cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-04-2015
Ran by Familia (administrator) on FAMILIA-PC on 26-04-2015 12:25:56
Running from C:\Users\Familia\Downloads
Loaded Profiles: Familia (Available profiles: Familia)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) OS Language: Português (Brasil)
Internet Explorer Version 11 (Default browser path: "C:\Program Files\baidu\Spark26.5.9999.3313\Spark.exe" -- "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(GAS Tecnologia LTDA) C:\Program Files\Diebold\Warsaw\core.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_14_0_0_176_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcfgex.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [Diebold - Warsaw] => C:\Program Files\Diebold\Warsaw\core.exe [507704 2014-09-06] (GAS Tecnologia LTDA)
Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll [2015-03-10] (Banco do Brasil)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-755782756-4124950194-2197105660-1000\...\MountPoints2: {0d082789-6cc6-11e4-8007-c89cdc46e5f4} - E:\AutoRun.exe
HKU\S-1-5-21-755782756-4124950194-2197105660-1000\...\MountPoints2: {42a6e84a-bf24-11e4-b062-c89cdc46e5f4} - E:\AutoRun.exe
HKU\S-1-5-21-755782756-4124950194-2197105660-1000\...\MountPoints2: {67750551-0bb2-11e4-895c-c89cdc46e5f4} - E:\AutoRun.exe
HKU\S-1-5-21-755782756-4124950194-2197105660-1000\...\MountPoints2: {ad111030-6c30-11e4-bcab-c89cdc46e5f4} - E:\AutoRun.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:50343;https=127.0.0.1:50343
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-755782756-4124950194-2197105660-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.baixaki.com.br/portal/?utm_source=sol&utm_medium=ppi&utm_campaign=portal
SearchScopes: HKLM -> DefaultScope {0633ee93-d776-472f-a0ff-e1416b8b2e3a} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-755782756-4124950194-2197105660-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-755782756-4124950194-2197105660-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540000} -> C:\Program Files\GbPlugin\gbieh.dll [2015-03-10] (Banco do Brasil)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll [1864576 2015-03-10] (Banco do Brasil)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2013-07-23] (RocketLife, LLP)
FF Plugin HKU\S-1-5-21-755782756-4124950194-2197105660-1000: gastecnologia.com.br/sf/bb -> C:\Users\Familia\AppData\Local\GAS Tecnologia\GBBD\npsf_bb.dll [2015-04-02] (GAS Tecnologia)

Chrome:
=======
CHR Profile: C:\Users\Familia\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SiteAdvisor) - C:\Users\Familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-07-06]
CHR Extension: (Google Wallet) - C:\Users\Familia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-28]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.)
S3 FoxitCloudUpdateService; C:\Program Files\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [242216 2014-06-17] (Foxit Corporation)
R2 GbpSv; C:\Program Files\GbPlugin\gbpsv.exe [565560 2015-01-20] (GAS Tecnologia)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Warsaw Technology; C:\Program Files\Diebold\Warsaw\core.exe [507704 2014-09-06] (GAS Tecnologia LTDA)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [226784 2015-04-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [166880 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [29664 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [206816 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [269792 2015-03-11] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [110048 2015-04-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [213984 2015-04-07] (AVG Technologies CZ, s.r.o.)
S3 DCamUSBSTK02N; C:\Windows\System32\DRIVERS\STK02NW2.sys [101520 2007-03-12] (Syntek Ltd.)
