15 23:01 - 2016-06-03 14:11 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-06-15 23:01 - 2016-06-03 10:38 - 01413120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 23:01 - 2016-06-02 14:51 - 00050352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 23:01 - 2016-05-29 12:04 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 23:01 - 2016-05-29 12:04 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-06-15 23:01 - 2016-05-29 12:04 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 23:01 - 2016-05-29 12:04 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 23:01 - 2016-05-29 12:04 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-06-15 23:01 - 2016-05-29 12:04 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 23:01 - 2016-04-14 12:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-15 23:01 - 2016-04-14 12:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-06-15 23:01 - 2016-04-12 12:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 23:01 - 2016-04-12 12:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 23:01 - 2016-01-31 16:17 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2016-06-15 23:01 - 2016-01-31 15:07 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-06-15 23:01 - 2016-01-31 14:42 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-06-15 23:01 - 2016-01-31 14:14 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-06-15 22:52 - 2016-05-21 14:28 - 25802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 22:52 - 2016-05-21 13:57 - 20341248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 22:52 - 2016-05-20 19:02 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 22:52 - 2016-05-20 18:29 - 13815808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 22:52 - 2016-05-20 18:14 - 04610048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 22:52 - 2016-05-20 18:11 - 15420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 22:52 - 2016-05-20 17:46 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 22:52 - 2016-05-20 17:34 - 01544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 22:51 - 2016-05-20 19:09 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 22:51 - 2016-05-20 19:08 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 22:51 - 2016-05-20 18:57 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 22:51 - 2016-05-20 18:55 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-06-15 22:51 - 2016-05-20 18:54 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-06-15 22:51 - 2016-05-20 18:50 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 22:51 - 2016-05-20 18:44 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-06-15 22:51 - 2016-05-20 18:27 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-06-15 22:51 - 2016-05-20 18:25 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-06-15 22:51 - 2016-05-20 18:25 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-06-15 22:51 - 2016-05-20 18:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-06-15 22:51 - 2016-05-20 18:21 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-06-15 22:51 - 2016-05-20 18:19 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-06-15 22:51 - 2016-05-20 18:16 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-06-15 22:51 - 2016-05-20 18:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-06-15 22:51 - 2016-05-20 18:11 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-06-15 22:51 - 2016-05-20 18:09 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 22:51 - 2016-05-20 18:09 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-06-15 22:51 - 2016-05-20 18:08 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-06-15 22:51 - 2016-05-20 18:08 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 22:51 - 2016-05-20 18:06 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-06-15 22:51 - 2016-05-20 17:42 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 22:51 - 2016-05-20 17:38 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 22:51 - 2016-05-20 17:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-06-15 22:51 - 2016-05-20 17:23 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-06-15 22:31 - 2016-05-12 15:38 - 00135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 22:31 - 2016-05-12 14:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2016-06-15 22:31 - 2016-05-12 13:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 22:31 - 2016-05-12 13:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 22:31 - 2016-05-12 13:07 - 01360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 22:31 - 2016-05-12 12:59 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 22:31 - 2016-05-12 12:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 22:31 - 2016-05-12 12:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 22:30 - 2016-05-16 18:13 - 00563016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 22:30 - 2016-05-16 18:13 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 22:30 - 2016-05-16 18:13 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 22:30 - 2016-05-16 18:13 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 22:30 - 2016-05-14 17:01 - 00363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 22:30 - 2016-05-14 17:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 22:30 - 2016-05-13 20:09 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-06-15 22:30 - 2016-05-13 20:07 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 22:30 - 2016-05-13 20:07 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 22:30 - 2016-05-13 20:07 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 22:30 - 2016-05-13 20:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 22:30 - 2016-05-13 19:34 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-06-15 22:30 - 2016-05-13 18:58 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 22:30 - 2016-05-13 18:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-06-15 22:30 - 2016-05-13 18:45 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 22:30 - 2016-05-13 18:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 22:30 - 2016-05-13 18:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 22:30 - 2016-05-09 18:35 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-06-15 22:30 - 2016-05-09 17:56 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-06-15 22:30 - 2016-05-09 17:45 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 22:30 - 2016-05-09 17:23 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 22:30 - 2016-05-06 12:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 22:30 - 2016-05-06 12:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 22:25 - 2016-05-18 02:31 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 22:25 - 2016-05-18 02:31 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 22:25 - 2016-05-13 20:04 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 22:25 - 2016-05-13 19:19 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 22:00 - 2016-05-18 20:15 - 01379040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 21:59 - 2016-05-18 17:35 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-11 21:28 - 2014-11-03 13:34 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\uTorrent
2016-07-11 21:27 - 2015-10-17 19:13 - 00000000 ____D C:\FRST
2016-07-11 20:12 - 2014-11-08 23:44 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7D7F53BF-49ED-4B82-98E5-1E113D227D91}
2016-07-11 13:01 - 2014-11-03 12:23 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-11 11:51 - 2014-09-24 11:04 - 01797166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-11 11:51 - 2014-09-24 10:19 - 00774900 _____ C:\WINDOWS\system32\prfh0416.dat
2016-07-11 11:51 - 2014-09-24 10:19 - 00158494 _____ C:\WINDOWS\system32\prfc0416.dat
2016-07-11 11:51 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Inf
2016-07-11 08:21 - 2015-01-02 10:00 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-07-11 08:21 - 2015-01-02 10:00 - 00000000 ____D C:\ProgramData\GbPlugin
2016-07-11 08:08 - 2014-11-03 12:18 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-106726862-4054988722-2312773982-1001
2016-07-11 07:59 - 2016-02-07 18:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-07-11 07:58 - 2015-06-30 17:46 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-07-10 12:13 - 2015-04-29 23:59 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Flor SA
2016-07-09 20:17 - 2014-11-08 23:23 - 00000000 ____D C:\Users\Vanessa Musso
2016-07-09 20:17 - 2014-11-03 12:23 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-08 22:04 - 2015-01-02 10:00 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-07-08 22:04 - 2013-08-22 11:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-08 21:46 - 2014-11-05 20:41 - 00000976 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA.job
2016-07-08 21:46 - 2014-11-05 20:41 - 00000954 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core.job
2016-07-08 18:55 - 2014-11-03 13:33 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-07-08 18:52 - 2013-08-22 11:44 - 00583488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-08 12:56 - 2013-08-22 10:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-07-08 12:54 - 2015-05-01 13:22 - 00002637 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plano de Negócio.lnk
2016-07-08 12:54 - 2015-04-09 23:50 - 00001062 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2016-07-08 12:54 - 2015-01-02 09:36 - 00002025 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-07-08 12:54 - 2014-12-17 20:22 - 00002180 _____ C:\Users\Public\Desktop\PlayMemories Home.lnk
2016-07-08 12:54 - 2014-11-08 23:27 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-07-08 12:54 - 2014-07-17 16:34 - 00001381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-07-08 12:54 - 2014-07-17 16:34 - 00001312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-07-08 12:53 - 2016-04-23 15:42 - 00002373 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-07-08 12:53 - 2014-11-08 23:23 - 00000469 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-07-08 12:53 - 2014-11-08 23:23 - 00000467 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-07-08 12:53 - 2014-11-03 13:35 - 00000846 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-07-08 12:52 - 2016-05-25 18:13 - 00001535 _____ C:\Users\Vanessa Musso\Desktop\Outlook.com - Atalho.lnk
2016-07-08 12:52 - 2015-11-29 20:55 - 00001700 _____ C:\Users\Vanessa Musso\Desktop\Backup-codes-joaoawoki - Atalho.lnk
2016-07-08 12:52 - 2014-12-11 12:07 - 00001194 _____ C:\Users\Vanessa Musso\Desktop\Continue Download &amp; Install Installation.lnk
2016-07-08 12:52 - 2014-11-03 13:35 - 00000866 _____ C:\Users\Vanessa Musso\Desktop\µTorrent.lnk
2016-07-07 23:58 - 2014-11-26 09:54 - 01517056 ___SH C:\Users\Vanessa Musso\Desktop\Thumbs.db
2016-07-07 09:22 - 2016-01-20 20:56 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Cursos; Cartilhas; Estudos; Manuais; certificados e diplomas
2016-07-07 09:21 - 2016-03-12 10:23 - 00000000 ___RD C:\Users\Vanessa Musso\Desktop\Backup Flor S.A 07 02 16
2016-07-07 08:54 - 2015-04-30 00:32 - 00042113 _____ C:\Users\Vanessa Musso\Desktop\Sem título 1.ods
2016-07-07 08:41 - 2016-05-15 20:53 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\RECEITAS DO AOKI
2016-07-07 08:41 - 2016-03-29 00:23 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Invest
2016-07-04 09:46 - 2014-11-03 12:01 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\Packages
2016-06-30 17:51 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-30 12:09 - 2015-04-30 17:44 - 00000000 ____D C:\Users\Todos os Usuários\Corel
2016-06-30 12:09 - 2015-04-30 17:44 - 00000000 ____D C:\ProgramData\Corel
2016-06-29 17:38 - 2016-03-05 19:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-29 17:38 - 2016-03-05 19:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-29 17:20 - 2016-01-22 13:39 - 00000000 ____D C:\Users\Todos os Usuários\CorelDRAW Graphics Suite X7 x64
2016-06-29 17:20 - 2016-01-22 13:39 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7 x64
2016-06-29 12:48 - 2014-11-30 10:52 - 00265216 ___SH C:\Users\Vanessa Musso\Downloads\Thumbs.db
2016-06-29 09:34 - 2015-09-10 21:28 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\ElevatedDiagnostics
2016-06-28 12:29 - 2016-03-05 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-27 16:40 - 2015-01-20 13:14 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\pgto internet
2016-06-22 19:04 - 2016-05-08 15:21 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Nova pasta (6)
2016-06-22 19:04 - 2014-12-17 20:04 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Fotos Maquina 17 12 14
2016-06-22 19:01 - 2015-10-17 18:31 - 00000000 ____D C:\AdwCleaner
2016-06-22 10:55 - 2015-10-17 19:13 - 00073628 _____ C:\Users\Vanessa Musso\Downloads\FRST.txt
2016-06-21 15:44 - 2016-06-05 15:31 - 00001894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2016-06-21 15:44 - 2016-06-05 15:29 - 00001876 _____ C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk
2016-06-21 12:36 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\rescache
2016-06-21 10:16 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-21 08:27 - 2014-12-10 16:53 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-21 08:27 - 2013-08-22 12:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-06-20 14:29 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-20 14:21 - 2012-07-26 04:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-20 13:52 - 2014-11-04 13:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-20 13:40 - 2014-11-04 13:00 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-16 23:58 - 2013-08-22 10:25 - 00000167 _____ C:\WINDOWS\win.ini