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [46552 2015-04-24] (GAS Tecnologia)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-04-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-04-14] (Malwarebytes Corporation)
R1 ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2014-12-19] (GAS Tecnologia)
S3 NPF; C:\Windows\System32\drivers\npf.sys [32896 2004-05-14] (NetGroup - Politecnico di Torino) [File not signed]
S3 WsAudio_Device; C:\Windows\System32\drivers\VirtualAudio.sys [27496 2013-03-25] (Wondershare)
U4 360Box64; No ImagePath
U4 360FsFlt; No ImagePath
S0 360HookOem; system32\drivers\360HookOEM.sys [X]
S3 bdark; \??\C:\Windows\system32\drivers\bdark.sys [X]
S0 Bhbase; System32\drivers\Bhbase.sys [X]
S3 BHipsEx; \??\C:\Windows\System32\drivers\BHipsEx.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 cpuz134; \??\C:\Users\Familia\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\PC Faster\5.1.0.0\PCFApiUtil.sys [X]
U4 PSafeSVC; No ImagePath
U4 PSafeWD; No ImagePath
U4 PSProtegeSVC; No ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-26 12:25 - 2015-04-26 12:26 - 00010795 _____ () C:\Users\Familia\Downloads\FRST.txt
2015-04-26 12:21 - 2015-04-26 12:26 - 00000000 ____D () C:\FRST
2015-04-26 12:20 - 2015-04-26 12:21 - 01140736 _____ (Farbar) C:\Users\Familia\Downloads\FRST.exe
2015-04-25 12:22 - 2015-04-25 12:22 - 00001136 _____ () C:\Users\Familia\Desktop\ZHPFixReport.txt
2015-04-25 10:23 - 2015-04-25 10:23 - 00086720 _____ () C:\Users\Familia\Desktop\ZHPDiag.txt
2015-04-25 01:12 - 2015-04-25 01:12 - 00000000 ___HD () C:\Program Files\GAS Tecnologia
2015-04-25 01:12 - 2015-04-25 01:12 - 00000000 ____D () C:\Program Files\Diebold
2015-04-24 11:01 - 2015-04-25 10:21 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-04-24 10:55 - 2015-04-25 10:21 - 00000000 ____D () C:\Program Files\ZHPDiag
2015-04-24 10:55 - 2015-04-24 10:55 - 00001933 _____ () C:\Users\Familia\Desktop\ZHPFix.lnk
2015-04-24 10:55 - 2015-04-24 10:55 - 00001806 _____ () C:\Users\Familia\Desktop\ZHPDiag.lnk
2015-04-24 10:55 - 2015-04-24 10:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP
2015-04-24 10:51 - 2015-04-24 10:54 - 06882701 _____ (Nicolas Coolman ) C:\Users\Familia\Downloads\ZHPDiag2.exe
2015-04-24 07:43 - 2015-04-24 07:43 - 00001269 _____ () C:\relatorio 1.txt
2015-04-23 17:57 - 2015-04-25 12:22 - 00000000 ____D () C:\Users\Familia\AppData\Roaming\ZHP
2015-04-23 17:57 - 2015-04-23 17:58 - 00000834 _____ () C:\Users\Familia\Desktop\ZHPCleaner.lnk
2015-04-23 17:55 - 2015-04-23 17:57 - 01809920 _____ () C:\Users\Familia\Downloads\ZHPCleaner.exe
2015-04-23 16:39 - 2015-04-23 16:39 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-FAMILIA-PC-Windows-7-Professional-(32-bit).dat
2015-04-23 16:39 - 2015-04-23 16:39 - 00000000 ____D () C:\RegBackup
2015-04-23 16:36 - 2015-04-24 09:12 - 00000000 ____D () C:\Users\Familia\Desktop\JRT
2015-04-23 15:59 - 2015-04-23 15:36 - 00024064 _____ () C:\Windows\zoek-delete.exe
2015-04-23 15:40 - 2015-04-23 16:01 - 00011344 _____ () C:\zoek-results.log
2015-04-23 15:36 - 2015-04-23 15:57 - 00000000 ____D () C:\zoek_backup
2015-04-23 02:32 - 2015-04-24 10:42 - 00000000 ____D () C:\Users\Familia\Desktop\Nova pasta (2)
2015-04-23 01:15 - 2015-04-23 01:18 - 00000000 ____D () C:\Users\Familia\Desktop\Nova pasta
2015-04-21 08:51 - 2015-04-25 07:19 - 00410360 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-04-20 23:22 - 2015-04-20 23:22 - 00000000 ____D () C:\Users\Familia\AppData\Roaming\AVG2015
2015-04-20 23:21 - 2015-04-20 23:21 - 00000173 _____ () C:\Windows\system32\userawacs.cfg
2015-04-20 23:20 - 2015-04-20 23:20 - 00000953 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-04-20 23:20 - 2015-04-20 23:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-04-20 23:19 - 2015-04-21 11:34 - 00000000 ____D () C:\Users\Todos os Usuários\AVG2015
2015-04-20 23:19 - 2015-04-21 11:34 - 00000000 ____D () C:\ProgramData\AVG2015
2015-04-20 23:19 - 2015-04-20 23:19 - 00000000 ___HD () C:\$AVG
2015-04-20 23:18 - 2015-04-20 23:18 - 00000000 ____D () C:\Windows\system32\%systemroot%
2015-04-20 23:18 - 2015-04-20 23:18 - 00000000 ____D () C:\Program Files\AVG
2015-04-20 23:08 - 2015-04-26 09:44 - 00000000 ____D () C:\Users\Todos os Usuários\MFAData
2015-04-20 23:08 - 2015-04-26 09:44 - 00000000 ____D () C:\ProgramData\MFAData
2015-04-20 23:08 - 2015-04-21 00:04 - 00000000 ____D () C:\Users\Familia\AppData\Local\Avg2015
2015-04-20 23:08 - 2015-04-20 23:08 - 00000000 ____D () C:\Users\Familia\AppData\Local\MFAData
2015-04-20 22:57 - 2015-04-26 12:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-20 22:56 - 2015-04-23 01:18 - 00001060 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-20 22:56 - 2015-04-23 01:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-20 22:56 - 2015-04-23 01:18 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-04-20 22:56 - 2015-04-20 22:56 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2015-04-20 22:56 - 2015-04-20 22:56 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-20 22:56 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-20 22:56 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-20 22:56 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-20 22:42 - 2015-04-20 22:42 - 00000000 ____D () C:\Users\Public\Documents\PC Faster
2015-04-20 22:26 - 2015-04-20 22:33 - 39491191 _____ () C:\Users\Familia\Downloads\Como Remover Todos os Vírus do PC!!!.mp4
2015-04-20 22:11 - 2015-04-20 22:14 - 14239006 _____ () C:\Users\Familia\Downloads\Como Entrar no "Modo de Segurança" nos Windows XP,Vista e 7!.mp4
2015-04-16 08:06 - 2015-04-16 08:21 - 90493120 _____ () C:\Users\Familia\Downloads\Como remover virus do pc sem usar anti-virus (pelo regedit).mp4
2015-04-15 13:05 - 2015-04-15 13:05 - 00206816 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx86.sys
2015-04-10 07:38 - 2015-04-25 07:19 - 00280354 _____ () C:\Windows\PFRO.log
2015-04-09 14:12 - 2015-04-09 14:12 - 00226784 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2015-04-07 15:36 - 2015-04-07 15:41 - 27928775 _____ () C:\Users\Familia\Downloads\Como remover vírus manualmente.mp4
2015-04-07 12:45 - 2015-04-07 12:45 - 00213984 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdix.sys
2015-04-05 14:10 - 2015-04-05 14:10 - 00000000 ____D () C:\Users\Familia\Desktop\%LocalAppData%
2015-04-03 14:44 - 2015-04-25 01:13 - 00001024 _____ () C:\.rnd
2015-04-03 09:41 - 2015-04-26 09:39 - 00005880 _____ () C:\Windows\setupact.log
2015-04-03 09:41 - 2015-04-03 09:41 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-03 09:37 - 2015-04-03 09:37 - 00110048 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys
2015-03-30 08:04 - 2015-04-23 13:56 - 00000000 ____D () C:\Users\Familia\Desktop\GATINHO ARIE

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-26 11:47 - 2014-04-27 08:07 - 01275361 _____ () C:\Windows\WindowsUpdate.log
2015-04-26 09:47 - 2009-07-14 01:34 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-26 09:47 - 2009-07-14 01:34 - 00025424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-26 09:39 - 2014-12-19 13:17 - 00000000 ____D () C:\Users\Todos os Usuários\GbPlugin
2015-04-26 09:39 - 2014-12-19 13:17 - 00000000 ____D () C:\ProgramData\GbPlugin