==================== Arquivos na raiz de alguns diretórios =======

2015-04-28 09:58 - 2015-04-28 09:58 - 0016726 _____ () C:\Users\Vanessa Musso\AppData\Roaming\unins000.dat
2015-01-31 12:40 - 2015-12-04 21:40 - 0022528 _____ () C:\Users\Vanessa Musso\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-03 10:42 - 2016-04-03 10:42 - 0000000 _____ () C:\Users\Vanessa Musso\AppData\Local\{3AC4BAFF-A0AF-4304-A5EB-40899DCEAD3F}
2014-11-08 15:29 - 2014-11-08 15:29 - 0000011 _____ () C:\ProgramData\.tv7

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-07-03 11:55

==================== Fim de FRST.txt ============================

Opa esse aí é o addition

 

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 10-07-2016 01
Executado por Vanessa Musso (2016-07-11 21:31:01)
Executando a partir de C:\Users\Vanessa Musso\Desktop\Limpeza
Windows 8.1 Single Language (Update) (X64) (2014-11-09 02:37:03)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-106726862-4054988722-2312773982-500 - Administrator - Disabled)
Convidado (S-1-5-21-106726862-4054988722-2312773982-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-106726862-4054988722-2312773982-1009 - Limited - Enabled)
Vanessa Musso (S-1-5-21-106726862-4054988722-2312773982-1001 - Administrator - Enabled) => C:\Users\Vanessa Musso

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)
CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
doPDF (Version: 8.1.920 - Softland) Hidden
doPDF 8 (HKLM-x32\...\{7ced5c6b-4b09-4bd7-8707-b3cce8eead22}) (Version: 8.1.920 - Softland)
EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version:  - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.10.5.13_WHQL (HKLM\...\Elantech) (Version: 11.10.5.13 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Floriculturas Manager (HKLM-x32\...\ST6UNST #1) (Version:  - )
Galeria de Fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - )
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
K-Lite Codec Pack 9.8.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.8.0 - )
MakeMoney 10! (HKLM-x32\...\{9E35D32B-00B8-4EC8-A086-565FF4784182}) (Version: 10.0.99 - Starta - Empreendedorismo e Inovação)
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MergeModule_x64 (Version: 9.1.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.1.00 - Sony Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
MySQL Server 5.7 (HKLM\...\{2B08DE80-EE6F-489E-88CA-100046FB9763}) (Version: 5.7.11 - Oracle Corporation)
novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{17BD99A4-9C11-47D4-91AF-8814DD3FFCC2}) (Version: 8.1.920 - Softland)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{B6E0BB99-B532-4EC1-9D84-ACC8CED590B3}) (Version: 8.1.920 - Softland)
novaPDF 8 Printer Driver (HKLM\...\{3A1637B5-233D-47B1-B89F-EBF718C04CFD}) (Version: 8.1.920 - Softland)
OpenOffice 4.1.1 (HKLM-x32\...\{503D2C42-D698-43BC-97FE-3610F4E8CDDC}) (Version: 4.11.9775 - Apache Software Foundation)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Plano de Negócio (HKLM-x32\...\{D233EC4A-EF4B-4CCA-AE37-7994A3E1A483}) (Version: 2.0.4 - SEBRAE)
PlayMemories Home (HKLM-x32\...\{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}) (Version: 4.1.00.12152 - Sony Corporation)
PMB_ModeEditor (x32 Version: 9.1.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 9.1.00 - Sony Corporation) Hidden
RealDownloader (x32 Version: 18.1.4.137 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.4.142 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.4 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
TZWebChart Chrome Compat versão 1.0 (HKLM-x32\...\{11B4A1FB-2794-4E0E-B96D-8E8611FED667}_is1) (Version: 1.0 - Tradezone - IT Evolution)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden
Video Downloader (x32 Version: 1.1.0 - RealNetworks) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinZip (HKLM-x32\...\WinZip) (Version: 2.2.50 - Winzipper Pvt Ltd.) <==== ATENÇÃO
X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.6.8 - X Codec Pack team)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {07605517-216F-4533-B3BE-0770929D7530} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2016-05-13] (RealNetworks, Inc.)
Task: {0B8E4CF9-AA0D-4EFA-8AAC-05B6EB3CEA4E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-05] (Facebook Inc.)
Task: {22FB0059-9011-4FD2-A05B-E18116D1C309} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {28027D36-8669-4212-8F17-17B61823F339} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {5D2092CE-F1C0-475F-8F6D-DEA5CB98DDAB} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-05-13] ()
Task: {60366634-ADEB-4059-A94A-DBA7CD3148A4} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-106726862-4054988722-2312773982-1001 => C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-19] (Microsoft Corporation)
Task: {93E6214D-71BA-4939-93AD-AAD31B36D9C8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-05] (Facebook Inc.)
Task: {9ACE707B-7DC3-4A61-9E96-748D88414B93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {9FEAB704-BA7A-4BD5-A55A-30E0B61FF4F9} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {BB76340F-31BF-42DC-9519-5ED92BEF31C1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {C09037B4-EBA3-42DA-BF13-430CE02DB155} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
Task: {C4EE6676-AF5B-41B1-A69D-72E9D2056BC2} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {CA0FCC68-DAE3-4F5C-86B6-F8B69C1DF5CE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {CCD2161D-7951-434A-9932-B73EE712F199} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D6B1F080-3FDE-4F99-A20D-F0A664F81AD9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {F38542EF-3C29-4C8D-B1F4-7B4F47C401F5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {F68DD45D-F9F6-4978-9605-6EAF1BF1AD38} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2014-11-21] ()
Task: {F94D331E-5975-4488-A0DE-9659DE9C28F0} - System32\Tasks\{C854BB84-73CD-45B7-A5A8-775F01CBF0D0} => pcalua.exe -a C:\WINDOWS\st6unst.exe -c -n "C:\FloriculturasManager\ST6UNST.LOG"
Task: {FA06CE44-F3CB-4E26-BF71-DF94D2C6DFB7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-24] (AVAST Software)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core.job => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA.job => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\Download Codecs & Tools.lnk -> hxxp://www.codecs.com/ (Nenhum Arquivo)
Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\Talk about Codecs.lnk -> hxxp://codecs.com/forum (Nenhum Arquivo)
Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\X Codec Pack homepage.lnk -> hxxp://www.xpcodecpack.com/ (Nenhum Arquivo)

==================== Módulos Carregados (Whitelisted) ==============

2016-02-02 01:53 - 2016-02-02 01:53 - 39622144 _____ () C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
2016-02-02 01:55 - 2016-02-02 01:55 - 00333312 _____ () C:\Program Files\MySQL\MySQL Server 5.7\lib\plugin\keyring_file.dll
2014-11-21 19:06 - 2014-11-21 19:06 - 00137368 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2016-05-13 14:27 - 2016-05-13 14:27 - 00714992 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2015-07-24 22:03 - 2015-07-24 22:03 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-24 22:03 - 2015-07-24 22:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-08 18:56 - 2016-07-08 18:56 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16070803\algo.dll
2016-07-11 10:06 - 2016-07-11 10:06 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16071100\algo.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2014-07-18 11:01 - 2012-07-18 15:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-05-29 14:54 - 2016-05-29 14:54 - 00022800 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\mediautil.dll
2015-07-24 22:03 - 2015-07-24 22:03 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-05-13 14:20 - 2016-05-13 14:20 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2016-05-29 14:54 - 2016-05-29 14:54 - 00654608 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Lib\r1api.dll
2016-05-13 14:27 - 2016-05-13 14:27 - 00077552 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
2016-06-18 00:04 - 2016-06-15 06:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 00:04 - 2016-06-15 06:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-06-18 00:04 - 2016-06-15 06:15 - 17599640 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\caixa.gov.br -> imagem.caixa.gov.br

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 10:25 - 2016-07-06 20:48 - 00000035 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CB4F4E25-AEC5-4EE4-AF0B-9571994E14E4}] => (Allow) C:\Users\Vanessa Musso\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{11F2D4D9-66A2-479B-8AA7-000E4590FA68}] => (Allow) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A59307A3-2557-4618-9919-A89AE38311C7}] => (Allow) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9FC05A92-269A-4AD7-9BA5-28A1F136CE89}] => (Allow) LPort=1900
FirewallRules: [{D0C56131-F94E-4DD1-AF1B-B4510A7AA254}] => (Allow) LPort=2869
FirewallRules: [{DFBFD68D-60D3-469E-BF8B-64ADD45ECE5B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [TCP Query User{2C4E19D5-8DC5-4AAA-B73E-4B07E9164E07}C:\program files (x86)\philips\mediamanager\twonkymanager.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkymanager.exe
FirewallRules: [UDP Query User{F43064C2-8C9E-43C1-B9B5-0B64D56CC2EA}C:\program files (x86)\philips\mediamanager\twonkymanager.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkymanager.exe
FirewallRules: [TCP Query User{AF65F942-7007-4F6E-AACC-4A113F47A7CC}C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe
FirewallRules: [UDP Query User{3E40E999-D346-4459-8746-B5EC3BDA63EF}C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe
FirewallRules: [{5CA268D2-D2B6-454A-89CF-2F3A58409C57}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe
FirewallRules: [{46B9B203-B88C-4C0F-AC16-F483B79193E9}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe
FirewallRules: [{1D7C6D3C-F214-4722-BAF3-38927E786FF4}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{747D8045-E917-405D-9E0A-B93375B2051B}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{96C902B5-E584-4D82-B719-CA206A97C808}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{994FFEEC-8A20-4DF7-AFFF-633ECFC285D3}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{B6A6D811-8A79-424E-A00B-700CE239C4BC}] => (Allow) C:\Program Files (x86)\TVMOBiLi\bin\tvMobiliService.exe
FirewallRules: [{C3A08EBA-7D05-4DF4-B1D3-7CA8B8290A00}] => (Allow) LPort=8501
FirewallRules: [{A85E346C-7FB9-4CA0-A4C9-29F2E8DBD8CA}] => (Allow) LPort=8501
FirewallRules: [{EF1B2C42-BB87-42C2-B355-47BF1E43D134}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{A131DE02-FD8D-4592-BD20-5B103C9525A4}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{9269504F-7FDF-40FF-93EE-FC85CAB60F19}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
FirewallRules: [{10264800-7CE2-4624-A9DC-4EDC458F2F03}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{690FCEE5-ABC9-4BDA-90D8-488DBA3A6FD1}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{07013D7F-48AF-44A8-9206-C954F99A53CE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{CA735CAE-5CF9-4DE8-BDC6-F48B13C04153}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5345C1EE-BE85-4816-A6D9-66EBB45B2350}] => (Allow) C:\Users\Vanessa Musso\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{28621DB5-E1B4-4142-A66D-544E8313D8A6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1260428E-F5C7-42E0-BBB4-81C20351033E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{79CEFEEA-BC27-4313-BD60-A08170E68ED2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4FBBBD86-8A27-4D63-B733-567CED0CE851}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{29A9E71B-F313-4A42-B34F-C33494CBDA85}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{E359857F-8FC6-4726-9DC6-3AC9B3407C72}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4A9EF3A8-6CA3-4A07-A650-CD52A903ED64}] => (Allow) LPort=3306
FirewallRules: [{5E648112-03E2-4F91-B38E-AB5DEFB61D0F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C35AB92E-FCE3-4A8B-B10F-17BC2653F3AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{36BD014C-21DF-4947-8835-36B95FD7336C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{838145EF-3105-4B37-8CAE-6002B2E75BDA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{FA7EC0A9-2418-453C-8DDD-CB9077291ABF}C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [UDP Query User{5C8131F8-EC1C-405A-8D16-43469861E9FB}C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [{ED451CAE-1C5D-4EC4-87B2-235F6AFB68E8}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [TCP Query User{862C2861-322B-4DF4-BD46-FB6536199B21}C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{59AF6811-88AA-4543-8562-145816AD8879}C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe
FirewallRules: [{1C964E36-A8CA-4850-ACD9-3CDDB6B5BAB1}] => (Allow) LPort=1688
FirewallRules: [{BA44EAEF-63C0-4C2D-ACB4-4FC3063CFC6E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{616E1816-C1C9-4F83-B2EC-24A3FFCB624E}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{1D6B90E3-33D4-40EF-8F7C-8C461EC66EFA}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe

==================== Pontos de Restauração =========================

21-06-2016 23:53:30 JRT Pre-Junkware Removal
28-06-2016 11:15:42 Windows Update
03-07-2016 11:24:13 Chrome Cleanup Tool
06-07-2016 20:47:17 Restore Point Created by FRST

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: CDC Serial
Description: CDC Serial
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (07/11/2016 07:54:51 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Falha ao criar ponto de restauração (Processo = C:\WINDOWS\system32\svchost.exe -k netsvcs; Descrição = Windows Update; Erro = 0x81000101).

Error: (07/09/2016 08:17:29 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/08/2016 10:07:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SpfService64.exe, versão: 1.3.0.9090, carimbo de data/hora: 0x4e684dec
Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.18233, carimbo de data/hora: 0x56bb4ebb
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000003e8b6
ID do processo com falha: 0xb98
Hora de início do aplicativo com falha: 0xSpfService64.exe0
Caminho do aplicativo com falha: SpfService64.exe1
Caminho do módulo com falha: SpfService64.exe2
ID do Relatório: SpfService64.exe3
Nome completo do pacote com falha: SpfService64.exe4
ID do aplicativo relativo ao pacote com falha: SpfService64.exe5

Error: (07/08/2016 01:00:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SpfService64.exe, versão: 1.3.0.9090, carimbo de data/hora: 0x4e684dec
Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.18233, carimbo de data/hora: 0x56bb4ebb
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000003e8b6
ID do processo com falha: 0x880
Hora de início do aplicativo com falha: 0xSpfService64.exe0
Caminho do aplicativo com falha: SpfService64.exe1
Caminho do módulo com falha: SpfService64.exe2
ID do Relatório: SpfService64.exe3
Nome completo do pacote com falha: SpfService64.exe4
ID do aplicativo relativo ao pacote com falha: SpfService64.exe5

Error: (07/08/2016 12:54:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1". 
Assembly dependente rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (07/08/2016 09:49:55 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/07/2016 11:48:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vanessa)
Description: Falha na ativação do aplicativo Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (07/07/2016 11:40:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vanessa)
Description: Falha na ativação do aplicativo Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (07/07/2016 09:01:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: CorelPP.exe, versão: 17.1.0.572, carimbo de data/hora: 0x538e8a18
Nome do módulo com falha: corelpp.dll, versão: 17.1.0.572, carimbo de data/hora: 0x538e8d97
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000877fbc
ID do processo com falha: 0xa04
Hora de início do aplicativo com falha: 0xCorelPP.exe0
Caminho do aplicativo com falha: CorelPP.exe1
Caminho do módulo com falha: CorelPP.exe2
ID do Relatório: CorelPP.exe3
Nome completo do pacote com falha: CorelPP.exe4
ID do aplicativo relativo ao pacote com falha: CorelPP.exe5

Error: (07/07/2016 09:01:57 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplicativo: CorelPP.exe
Versão do Framework: v4.0.30319
Descrição: O processo foi terminado devido a uma exceção sem tratamento.
Informações da Exceção: código da exceção c0000005, endereço da exceção 00007FF83AA87FBC
Pilha:


Erros de Sistema:
=============
Error: (07/11/2016 12:00:18 PM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/11/2016 11:59:48 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/11/2016 11:34:54 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/11/2016 11:34:24 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/11/2016 11:26:23 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/11/2016 11:25:53 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/11/2016 10:40:03 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/11/2016 10:39:33 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/11/2016 09:11:53 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/11/2016 09:11:22 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


CodeIntegrity:
===================================
  Date: 2015-08-12 12:01:16.210
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Informações da Memória =========================== 

Processador: Intel(R) Celeron(R) CPU 1037U @ 1.80GHz
Percentagem de memória em uso: 57%
RAM física total: 3932.14 MB
RAM física disponível: 1673.13 MB
Virtual Total: 5788.14 MB
Virtual disponível: 2904.04 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:449.07 GB) (Free:131.75 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Fim de Addition.txt ============================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @jones awoki limas

 

Você moveu o FRST para a pasta Limpeza em seu Área de Trabalho (Desktop), porquê?

 

Executando a partir de C:\Users\Vanessa Musso\Desktop\Limpeza

 

Delete-o daí e baixe um novo em seu Desktop. Faça um novo log com o FRST, porém antes de clicar no botão Examinar, marque a opção Addition.

 

Anexe os logs.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa noite Brother,

 

Cara foi mal, limpei a área de trabalho aí fui criando subpastas para organizar. Bom está aí os logs.

 

Firmeza!

 

Valeu

 

Resultado do exame Adicional Farbar Recovery Scan Tool (x64) Versão: 10-07-2016 01
Executado por Vanessa Musso (2016-07-12 22:25:43)
Executando a partir de C:\Users\Vanessa Musso\Desktop
Windows 8.1 Single Language (Update) (X64) (2014-11-09 02:37:03)
Modo da Inicialização: Normal
==========================================================


==================== Contas: =============================

Administrador (S-1-5-21-106726862-4054988722-2312773982-500 - Administrator - Disabled)
Convidado (S-1-5-21-106726862-4054988722-2312773982-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-106726862-4054988722-2312773982-1009 - Limited - Enabled)
Vanessa Musso (S-1-5-21-106726862-4054988722-2312773982-1001 - Administrator - Enabled) => C:\Users\Vanessa Musso

==================== Central de Segurança ========================

(Se uma entrada for incluída na fixlist, será removida.)

AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Programas Instalados ======================

(Somente os programas adwares com a indicação "Oculto" podem ser adicionados à fixlist para desocultá-los. Os programas adwares devem ser desinstalados manualmente.)

µTorrent (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\uTorrent) (Version: 3.4.7.42330 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)
CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden
Corel Shell Extension - 64Bit (Version: 14.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - BR (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
doPDF (Version: 8.1.920 - Softland) Hidden
doPDF 8 (HKLM-x32\...\{7ced5c6b-4b09-4bd7-8707-b3cce8eead22}) (Version: 8.1.920 - Softland)
EPSON L355 Series Printer Uninstall (HKLM\...\EPSON L355 Series) (Version:  - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.10.5.13_WHQL (HKLM\...\Elantech) (Version: 11.10.5.13 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Floriculturas Manager (HKLM-x32\...\ST6UNST #1) (Version:  - )
Galeria de Fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
GBBD Caixa Economica Federal (HKLM-x32\...\{5d01f486-f32d-462e-8830-cc1d116e8ece}_is1) (Version: 3.12.0.2 - )
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
K-Lite Codec Pack 9.8.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.8.0 - )
MakeMoney 10! (HKLM-x32\...\{9E35D32B-00B8-4EC8-A086-565FF4784182}) (Version: 10.0.99 - Starta - Empreendedorismo e Inovação)
Malwarebytes Anti-Malware versão 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MergeModule_x64 (Version: 9.1.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.1.00 - Sony Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
MySQL Server 5.7 (HKLM\...\{2B08DE80-EE6F-489E-88CA-100046FB9763}) (Version: 5.7.11 - Oracle Corporation)
novaPDF 8 add-in for Microsoft Office (x64) (HKLM\...\{17BD99A4-9C11-47D4-91AF-8814DD3FFCC2}) (Version: 8.1.920 - Softland)
novaPDF 8 add-in for Microsoft Office (x86) (HKLM-x32\...\{B6E0BB99-B532-4EC1-9D84-ACC8CED590B3}) (Version: 8.1.920 - Softland)
novaPDF 8 Printer Driver (HKLM\...\{3A1637B5-233D-47B1-B89F-EBF718C04CFD}) (Version: 8.1.920 - Softland)
OpenOffice 4.1.1 (HKLM-x32\...\{503D2C42-D698-43BC-97FE-3610F4E8CDDC}) (Version: 4.11.9775 - Apache Software Foundation)
Pacote de Idiomas do Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - Português (Brasil) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - PTB) (Version: 10.0.50903 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Plano de Negócio (HKLM-x32\...\{D233EC4A-EF4B-4CCA-AE37-7994A3E1A483}) (Version: 2.0.4 - SEBRAE)
PlayMemories Home (HKLM-x32\...\{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}) (Version: 4.1.00.12152 - Sony Corporation)
PMB_ModeEditor (x32 Version: 9.1.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 9.1.00 - Sony Corporation) Hidden
RealDownloader (x32 Version: 18.1.4.137 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.4.142 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.4 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0212 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revisores de Texto do Microsoft Office 2013 – Português do Brasil (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden
TZWebChart Chrome Compat versão 1.0 (HKLM-x32\...\{11B4A1FB-2794-4E0E-B96D-8E8611FED667}_is1) (Version: 1.0 - Tradezone - IT Evolution)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{2BA6245D-FBB9-42F6-AFD9-C0DC52763AD5}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
Update for Skype for Business 2015 (KB3115033) 64-Bit Edition (HKLM\...\{90150000-012B-0416-1000-0000000FF1CE}_Office15.PROPLUS_{F258B6E3-BF41-4FEE-BE45-D7518C3B7FC1}) (Version:  - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden
Video Downloader (x32 Version: 1.1.0 - RealNetworks) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinZip (HKLM-x32\...\WinZip) (Version: 2.2.50 - Winzipper Pvt Ltd.) <==== ATENÇÃO
X Codec Pack (HKLM\...\X Codec Pack) (Version: 2.6.8 - X Codec Pack team)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Exame Personalizado CLSID (Whitelisted): ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0007}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0007}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll (GAS Tecnologia)
CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-106726862-4054988722-2312773982-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)

==================== Tarefas Agendadas (Whitelisted) =============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

Task: {07605517-216F-4533-B3BE-0770929D7530} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2016-05-13] (RealNetworks, Inc.)
Task: {0B8E4CF9-AA0D-4EFA-8AAC-05B6EB3CEA4E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-05] (Facebook Inc.)
Task: {22FB0059-9011-4FD2-A05B-E18116D1C309} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {28027D36-8669-4212-8F17-17B61823F339} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {5D2092CE-F1C0-475F-8F6D-DEA5CB98DDAB} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-05-13] ()
Task: {60366634-ADEB-4059-A94A-DBA7CD3148A4} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-106726862-4054988722-2312773982-1001 => C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-19] (Microsoft Corporation)
Task: {93E6214D-71BA-4939-93AD-AAD31B36D9C8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-11-05] (Facebook Inc.)
Task: {9ACE707B-7DC3-4A61-9E96-748D88414B93} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {9FEAB704-BA7A-4BD5-A55A-30E0B61FF4F9} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {BB76340F-31BF-42DC-9519-5ED92BEF31C1} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {C09037B4-EBA3-42DA-BF13-430CE02DB155} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)
Task: {C4EE6676-AF5B-41B1-A69D-72E9D2056BC2} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-106726862-4054988722-2312773982-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {CA0FCC68-DAE3-4F5C-86B6-F8B69C1DF5CE} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {CCD2161D-7951-434A-9932-B73EE712F199} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {D6B1F080-3FDE-4F99-A20D-F0A664F81AD9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {F38542EF-3C29-4C8D-B1F4-7B4F47C401F5} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {F68DD45D-F9F6-4978-9605-6EAF1BF1AD38} - System32\Tasks\doPDF Update => C:\Program Files\Softland\novaPDF 8\Driver\UpdateApplication.exe [2014-11-21] ()
Task: {F94D331E-5975-4488-A0DE-9659DE9C28F0} - System32\Tasks\{C854BB84-73CD-45B7-A5A8-775F01CBF0D0} => pcalua.exe -a C:\WINDOWS\st6unst.exe -c -n "C:\FloriculturasManager\ST6UNST.LOG"
Task: {FA06CE44-F3CB-4E26-BF71-DF94D2C6DFB7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-24] (AVAST Software)

(Se uma entrada for incluída na fixlist, o arquivo da tarefa (.job) será movido. O arquivo que está sendo executado pela tarefa não será movido.)

Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core.job => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA.job => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Atalhos =============================

(As entradas podem ser listadas para serem restauradas ou removidas.)

Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\Download Codecs & Tools.lnk -> hxxp://www.codecs.com/ (Nenhum Arquivo)
Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\Talk about Codecs.lnk -> hxxp://codecs.com/forum (Nenhum Arquivo)
Shortcut: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\X Codec Pack 2.6.8\Useful links\X Codec Pack homepage.lnk -> hxxp://www.xpcodecpack.com/ (Nenhum Arquivo)

==================== Módulos Carregados (Whitelisted) ==============

2016-02-02 01:53 - 2016-02-02 01:53 - 39622144 _____ () C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
2016-02-02 01:55 - 2016-02-02 01:55 - 00333312 _____ () C:\Program Files\MySQL\MySQL Server 5.7\lib\plugin\keyring_file.dll
2014-11-21 19:06 - 2014-11-21 19:06 - 00137368 _____ () C:\Program Files\Softland\novaPDF 8\Server\AgileDotNetRT64.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2016-05-19 22:02 - 2016-05-19 22:02 - 00959168 _____ () C:\Users\Vanessa Musso\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-05-13 14:27 - 2016-05-13 14:27 - 00714992 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2015-07-24 22:03 - 2015-07-24 22:03 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-24 22:03 - 2015-07-24 22:03 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-07-08 18:56 - 2016-07-08 18:56 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16070803\algo.dll
2016-07-11 21:49 - 2016-07-11 21:49 - 02996736 _____ () C:\Program Files\AVAST Software\Avast\defs\16071101\algo.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2014-07-18 11:01 - 2012-07-18 15:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-05-29 14:54 - 2016-05-29 14:54 - 00022800 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\mediautil.dll
2015-07-24 22:03 - 2015-07-24 22:03 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-05-13 14:27 - 2016-05-13 14:27 - 00077552 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\dtvhooks.dll
2016-06-18 00:04 - 2016-06-15 06:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 00:04 - 2016-06-15 06:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-05-13 14:20 - 2016-05-13 14:20 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2016-05-29 14:54 - 2016-05-29 14:54 - 00654608 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Lib\r1api.dll
2016-06-18 00:04 - 2016-06-15 06:15 - 17599640 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(Se uma entrada for incluída na fixlist, somente o ADS será removido.)

AlternateDataStreams: C:\Program Files (x86)\GbPlugin:IncompleteStartProcessProtection.cnt [10]

==================== Modo de Segurança (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O valor "AlternateShell" será restaurado.)


==================== Associação (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido.)


==================== Internet Explorer confiável/restrito ===============

(Se uma entrada for incluída na fixlist, será removida do Registro.)

IE trusted site: HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\caixa.gov.br -> hxxps://imagem.caixa.gov.br
IE trusted site: HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\caixa.gov.br -> imagem.caixa.gov.br

==================== Hosts Conteúdo: ===============================

(Se necessário, a diretiva Hosts: pode ser incluída na fixlist para redefinir o Hosts.)

2013-08-22 10:25 - 2016-07-06 20:48 - 00000035 ____N C:\WINDOWS\system32\Drivers\etc\hosts


==================== Outras Áreas ============================

(Atualmente não há nenhuma correção automática para esta seção.)

HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Firewall do Windows está habilitado.

==================== MSCONFIG/TASK MANAGER ítens desabilitados ==

(Atualmente não há nenhuma correção automática para esta seção.)


==================== Regras do Firewall (Whitelisted) ===============

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{CB4F4E25-AEC5-4EE4-AF0B-9571994E14E4}] => (Allow) C:\Users\Vanessa Musso\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{11F2D4D9-66A2-479B-8AA7-000E4590FA68}] => (Allow) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A59307A3-2557-4618-9919-A89AE38311C7}] => (Allow) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9FC05A92-269A-4AD7-9BA5-28A1F136CE89}] => (Allow) LPort=1900
FirewallRules: [{D0C56131-F94E-4DD1-AF1B-B4510A7AA254}] => (Allow) LPort=2869
FirewallRules: [{DFBFD68D-60D3-469E-BF8B-64ADD45ECE5B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [TCP Query User{2C4E19D5-8DC5-4AAA-B73E-4B07E9164E07}C:\program files (x86)\philips\mediamanager\twonkymanager.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkymanager.exe
FirewallRules: [UDP Query User{F43064C2-8C9E-43C1-B9B5-0B64D56CC2EA}C:\program files (x86)\philips\mediamanager\twonkymanager.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkymanager.exe
FirewallRules: [TCP Query User{AF65F942-7007-4F6E-AACC-4A113F47A7CC}C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe
FirewallRules: [UDP Query User{3E40E999-D346-4459-8746-B5EC3BDA63EF}C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe] => (Allow) C:\program files (x86)\philips\mediamanager\twonkyrenderer.exe
FirewallRules: [{5CA268D2-D2B6-454A-89CF-2F3A58409C57}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe
FirewallRules: [{46B9B203-B88C-4C0F-AC16-F483B79193E9}] => (Allow) C:\Level Up! Games\Combat Arms\NMService.exe
FirewallRules: [{1D7C6D3C-F214-4722-BAF3-38927E786FF4}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{747D8045-E917-405D-9E0A-B93375B2051B}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{96C902B5-E584-4D82-B719-CA206A97C808}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{994FFEEC-8A20-4DF7-AFFF-633ECFC285D3}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{B6A6D811-8A79-424E-A00B-700CE239C4BC}] => (Allow) C:\Program Files (x86)\TVMOBiLi\bin\tvMobiliService.exe
FirewallRules: [{C3A08EBA-7D05-4DF4-B1D3-7CA8B8290A00}] => (Allow) LPort=8501
FirewallRules: [{A85E346C-7FB9-4CA0-A4C9-29F2E8DBD8CA}] => (Allow) LPort=8501
FirewallRules: [{EF1B2C42-BB87-42C2-B355-47BF1E43D134}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{A131DE02-FD8D-4592-BD20-5B103C9525A4}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{9269504F-7FDF-40FF-93EE-FC85CAB60F19}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
FirewallRules: [{10264800-7CE2-4624-A9DC-4EDC458F2F03}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{690FCEE5-ABC9-4BDA-90D8-488DBA3A6FD1}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{07013D7F-48AF-44A8-9206-C954F99A53CE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{CA735CAE-5CF9-4DE8-BDC6-F48B13C04153}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5345C1EE-BE85-4816-A6D9-66EBB45B2350}] => (Allow) C:\Users\Vanessa Musso\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{28621DB5-E1B4-4142-A66D-544E8313D8A6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{1260428E-F5C7-42E0-BBB4-81C20351033E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{79CEFEEA-BC27-4313-BD60-A08170E68ED2}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4FBBBD86-8A27-4D63-B733-567CED0CE851}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{29A9E71B-F313-4A42-B34F-C33494CBDA85}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{E359857F-8FC6-4726-9DC6-3AC9B3407C72}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{4A9EF3A8-6CA3-4A07-A650-CD52A903ED64}] => (Allow) LPort=3306
FirewallRules: [{5E648112-03E2-4F91-B38E-AB5DEFB61D0F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{C35AB92E-FCE3-4A8B-B10F-17BC2653F3AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{36BD014C-21DF-4947-8835-36B95FD7336C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{838145EF-3105-4B37-8CAE-6002B2E75BDA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{FA7EC0A9-2418-453C-8DDD-CB9077291ABF}C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [UDP Query User{5C8131F8-EC1C-405A-8D16-43469861E9FB}C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe] => (Block) C:\users\vanessa musso\appdata\local\apps\2.0\h6gah8o3.ggl\jtqr8qqt.znz\leve..tion_277729edc54ae6cf_0000.0009_72b16b832aba9f33\tools\aria2-1.16.3-win-32bit-build1\aria2c.exe
FirewallRules: [{ED451CAE-1C5D-4EC4-87B2-235F6AFB68E8}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [TCP Query User{862C2861-322B-4DF4-BD46-FB6536199B21}C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{59AF6811-88AA-4543-8562-145816AD8879}C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vanessa musso\appdata\local\akamai\netsession_win.exe
FirewallRules: [{1C964E36-A8CA-4850-ACD9-3CDDB6B5BAB1}] => (Allow) LPort=1688
FirewallRules: [{BA44EAEF-63C0-4C2D-ACB4-4FC3063CFC6E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{616E1816-C1C9-4F83-B2EC-24A3FFCB624E}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelDrw.exe
FirewallRules: [{1D6B90E3-33D4-40EF-8F7C-8C461EC66EFA}] => (Block) c:\Program Files\Corel\CorelDRAW Graphics Suite X7\Programs64\CorelPP.exe

==================== Pontos de Restauração =========================

21-06-2016 23:53:30 JRT Pre-Junkware Removal
28-06-2016 11:15:42 Windows Update
03-07-2016 11:24:13 Chrome Cleanup Tool
06-07-2016 20:47:17 Restore Point Created by FRST

==================== Dispositivos Apresentando Falhas No Gerenciador =============

Name: CDC Serial
Description: CDC Serial
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Erros no Log de eventos: =========================

Erros em Aplicativos:
==================
Error: (07/12/2016 10:22:36 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: O programa FRST64 (1).exe versão 21.6.2016.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações.

ID do Processo: 1514

Hora de Início: 01d1dca4f9f6fcf9

Hora de Término: 15

Caminho do Aplicativo: C:\Users\Vanessa Musso\Downloads\FRST64 (1).exe

ID do Relatório: 43307365-4898-11e6-bedb-00e04d687d4a

Nome completo do pacote com falha: 

ID do aplicativo relativo ao pacote com falha:

Error: (07/11/2016 07:54:51 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Falha ao criar ponto de restauração (Processo = C:\WINDOWS\system32\svchost.exe -k netsvcs; Descrição = Windows Update; Erro = 0x81000101).

Error: (07/09/2016 08:17:29 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/08/2016 10:07:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SpfService64.exe, versão: 1.3.0.9090, carimbo de data/hora: 0x4e684dec
Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.18233, carimbo de data/hora: 0x56bb4ebb
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000003e8b6
ID do processo com falha: 0xb98
Hora de início do aplicativo com falha: 0xSpfService64.exe0
Caminho do aplicativo com falha: SpfService64.exe1
Caminho do módulo com falha: SpfService64.exe2
ID do Relatório: SpfService64.exe3
Nome completo do pacote com falha: SpfService64.exe4
ID do aplicativo relativo ao pacote com falha: SpfService64.exe5

Error: (07/08/2016 01:00:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: SpfService64.exe, versão: 1.3.0.9090, carimbo de data/hora: 0x4e684dec
Nome do módulo com falha: ntdll.dll, versão: 6.3.9600.18233, carimbo de data/hora: 0x56bb4ebb
Código de exceção: 0xc0000005
Deslocamento da falha: 0x000000000003e8b6
ID do processo com falha: 0x880
Hora de início do aplicativo com falha: 0xSpfService64.exe0
Caminho do aplicativo com falha: SpfService64.exe1
Caminho do módulo com falha: SpfService64.exe2
ID do Relatório: SpfService64.exe3
Nome completo do pacote com falha: SpfService64.exe4
ID do aplicativo relativo ao pacote com falha: SpfService64.exe5

Error: (07/08/2016 12:54:56 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Falha na geração de contexto de ativação para "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1". 
Assembly dependente rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" não pôde ser localizado.
Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

Error: (07/08/2016 09:49:55 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005

Error: (07/07/2016 11:48:00 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vanessa)
Description: Falha na ativação do aplicativo Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (07/07/2016 11:40:29 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: vanessa)
Description: Falha na ativação do aplicativo Microsoft.Reader_8wekyb3d8bbwe!Microsoft.Reader com o erro: -2144927141. Veja o log Microsoft-Windows-TWinUI/Operational para obter informações adicionais.

Error: (07/07/2016 09:01:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Nome do aplicativo com falha: CorelPP.exe, versão: 17.1.0.572, carimbo de data/hora: 0x538e8a18
Nome do módulo com falha: corelpp.dll, versão: 17.1.0.572, carimbo de data/hora: 0x538e8d97
Código de exceção: 0xc0000005
Deslocamento da falha: 0x0000000000877fbc
ID do processo com falha: 0xa04
Hora de início do aplicativo com falha: 0xCorelPP.exe0
Caminho do aplicativo com falha: CorelPP.exe1
Caminho do módulo com falha: CorelPP.exe2
ID do Relatório: CorelPP.exe3
Nome completo do pacote com falha: CorelPP.exe4
ID do aplicativo relativo ao pacote com falha: CorelPP.exe5


Erros de Sistema:
=============
Error: (07/12/2016 07:56:27 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/12/2016 07:55:56 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/11/2016 12:00:18 PM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/11/2016 11:59:48 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/11/2016 11:34:54 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/11/2016 11:34:24 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/11/2016 11:26:23 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/11/2016 11:25:53 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/11/2016 10:40:03 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/11/2016 10:39:33 AM) (Source: DCOM) (EventID: 10010) (User: vanessa)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


CodeIntegrity:
===================================
  Date: 2015-08-12 12:01:16.210
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Informações da Memória =========================== 

Processador: Intel(R) Celeron(R) CPU 1037U @ 1.80GHz
Percentagem de memória em uso: 59%
RAM física total: 3932.14 MB
RAM física disponível: 1604.92 MB
Virtual Total: 5788.14 MB
Virtual disponível: 2790.95 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:449.07 GB) (Free:131.75 GB) NTFS

==================== MBR & Tabela de Partições ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Fim de Addition.txt ============================

 

Resultado do exame da Farbar Recovery Scan Tool (FRST) (x64) Versão: 10-07-2016 01
Executado por Vanessa Musso (administrador) em VANESSA (12-07-2016 22:23:00)
Executando a partir de C:\Users\Vanessa Musso\Desktop
Perfis Carregados: Vanessa Musso (Perfis Disponíveis: Vanessa Musso)
Platform: Windows 8.1 Single Language (Update) (X64) Idioma: Português (Brasil)
Internet Explorer Versão 11 (Navegador padrão: Chrome)
Modo da Inicialização: Normal
Tutorial da Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processos (Whitelisted) =================

(Se uma entrada for incluída na fixlist, o processo será fechado. O arquivo não será movido.)

(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe
(Microsoft) C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\GbpSv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(BitTorrent Inc.) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(BitTorrent Inc.) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(Akamai Technologies, Inc.) C:\Users\Vanessa Musso\AppData\Local\Akamai\netsession_win.exe
(BitTorrent Inc.) C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\updates\3.4.7_42330\utorrentie.exe
(Akamai Technologies, Inc.) C:\Users\Vanessa Musso\AppData\Local\Akamai\netsession_win.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Autodesk, Inc.) C:\Autodesk\Autodesk_PRDSU_2016_TRIAL_PTB_Win_64bit_wi_pt-br\x64\PrdsTrialTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registro (Whitelisted) ===========================

(Se uma entrada for incluída na fixlist, o ítem no Registro será restaurado para o padrão ou removido. O arquivo não será movido.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2013-04-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-15] (AVAST Software)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2728472 2014-12-15] (Sony Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [293768 2016-05-29] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-05-13] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
Winlogon\Notify\ GbPluginCef: C:\Program Files (x86)\GbPlugin\gbiehCef.dll [2015-09-22] (Caixa Economica Federal)
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [uTorrent] => C:\Users\Vanessa Musso\AppData\Roaming\uTorrent\uTorrent.exe [2133504 2016-05-13] (BitTorrent Inc.)
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [Facebook Update] => C:\Users\Vanessa Musso\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-11-05] (Facebook Inc.)
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Vanessa Musso\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\...\RunOnce: [Uninstall C:\Users\Vanessa Musso\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Vanessa Musso\AppData\Local\Microsoft\SkyDrive\17.3.1229.0918"
ShellExecuteHooks:  - {98C066AB-D735-4339-9E52-A34875141B56} -  Nenhum Arquivo [ ]
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll [1888480 2015-09-22] (Caixa Economica Federal)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX64.dll Nenhum Arquivo
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-24] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Vanessa Musso\AppData\Local\MEGAsync\ShellExtX32.dll Nenhum Arquivo
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-07-08]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Autodesk Product Design Suite 2016 Trial Tray.lnk [2016-07-08]
ShortcutTarget: Autodesk Product Design Suite 2016 Trial Tray.lnk -> C:\Autodesk\Autodesk_PRDSU_2016_TRIAL_PTB_Win_64bit_wi_pt-br\x64\PrdsTrialTray.exe (Autodesk, Inc.)

==================== Internet (Whitelisted) ====================

(Se um ítem for incluído na fixlist, sendo um ítem do Registro, será removido ou restaurado para o padrão.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{79691668-B4C3-442D-9421-47D5F024C0C1}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A052614E-CB9A-402A-9C82-788A064AE21D}: [DhcpNameServer] 192.168.1.1
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-106726862-4054988722-2312773982-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13] (RealDownloader)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-24] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-05] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-24] (AVAST Software)
BHO-x32: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540003} -> C:\Program Files (x86)\GbPlugin\gbiehcef.dll [2015-09-22] (Caixa Economica Federal)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-05] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-05-29] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-05-29] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-106726862-4054988722-2312773982-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Vanessa Musso\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-106726862-4054988722-2312773982-1001: gastecnologia.com.br/sf/cef -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef.dll [2014-12-09] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-106726862-4054988722-2312773982-1001: gastecnologia.com.br/sf/cef64 -> C:\Users\Vanessa Musso\AppData\Local\GAS Tecnologia\GBBD\npsf_cef_64.dll [2014-12-09] (GAS Tecnologia)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-11]

Chrome: 
=======
CHR HomePage: ChromeDefaultData2 -> hxxp://www.nuesearch.com/?type=hp&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX
CHR StartupUrls: ChromeDefaultData2 -> "hxxp://www.nuesearch.com/?type=hp&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX"
CHR DefaultSearchURL: ChromeDefaultData2 -> hxxp://www.nuesearch.com/search/?type=ds&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX&q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData2 -> nuesearch
CHR Profile: C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2
CHR Extension: (Google Apresentações) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Docs) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Avast SafePrice) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-01-28]
CHR Extension: (Planilhas do Google) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Documentos Google off-line) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Avast Online Security) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-06-05]
CHR Extension: (MailTrack para Gmail) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb [2016-07-07]
CHR Extension: (TZWebChartWindow) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmdhbmdklokcmpmcegmbfehjencmbeab [2016-03-05]
CHR Extension: (Pagamentos da Chrome Web Store) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-02]
CHR Extension: (Gmail) - C:\Users\Vanessa Musso\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-24]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-24]

==================== Serviços (Whitelisted) ========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-24] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-24] (Avast Software)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\GbpSv.exe [593120 2015-09-22] (GAS Tecnologia)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2013-04-08] (Realsil Microelectronics Inc.) [Arquivo não assinado]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-09-17] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-09-17] (Intel Corporation)
R2 MySQL57; C:\Program Files\MySQL\MySQL Server 5.7\bin\mysqld.exe [39622144 2016-02-02] () [Arquivo não assinado]
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Arquivo não assinado]
R2 NovaPdfServer; C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe [35616 2014-11-21] (Microsoft)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [487960 2014-12-15] (Sony Corporation)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Arquivo não assinado]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-05-13] ()
R2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095440 2016-05-29] (RealNetworks, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-24] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-24] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-24] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-24] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-24] (AVAST Software)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 GBPRCM; C:\Program Files (x86)\GbPlugin\gbprcm64.sys [29912 2015-09-03] (GAS Tecnologia)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-24] (AVAST Software)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-24] (Avast Software)
R3 Warsaw_PP; C:\Program Files (x86)\GbPlugin\wsftprp64.sys [24792 2015-09-03] (GAS Tecnologia LTDA)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(Se uma entrada for incluída na fixlist, será removida do Registro. O arquivo não será movido, a menos que seja colocado separadamente.)


==================== Um Mês Criados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-12 22:23 - 2016-07-12 22:24 - 00023648 _____ C:\Users\Vanessa Musso\Desktop\FRST.txt
2016-07-12 01:49 - 2016-07-12 01:49 - 00085856 _____ C:\WINDOWS\SysWOW64\rsslogs.20160712014808
2016-07-11 22:08 - 2016-07-11 22:08 - 00012279 _____ C:\Users\Vanessa Musso\Downloads\Agroflores 12 07 16.xlsx
2016-07-11 21:53 - 2016-07-11 22:06 - 00012306 _____ C:\Users\Vanessa Musso\Desktop\Agroflores 12 07 16.xlsx
2016-07-11 07:55 - 2016-07-12 01:49 - 00477813 _____ C:\WINDOWS\SysWOW64\rsslogs.20160711075451
2016-07-10 00:12 - 2016-07-11 07:55 - 00053111 _____ C:\WINDOWS\SysWOW64\rsslogs.20160710001113
2016-07-09 21:08 - 2016-07-09 21:11 - 00021655 _____ C:\Users\Vanessa Musso\Desktop\silvas (Salvo automaticamente).xlsx
2016-07-09 20:19 - 2016-07-10 00:12 - 00059894 _____ C:\WINDOWS\SysWOW64\rsslogs.20160709201840
2016-07-09 17:02 - 2016-07-09 20:18 - 00019220 _____ C:\WINDOWS\SysWOW64\rsslogs.20160709013126
2016-07-08 22:05 - 2016-07-09 17:02 - 00030500 _____ C:\WINDOWS\SysWOW64\rsslogs.20160708220436
2016-07-08 21:30 - 2016-07-08 21:32 - 02309816 _____ C:\Users\Vanessa Musso\Downloads\INSTALAR_DJMIXER5.zip
2016-07-08 09:45 - 2016-07-08 19:18 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-08 09:42 - 2016-07-08 12:54 - 00001115 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-07-08 09:42 - 2016-07-08 09:42 - 00000000 ____D C:\Users\Todos os Usuários\Malwarebytes
2016-07-08 09:42 - 2016-07-08 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-07-08 09:42 - 2016-07-08 09:42 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-07-08 09:42 - 2016-07-08 09:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-07-08 09:42 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-07-08 09:42 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-07-08 09:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-07-08 09:35 - 2016-07-08 09:38 - 22851472 _____ (Malwarebytes ) C:\Users\Vanessa Musso\Downloads\mbam-setup-2.2.1.1043.exe
2016-07-07 19:50 - 2016-07-07 20:15 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Fotos Merlo Artesanato
2016-07-07 11:47 - 2016-07-07 11:47 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52593140.html
2016-07-07 11:47 - 2016-07-07 11:47 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52540140.html
2016-07-07 11:47 - 2016-07-07 11:47 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52539890.html
2016-07-07 11:47 - 2016-07-07 11:47 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\WinZiper
2016-07-07 11:47 - 2016-07-07 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-07-07 11:46 - 2016-07-07 23:57 - 00000001 _____ C:\WINDOWS\SysWOW64\br.html
2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52487093.html
2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52486718.html
2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52482750.html
2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52482453.html
2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52475765.html
2016-07-07 11:46 - 2016-07-07 11:46 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52475515.html
2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52467750.html
2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52467265.html
2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52464250.html
2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52463921.html
2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\EN_52449343.html
2016-07-07 11:45 - 2016-07-07 11:45 - 00000058 _____ C:\WINDOWS\SysWOW64\br_52448000.html
2016-07-07 11:45 - 2016-07-07 11:45 - 00000000 ____D C:\WINDOWS\SysWOW64\_TSpm
2016-07-07 08:40 - 2016-07-12 22:22 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Limpeza
2016-07-06 20:44 - 2016-07-06 20:44 - 00003778 _____ C:\Users\Vanessa Musso\Downloads\fixlist (1).txt
2016-07-06 20:41 - 2016-07-06 20:41 - 00003778 _____ C:\Users\Vanessa Musso\Downloads\fixlist.txt
2016-07-04 10:37 - 2016-07-11 21:27 - 02390528 _____ (Farbar) C:\Users\Vanessa Musso\Desktop\FRST64.exe
2016-07-04 09:31 - 2016-07-08 10:31 - 00020541 _____ C:\Users\Vanessa Musso\Downloads\silvas.xlsx
2016-06-30 13:45 - 2016-06-30 15:50 - 158908247 _____ C:\Users\Vanessa Musso\Desktop\Cópia_de_segurança_de_fotos limpas para catálogo.cdr
2016-06-30 11:58 - 2016-07-08 09:38 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Fotos Artesanato Nova Vida
2016-06-29 19:26 - 2016-06-29 19:26 - 00494664 _____ C:\Users\Vanessa Musso\Downloads\Tabela de Preços Albano 05-16 (1).pdf
2016-06-29 18:33 - 2016-06-29 18:33 - 00000000 ____D C:\Program Files (x86)\k4um3yr7
2016-06-29 17:48 - 2016-06-29 17:48 - 00000270 _____ C:\Users\Vanessa Musso\Desktop\CorelDRAW Graphics Suite X7.txt
2016-06-29 17:30 - 2016-07-08 12:54 - 00003055 _____ C:\Users\Public\Desktop\Corel PHOTO-PAINT X7 (64-Bit).lnk
2016-06-29 17:30 - 2016-07-08 12:54 - 00003007 _____ C:\Users\Public\Desktop\CorelDRAW X7 (64-Bit).lnk
2016-06-29 17:30 - 2016-06-29 17:30 - 00000000 ____D C:\Program Files (x86)\gs
2016-06-29 17:26 - 2016-06-29 17:26 - 00000000 ____D C:\Users\Public\Documents\Corel
2016-06-29 17:25 - 2016-06-29 17:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)
2016-06-29 17:23 - 2016-06-29 17:24 - 00000000 ____D C:\Program Files\Corel
2016-06-29 12:47 - 2016-06-29 12:47 - 00203080 _____ C:\Users\Vanessa Musso\Downloads\IMG-20160629-WA0001.jpg.jpeg
2016-06-29 12:47 - 2016-06-29 12:47 - 00124681 _____ C:\Users\Vanessa Musso\Downloads\IMG-20160629-WA0000.jpg.jpeg
2016-06-29 12:33 - 2016-06-29 12:33 - 00000000 ____D C:\Program Files (x86)\opv0a6y9
2016-06-29 10:55 - 2016-06-29 10:56 - 00999424 _____ C:\Users\Vanessa Musso\Downloads\GMA.plnx
2016-06-29 10:55 - 2016-06-29 10:56 - 00999424 _____ C:\Users\Vanessa Musso\Downloads\GMA.Bak
2016-06-29 10:53 - 2016-06-29 10:53 - 00880640 _____ C:\Users\Vanessa Musso\Downloads\CDProtection.plnx
2016-06-29 10:53 - 2016-06-29 10:53 - 00880640 _____ C:\Users\Vanessa Musso\Downloads\CDProtection.Bak
2016-06-29 10:39 - 2016-06-29 10:39 - 00528384 _____ C:\Users\Vanessa Musso\Downloads\CiaDoCao.plnx
2016-06-29 10:39 - 2016-06-29 10:39 - 00528384 _____ C:\Users\Vanessa Musso\Downloads\CiaDoCao.Bak
2016-06-29 10:33 - 2016-06-29 10:33 - 00000000 ____D C:\Program Files (x86)\oqk8ovam
2016-06-29 10:08 - 2016-06-29 10:09 - 00000000 ____D C:\Program Files (x86)\iicbxnka
2016-06-29 09:38 - 2016-06-29 09:41 - 06230532 _____ (Softland) C:\Users\Vanessa Musso\Downloads\dopdf-full.exe
2016-06-29 09:09 - 2016-07-08 12:56 - 00000000 ____D C:\Program Files (x86)\WinZipper
2016-06-29 09:09 - 2016-06-29 09:09 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\eCyber
2016-06-29 09:08 - 2016-06-29 09:08 - 00000000 ____D C:\Program Files (x86)\TXQQBrowser
2016-06-29 09:08 - 2016-06-29 09:08 - 00000000 ____D C:\Program Files (x86)\t10rur95
2016-06-28 17:20 - 2016-06-28 17:20 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Nova pasta (7)
2016-06-28 17:19 - 2016-06-28 17:20 - 00002359 _____ C:\Users\Vanessa Musso\Downloads\Outlook.com (1).zip
2016-06-22 19:14 - 2016-06-22 19:14 - 00099596 _____ C:\Users\Vanessa Musso\Downloads\RE BUBA=REPRESENTANTE (Anexos).zip
2016-06-22 19:08 - 2016-06-22 19:08 - 00000000 ____D C:\Users\Vanessa Musso\.cache
2016-06-22 10:49 - 2016-06-22 10:50 - 02387456 _____ (Farbar) C:\Users\Vanessa Musso\Downloads\FRST64 (1).exe
2016-06-22 10:48 - 2016-06-22 10:49 - 01738240 _____ (Farbar) C:\Users\Vanessa Musso\Downloads\FRST.exe
2016-06-22 00:53 - 2016-06-22 01:43 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\ZHP
2016-06-22 00:50 - 2016-06-22 00:52 - 02272256 _____ C:\Users\Vanessa Musso\Downloads\ZHPCleaner.exe
2016-06-21 23:47 - 2016-06-21 23:48 - 01610816 _____ (Malwarebytes) C:\Users\Vanessa Musso\Downloads\JRT (2).exe
2016-06-21 23:29 - 2016-06-21 23:30 - 01610816 _____ (Malwarebytes) C:\Users\Vanessa Musso\Downloads\JRT (1).exe
2016-06-21 22:52 - 2016-07-09 20:18 - 00000000 ____D C:\Users\Vanessa Musso\AppData\LocalLow\uTorrent
2016-06-21 22:52 - 2016-07-08 12:53 - 00002310 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-21 22:52 - 2016-07-08 12:52 - 00002280 _____ C:\Users\Vanessa Musso\Desktop\Google Chrome.lnk
2016-06-21 20:55 - 2016-06-21 20:55 - 03703360 _____ C:\Users\Vanessa Musso\Downloads\adwcleaner_5.200.exe
2016-06-21 20:32 - 2016-07-08 12:52 - 00002967 _____ C:\Users\Vanessa Musso\Desktop\MakeMoney 10!.lnk
2016-06-21 20:32 - 2016-06-21 20:32 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MakeMoney 10!
2016-06-21 20:32 - 2016-06-21 20:32 - 00000000 ____D C:\Program Files (x86)\MakeMoney 10!
2016-06-21 20:17 - 2016-06-21 20:27 - 29121536 _____ C:\Users\Vanessa Musso\Downloads\Instala.exe
2016-06-21 16:13 - 2016-07-08 12:52 - 00001247 _____ C:\Users\Vanessa Musso\Desktop\Continue Last version Installation.lnk
2016-06-21 15:46 - 2016-06-21 15:46 - 00000000 ____D C:\Users\Public\Documents\Tools
2016-06-21 15:45 - 2016-06-21 22:51 - 00000000 ____D C:\Program Files (x86)\mpck
2016-06-21 15:30 - 2016-06-21 15:30 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\NanoNet
2016-06-21 11:50 - 2016-06-21 11:50 - 00494664 _____ C:\Users\Vanessa Musso\Downloads\Tabela de Preços Albano 05-16.pdf
2016-06-21 08:35 - 2016-06-14 14:13 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-21 08:35 - 2016-06-14 14:13 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-20 20:46 - 2016-07-07 21:07 - 01467447 _____ C:\Users\Vanessa Musso\Desktop\DISTRIBUIDORES E ATACADISTAS VEILING.xlsx
2016-06-20 14:05 - 2016-06-20 14:05 - 00003474 _____ C:\Users\Vanessa Musso\Downloads\comprovante (28).html
2016-06-20 11:43 - 2016-06-20 11:43 - 00142495 _____ C:\WINDOWS\2cdae02d91692a634545c5b4daa18a38.exe
2016-06-17 18:12 - 2016-06-20 20:37 - 00182042 _____ C:\Users\Vanessa Musso\Downloads\Prospecção Geral.xlsx
2016-06-15 23:32 - 2016-06-15 23:33 - 01216134 _____ C:\Users\Vanessa Musso\Downloads\Guia Prático de Criação de Galinhas - Valdir Rocha.pdf
2016-06-15 23:01 - 2016-06-03 14:11 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-06-15 23:01 - 2016-06-03 10:38 - 01413120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 23:01 - 2016-06-02 14:51 - 00050352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 23:01 - 2016-05-29 12:04 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 23:01 - 2016-05-29 12:04 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-06-15 23:01 - 2016-05-29 12:04 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 23:01 - 2016-05-29 12:04 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 23:01 - 2016-05-29 12:04 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-06-15 23:01 - 2016-05-29 12:04 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 23:01 - 2016-04-14 12:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-15 23:01 - 2016-04-14 12:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-06-15 23:01 - 2016-04-12 12:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 23:01 - 2016-04-12 12:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 23:01 - 2016-01-31 16:17 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2016-06-15 23:01 - 2016-01-31 15:07 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-06-15 23:01 - 2016-01-31 14:42 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-06-15 23:01 - 2016-01-31 14:14 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-06-15 22:52 - 2016-05-21 14:28 - 25802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 22:52 - 2016-05-21 13:57 - 20341248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 22:52 - 2016-05-20 19:02 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 22:52 - 2016-05-20 18:29 - 13815808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 22:52 - 2016-05-20 18:14 - 04610048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 22:52 - 2016-05-20 18:11 - 15420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 22:52 - 2016-05-20 17:46 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 22:52 - 2016-05-20 17:34 - 01544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 22:51 - 2016-05-20 19:09 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 22:51 - 2016-05-20 19:08 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 22:51 - 2016-05-20 18:57 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 22:51 - 2016-05-20 18:55 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-06-15 22:51 - 2016-05-20 18:54 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-06-15 22:51 - 2016-05-20 18:50 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 22:51 - 2016-05-20 18:44 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-06-15 22:51 - 2016-05-20 18:27 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-06-15 22:51 - 2016-05-20 18:25 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-06-15 22:51 - 2016-05-20 18:25 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-06-15 22:51 - 2016-05-20 18:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-06-15 22:51 - 2016-05-20 18:21 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-06-15 22:51 - 2016-05-20 18:19 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-06-15 22:51 - 2016-05-20 18:16 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-06-15 22:51 - 2016-05-20 18:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-06-15 22:51 - 2016-05-20 18:11 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-06-15 22:51 - 2016-05-20 18:09 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 22:51 - 2016-05-20 18:09 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-06-15 22:51 - 2016-05-20 18:08 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-06-15 22:51 - 2016-05-20 18:08 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 22:51 - 2016-05-20 18:06 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-06-15 22:51 - 2016-05-20 17:42 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 22:51 - 2016-05-20 17:38 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 22:51 - 2016-05-20 17:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-06-15 22:51 - 2016-05-20 17:23 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-06-15 22:31 - 2016-05-12 15:38 - 00135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 22:31 - 2016-05-12 14:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2016-06-15 22:31 - 2016-05-12 13:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 22:31 - 2016-05-12 13:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 22:31 - 2016-05-12 13:07 - 01360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 22:31 - 2016-05-12 12:59 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 22:31 - 2016-05-12 12:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 22:31 - 2016-05-12 12:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 22:30 - 2016-05-16 18:13 - 00563016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 22:30 - 2016-05-16 18:13 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 22:30 - 2016-05-16 18:13 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 22:30 - 2016-05-16 18:13 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 22:30 - 2016-05-14 17:01 - 00363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 22:30 - 2016-05-14 17:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 22:30 - 2016-05-13 20:09 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-06-15 22:30 - 2016-05-13 20:07 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 22:30 - 2016-05-13 20:07 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 22:30 - 2016-05-13 20:07 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 22:30 - 2016-05-13 20:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 22:30 - 2016-05-13 19:34 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-06-15 22:30 - 2016-05-13 18:58 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 22:30 - 2016-05-13 18:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-06-15 22:30 - 2016-05-13 18:45 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 22:30 - 2016-05-13 18:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 22:30 - 2016-05-13 18:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 22:30 - 2016-05-09 18:35 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-06-15 22:30 - 2016-05-09 17:56 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-06-15 22:30 - 2016-05-09 17:45 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 22:30 - 2016-05-09 17:23 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 22:30 - 2016-05-06 12:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 22:30 - 2016-05-06 12:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 22:25 - 2016-05-18 02:31 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 22:25 - 2016-05-18 02:31 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 22:25 - 2016-05-13 20:04 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 22:25 - 2016-05-13 19:19 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 22:00 - 2016-05-18 20:15 - 01379040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 21:59 - 2016-05-18 17:35 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll

==================== Um Mês Modificados arquivos e pastas ========

(Se uma entrada for incluída na fixlist, o arquivo/pasta será movido.)

2016-07-12 22:24 - 2015-04-29 23:59 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Flor SA
2016-07-12 22:24 - 2014-11-03 13:34 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Roaming\uTorrent
2016-07-12 22:23 - 2015-10-17 19:13 - 00000000 ____D C:\FRST
2016-07-12 22:01 - 2014-11-03 12:23 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-12 21:47 - 2014-11-08 23:44 - 00003970 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7D7F53BF-49ED-4B82-98E5-1E113D227D91}
2016-07-12 21:46 - 2014-11-05 20:41 - 00000976 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001UA.job
2016-07-12 21:46 - 2014-11-05 20:41 - 00000954 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-106726862-4054988722-2312773982-1001Core.job
2016-07-11 22:08 - 2014-11-03 12:01 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\Packages
2016-07-11 11:51 - 2014-09-24 11:04 - 01797166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-11 11:51 - 2014-09-24 10:19 - 00774900 _____ C:\WINDOWS\system32\prfh0416.dat
2016-07-11 11:51 - 2014-09-24 10:19 - 00158494 _____ C:\WINDOWS\system32\prfc0416.dat
2016-07-11 11:51 - 2013-08-22 10:36 - 00000000 ____D C:\WINDOWS\Inf
2016-07-11 08:21 - 2015-01-02 10:00 - 00000000 ____D C:\Users\Todos os Usuários\GbPlugin
2016-07-11 08:21 - 2015-01-02 10:00 - 00000000 ____D C:\ProgramData\GbPlugin
2016-07-11 08:08 - 2014-11-03 12:18 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-106726862-4054988722-2312773982-1001
2016-07-11 07:59 - 2016-02-07 18:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-07-11 07:58 - 2015-06-30 17:46 - 00000000 ____D C:\Users\Todos os Usuários\Microsoft Help
2016-07-09 20:17 - 2014-11-08 23:23 - 00000000 ____D C:\Users\Vanessa Musso
2016-07-09 20:17 - 2014-11-03 12:23 - 00001088 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-08 22:04 - 2015-01-02 10:00 - 00000000 ____D C:\Program Files (x86)\GbPlugin
2016-07-08 22:04 - 2013-08-22 11:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-08 18:55 - 2014-11-03 13:33 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-07-08 18:52 - 2013-08-22 11:44 - 00583488 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-08 12:56 - 2013-08-22 10:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-07-08 12:54 - 2015-05-01 13:22 - 00002637 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plano de Negócio.lnk
2016-07-08 12:54 - 2015-04-09 23:50 - 00001062 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2016-07-08 12:54 - 2015-01-02 09:36 - 00002025 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-07-08 12:54 - 2014-12-17 20:22 - 00002180 _____ C:\Users\Public\Desktop\PlayMemories Home.lnk
2016-07-08 12:54 - 2014-11-08 23:27 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-07-08 12:54 - 2014-07-17 16:34 - 00001381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-07-08 12:54 - 2014-07-17 16:34 - 00001312 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-07-08 12:53 - 2016-04-23 15:42 - 00002373 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-07-08 12:53 - 2014-11-08 23:23 - 00000469 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-07-08 12:53 - 2014-11-08 23:23 - 00000467 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-07-08 12:53 - 2014-11-03 13:35 - 00000846 _____ C:\Users\Vanessa Musso\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2016-07-08 12:52 - 2016-05-25 18:13 - 00001535 _____ C:\Users\Vanessa Musso\Desktop\Outlook.com - Atalho.lnk
2016-07-08 12:52 - 2015-11-29 20:55 - 00001700 _____ C:\Users\Vanessa Musso\Desktop\Backup-codes-joaoawoki - Atalho.lnk
2016-07-08 12:52 - 2014-12-11 12:07 - 00001194 _____ C:\Users\Vanessa Musso\Desktop\Continue Download &amp; Install Installation.lnk
2016-07-08 12:52 - 2014-11-03 13:35 - 00000866 _____ C:\Users\Vanessa Musso\Desktop\µTorrent.lnk
2016-07-07 23:58 - 2014-11-26 09:54 - 01517056 ___SH C:\Users\Vanessa Musso\Desktop\Thumbs.db
2016-07-07 09:22 - 2016-01-20 20:56 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Cursos; Cartilhas; Estudos; Manuais; certificados e diplomas
2016-07-07 09:21 - 2016-03-12 10:23 - 00000000 ___RD C:\Users\Vanessa Musso\Desktop\Backup Flor S.A 07 02 16
2016-07-07 08:54 - 2015-04-30 00:32 - 00042113 _____ C:\Users\Vanessa Musso\Desktop\Sem título 1.ods
2016-07-07 08:41 - 2016-05-15 20:53 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\RECEITAS DO AOKI
2016-07-07 08:41 - 2016-03-29 00:23 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Invest
2016-06-30 17:51 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-30 12:09 - 2015-04-30 17:44 - 00000000 ____D C:\Users\Todos os Usuários\Corel
2016-06-30 12:09 - 2015-04-30 17:44 - 00000000 ____D C:\ProgramData\Corel
2016-06-29 17:38 - 2016-03-05 19:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-29 17:38 - 2016-03-05 19:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-29 17:20 - 2016-01-22 13:39 - 00000000 ____D C:\Users\Todos os Usuários\CorelDRAW Graphics Suite X7 x64
2016-06-29 17:20 - 2016-01-22 13:39 - 00000000 ____D C:\ProgramData\CorelDRAW Graphics Suite X7 x64
2016-06-29 12:48 - 2014-11-30 10:52 - 00265216 ___SH C:\Users\Vanessa Musso\Downloads\Thumbs.db
2016-06-29 09:34 - 2015-09-10 21:28 - 00000000 ____D C:\Users\Vanessa Musso\AppData\Local\ElevatedDiagnostics
2016-06-28 12:29 - 2016-03-05 19:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-27 16:40 - 2015-01-20 13:14 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\pgto internet
2016-06-22 19:04 - 2016-05-08 15:21 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Nova pasta (6)
2016-06-22 19:04 - 2014-12-17 20:04 - 00000000 ____D C:\Users\Vanessa Musso\Desktop\Fotos Maquina 17 12 14
2016-06-22 19:01 - 2015-10-17 18:31 - 00000000 ____D C:\AdwCleaner
2016-06-22 10:55 - 2015-10-17 19:13 - 00073628 _____ C:\Users\Vanessa Musso\Downloads\FRST.txt
2016-06-21 15:44 - 2016-06-05 15:31 - 00001894 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk
2016-06-21 15:44 - 2016-06-05 15:29 - 00001876 _____ C:\Users\Public\Desktop\Gооglе Сhrоmе.lnk
2016-06-21 12:36 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\rescache
2016-06-21 10:16 - 2013-08-22 12:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-21 08:27 - 2014-12-10 16:53 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-21 08:27 - 2013-08-22 12:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-06-20 14:29 - 2013-08-22 12:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-20 14:21 - 2012-07-26 04:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-20 13:52 - 2014-11-04 13:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-20 13:40 - 2014-11-04 13:00 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-16 23:58 - 2013-08-22 10:25 - 00000167 _____ C:\WINDOWS\win.ini

==================== Arquivos na raiz de alguns diretórios =======

2015-04-28 09:58 - 2015-04-28 09:58 - 0016726 _____ () C:\Users\Vanessa Musso\AppData\Roaming\unins000.dat
2015-01-31 12:40 - 2015-12-04 21:40 - 0022528 _____ () C:\Users\Vanessa Musso\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-04-03 10:42 - 2016-04-03 10:42 - 0000000 _____ () C:\Users\Vanessa Musso\AppData\Local\{3AC4BAFF-A0AF-4304-A5EB-40899DCEAD3F}
2014-11-08 15:29 - 2014-11-08 15:29 - 0000011 _____ () C:\ProgramData\.tv7

==================== Bamital & volsnap =================

(Não há correção automática para arquivos que não passaram na verificação.)

C:\WINDOWS\system32\winlogon.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\wininit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\explorer.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\svchost.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\services.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\User32.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\userinit.exe => O arquivo é assinado digitalmente
C:\WINDOWS\system32\rpcss.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\SysWOW64\dnsapi.dll => O arquivo é assinado digitalmente
C:\WINDOWS\system32\Drivers\volsnap.sys => O arquivo é assinado digitalmente


LastRegBack: 2016-07-12 07:55

==================== Fim de FRST.txt ============================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @jones awoki limas

 

Tranquilo! :)

 

Desative temporariamente seu antivírus, antispywares e firewall, para não causar conflitos.

 

Abra o seu Bloco de Notas, copie (control + c) e cole (control + v) todo o texto que está abaixo:

 

Citação

CreateRestorePoint:
CloseProcesses:

CHR HomePage: ChromeDefaultData2 -> hxxp://www.nuesearch.com/?type=hp&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX
CHR StartupUrls: ChromeDefaultData2 -> "hxxp://www.nuesearch.com/?type=hp&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX"
CHR DefaultSearchURL: ChromeDefaultData2 -> hxxp://www.nuesearch.com/search/?type=ds&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX&q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData2 -> nuesearch
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]

Reboot:

 

  • Salve este arquivo na Área de Trabalho (Desktop) como fixlist.txt
  • Execute novamente o FRST e clique no botão Corrigir;
  • Aguarde... ao final será gerado o log Fixlog.txt em sua Área de Trabalho (Desktop).
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá segue o log, valeu!

 

Resultado da Correção pela Farbar Recovery Scan Tool (x64) Versão: 13-07-2016 01
Executado por Vanessa Musso (2016-07-13 16:33:16) Run:2
Executando a partir de C:\Users\Vanessa Musso\Desktop
Perfis Carregados: Vanessa Musso (Perfis Disponíveis: Vanessa Musso)
Modo da Inicialização: Normal
==============================================

fixlist Conteúdo:
*****************
CreateRestorePoint:
CloseProcesses:
CHR HomePage: ChromeDefaultData2 -> hxxp://www.nuesearch.com/?type=hp&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX
CHR StartupUrls: ChromeDefaultData2 -> "hxxp://www.nuesearch.com/?type=hp&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX"
CHR DefaultSearchURL: ChromeDefaultData2 -> hxxp://www.nuesearch.com/search/?type=ds&ts=1467902747&z=05de935106072ef800cc7b5g6zcq8mbtaecocm9z4t&from=wpm0616&uid=HGSTXHTS545050A7E380_TM8513PY3LX42M3LX42MX&q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData2 -> nuesearch
S1 gbpddfac; system32\drivers\gbpddfac64.sys [X]
S0 gbpddreg; system32\drivers\gbpddreg64.sys [X]
Reboot:
*****************

Ponto de Restauração criado com sucesso.
Processos fechados com sucesso.
Chrome HomePage => removido (a) com sucesso.
Chrome StartupUrls => removido (a) com sucesso.
Chrome DefaultSearchURL => removido (a) com sucesso.
Chrome DefaultSearchKeyword => removido (a) com sucesso.
gbpddfac => serviço removido (a) com sucesso.
gbpddreg => serviço removido (a) com sucesso.


O sistema precisou ser reiniciado.

==== Fim de Fixlog 16:34:26 ====

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @jones awoki limas

 

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe o Stinger e salve em sua Área de trabalho (Desktop).
32 bit (x86) ou 64 bit (x64)

  • Execute o arquivo Stinger.exe
    • Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png
  • Clique no botão “I Accept”


Stinger%20a.png

Na nova janela clique em “Advanced” e depois “Settings”

Stinger%20b.png

Na janela configurações deixe conforme imagem abaixo e clique no botão “Save”

9hnsyu.png

Clique em “Customize my Scan”

Stinger%20f.png

Selecione as unidades do sistema e em seguida clique no botão “Scan”

Stinger%20g.png

Ao final clique em “View log”, será aberto uma janela com o log em seu navegador.
Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

 

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá Moicano, 

 

Td beleza?

 

Bom segue abaixo o log que você solicitou. Valeu!

 

McAfee Stinger Scan Results

McAfee® Labs Stinger™ Version 12.1.0.2060 built on Jul 20 2016 at 12:16:59 Copyright© 2015, McAfee, Inc. All Rights Reserved.

 

AV Engine version v5800.7501 for Windows. Virus data file v1000.0 created on Jul 20, 2016 Ready to scan for 9836 viruses, trojans and variants.

 

Custom scan initiated on quarta-feira, julho 20, 2016 09:31:43

 

Rootkit scan result : Clean.

 

C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\003C293C-1466534344-003D-9CE1-3C00D1DF6549\vnssAA0.tmp.vir [MD5:9fe30692ceab57ddff98cd62cd89df7b] is infected with Artemis!9FE30692CEAB C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\003C293C-1466534344-003D-9CE1-3C00D1DF6549\vnssAA0.tmp.vir has been Deleted C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\Arikoiedrumition\ArkconfigurationSrv.html5.vir [MD5:b6616bbc4b8d538e3aa012ad9dbad25e] is infected with Artemis!B6616BBC4B8D C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\Arikoiedrumition\ArkconfigurationSrv.html5.vir has been Deleted C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\CalendarTool\2.0.0.11380\InstallHelper.exe.vir [MD5:9bc2de6eaed294f66467c14511680fe8] is infected with Artemis!9BC2DE6EAED2 C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\CalendarTool\2.0.0.11380\InstallHelper.exe.vir has been Deleted C:\AdwCleaner\FileQuarantine\C\Users\Vanessa Musso\AppData\Roaming\ASPackage\ASPackage.exe.vir [MD5:f1e8e5441c7f0087deeb5c71f5b92206] is infected with Artemis!F1E8E5441C7F C:\AdwCleaner\FileQuarantine\C\Users\Vanessa Musso\AppData\Roaming\ASPackage\ASPackage.exe.vir has been Deleted C:\AdwCleaner\FileQuarantine\C\WINDOWS\SysNative\drivers\12958ddeab2a21954cedd892344c539e.sys.vir [MD5:32cee7d24c2c1797f8246aecb8877d74] is infected with Artemis!32CEE7D24C2C C:\AdwCleaner\FileQuarantine\C\WINDOWS\SysNative\drivers\12958ddeab2a21954cedd892344c539e.sys.vir has been Deleted C:\FRST\Quarantine\C\Users\Vanessa Musso\AppData\Local\Temp\nsaA.tmp.exe.xBAD [MD5:f1e8e5441c7f0087deeb5c71f5b92206] is infected with Artemis!F1E8E5441C7F C:\FRST\Quarantine\C\Users\Vanessa Musso\AppData\Local\Temp\nsaA.tmp.exe.xBAD has been Deleted C:\Users\Vanessa Musso\Desktop\Corel\CorelDRAW Graphics Suite X7 - 64 Bits\Keygen.exe [MD5:8b704100bf6ad468fdf883822c35a42b] is infected with Artemis!8B704100BF6A C:\Users\Vanessa Musso\Desktop\Corel\CorelDRAW Graphics Suite X7 - 64 Bits\Keygen.exe has been Deleted

 

Summary Report on C:

 

File(s) TotalFiles:............ 1768355 Clean:................. 344145 Not Scanned:........... 1424203 Possibly Infected:..... 7

 

Time: 12:33:52 Scan completed on quarta-feira, julho 20, 2016 22:05:35

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro @jones awoki limas

 

Baixe Security Check, by glax24 e salve em sua Área de trabalho (Desktop).

 

Atenção: Usuários Windows Vista, 7 e 8, cliquem com o botão direito do mouse e escolha: execadmin.png 

  • Aguarde enquanto a ferramenta faz o exame.
  • Ao final salve log como SecurityCheck.html
  • Abra o arquivo com o bloco de notas;
  • Selecione, copie e cole o conteúdo deste log em sua sua próxima resposta.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

 

Como o autor não respondeu ao tópico por mais de 10 dias, o mesmo foi arquivado. Caso você seja o autor do tópico e quer que o mesmo seja reaberto, entre em contato com um Analista de Segurança do Fórum solicitando o desbloqueio.

 

CarlosTurco

diego_moicano

 

 

Compartilhar este post


Link para o post
Compartilhar em outros sites
Visitante
Este tópico está impedido de receber novos posts.





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×