2015-04-26 09:39 - 2014-12-19 13:17 - 00000000 ____D () C:\Program Files\GbPlugin
2015-04-26 09:39 - 2009-07-14 01:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-24 08:57 - 2014-12-19 13:18 - 00046552 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpkm.sys
2015-04-23 18:05 - 2014-04-17 16:49 - 00000000 ____D () C:\Program Files\My Top Free Games
2015-04-23 18:05 - 2013-10-31 09:26 - 00000000 ____D () C:\Users\Familia\AppData\Local\Systweak
2015-04-23 18:05 - 2013-10-31 09:15 - 00000000 ____D () C:\Users\Familia\AppData\Roaming\Systweak
2015-04-23 16:37 - 2014-04-25 10:29 - 00000000 ____D () C:\Users\Familia\Desktop\DIVERSOS
2015-04-23 15:57 - 2009-07-13 23:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-04-23 13:56 - 2015-03-23 08:54 - 00000000 ____D () C:\Users\Familia\Desktop\DESENHOS BIBLICOS
2015-04-23 13:56 - 2013-12-28 10:31 - 00000000 ____D () C:\Users\Familia\Downloads\ANTI VIRUS
2015-04-23 12:15 - 2014-07-05 23:03 - 00000000 ____D () C:\Users\Todos os Usuários\GAS Tecnologia
2015-04-23 12:15 - 2014-07-05 23:03 - 00000000 ____D () C:\ProgramData\GAS Tecnologia
2015-04-22 11:13 - 2013-07-31 20:04 - 00000000 ____D () C:\Users\Familia\AppData\Roaming\TuneUp Software
2015-04-21 12:35 - 2012-10-06 11:54 - 00000077 _____ () C:\Users\Familia\AppData\default.pls
2015-04-21 12:19 - 2012-09-05 17:08 - 00000000 ____D () C:\Users\Familia
2015-04-21 12:14 - 2013-11-26 11:29 - 00000000 ___RD () C:\Users\Familia\Desktop\PREGAÇÕES
2015-04-21 12:14 - 2012-10-09 23:48 - 00000000 ____D () C:\Users\Familia\DESENHOS BIBLICOS
2015-04-21 10:11 - 2009-07-14 04:50 - 00000000 ____D () C:\Windows\CSC
2015-04-21 09:20 - 2014-04-25 10:32 - 00000000 ____D () C:\Users\Familia\Downloads\PROGRAMAS
2015-04-21 08:52 - 2013-05-28 16:21 - 00000000 ____D () C:\Program Files\Common Files\Mcafee
2015-04-21 08:52 - 2013-05-23 16:54 - 00000000 ____D () C:\Program Files\McAfee
2015-04-21 08:52 - 2013-05-23 15:43 - 00000000 ____D () C:\Users\Todos os Usuários\McAfee
2015-04-21 08:52 - 2013-05-23 15:43 - 00000000 ____D () C:\ProgramData\McAfee
2015-04-20 22:43 - 2012-09-30 19:09 - 00000000 ____D () C:\Program Files\Google
2015-04-20 22:37 - 2014-09-30 23:49 - 00000000 __SHD () C:\$360Section
2015-04-07 11:49 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\wfp
2015-04-07 11:49 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-07 11:49 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\registration
2015-04-06 10:45 - 2015-03-24 15:50 - 00000000 ____D () C:\Users\Familia\Desktop\DOCUMENTARIOS
2015-04-03 09:59 - 2012-09-05 17:12 - 01635826 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-03 09:59 - 2009-08-04 22:18 - 00705798 _____ () C:\Windows\system32\prfh0416.dat
2015-04-03 09:59 - 2009-08-04 22:18 - 00147638 _____ () C:\Windows\system32\prfc0416.dat
2015-03-31 09:06 - 2012-10-31 12:51 - 00000000 ____D () C:\Windows\Minidump
2015-03-29 12:09 - 2013-11-02 10:52 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security

==================== Files in the root of some directories =======

2014-01-19 15:22 - 2014-01-29 06:09 - 0000129 _____ () C:\Users\Familia\AppData\Roaming\WB.CFG
2014-01-19 15:22 - 2014-01-29 06:08 - 0000005 _____ () C:\Users\Familia\AppData\Roaming\WBPU-TTL.DAT
2013-08-02 06:26 - 2013-09-23 11:20 - 0000116 _____ () C:\Users\Familia\AppData\Local\ap_UA-24552437-8.txt
2013-11-08 07:30 - 2013-11-29 15:40 - 0012800 _____ () C:\Users\Familia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-13 23:46 - 2013-06-14 00:13 - 0000057 ____N () C:\ProgramData\Ament.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-24 11:27

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité