cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

ÿþ[code]
OTS logfile created on: 27/04/2015 14:32:05 - Run 1
OTS by OldTimer - Version 3.1.47.2 Folder = C:\Users\Familia\Downloads
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17501)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 30,00% Memory free
4,00 Gb Paging File | 2,00 Gb Available in Paging File | 42,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465,66 Gb Total Space | 366,80 Gb Free Space | 78,77% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: FAMILIA-PC
Current User Name: Familia
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days

[Processes - Safe List]
ots.exe -> C:\Users\Familia\Downloads\OTS.exe -> [2015/04/27 14:26:32 | 000,646,656 | ---- | M] (OldTimer Tools)
avgui.exe -> C:\Arquivos de Programas\AVG\AVG2015\avgui.exe -> [2015/04/15 13:17:20 | 003,745,232 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgwdsvc.exe -> C:\Arquivos de Programas\AVG\AVG2015\avgwdsvc.exe -> [2015/04/15 13:10:56 | 000,311,792 | ---- | M] (AVG Technologies CZ, s.r.o.)
mbamservice.exe -> C:\Arquivos de Programas\Malwarebytes Anti-Malware\mbamservice.exe -> [2015/04/14 09:36:30 | 001,080,120 | ---- | M] (Malwarebytes Corporation)
mbamscheduler.exe -> C:\Arquivos de Programas\Malwarebytes Anti-Malware\mbamscheduler.exe -> [2015/04/14 09:36:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation)
mbam.exe -> C:\Arquivos de Programas\Malwarebytes Anti-Malware\mbam.exe -> [2015/04/14 09:36:20 | 006,212,920 | ---- | M] (Malwarebytes Corporation)
gbpsv.exe -> C:\Arquivos de Programas\GbPlugin\gbpsv.exe -> [2015/01/20 18:38:00 | 000,565,560 | ---- | M] (GAS Tecnologia)
iexplore.exe -> C:\Arquivos de Programas\Internet Explorer\iexplore.exe -> [2014/11/26 22:10:46 | 000,815,280 | ---- | M] (Microsoft Corporation)
msspellcheckingfacility.exe -> C:\Windows\System32\MsSpellCheckingFacility.exe -> [2014/11/21 22:48:26 | 000,667,648 | ---- | M] (Microsoft Corporation)
core.exe -> C:\Arquivos de Programas\Diebold\Warsaw\core.exe -> [2014/09/06 10:56:26 | 000,507,704 | ---- | M] (GAS Tecnologia LTDA)
flashutil32_14_0_0_176_activex.exe -> C:\Windows\System32\Macromed\Flash\FlashUtil32_14_0_0_176_ActiveX.exe -> [2014/08/15 14:31:06 | 000,851,632 | ---- | M] (Adobe Systems Incorporated)
taskhost.exe -> C:\Windows\System32\taskhost.exe -> [2013/11/11 12:57:07 | 000,049,152 | ---- | M] (Microsoft Corporation)
wlidsvc.exe -> C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -> [2012/07/17 14:49:00 | 001,713,904 | ---- | M] (Microsoft Corp.)
wlidsvcm.exe -> C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE -> [2012/07/17 14:49:00 | 000,194,304 | ---- | M] (Microsoft Corp.)
explorer.exe -> C:\Windows\explorer.exe -> [2011/02/25 02:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)
mdm.exe -> C:\Arquivos de Programas\Common Files\microsoft shared\VS7DEBUG\MDM.EXE -> [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation)

[Modules - No Company Name]
[Win32 Services - Safe List]
(AVGIDSAgent) AVGIDSAgent [Auto | Stopped] -> C:\Program Files\AVG\AVG2015\avgidsagent.exe -> [2015/04/15 13:21:40 | 003,438,032 | ---- | M] (AVG Technologies CZ, s.r.o.)
(avgwd) Watchdog do AVG [Auto | Running] -> C:\Program Files\AVG\AVG2015\avgwdsvc.exe -> [2015/04/15 13:10:56 | 000,311,792 | ---- | M] (AVG Technologies CZ, s.r.o.)
(MBAMService) MBAMService [Auto | Running] -> C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -> [2015/04/14 09:36:30 | 001,080,120 | ---- | M] (Malwarebytes Corporation)
(MBAMScheduler) MBAMScheduler [Auto | Running] -> C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -> [2015/04/14 09:36:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation)
(GbpSv) Gbp Service [Unknown | Running] -> C:\Arquivos de Programas\GbPlugin\gbpsv.exe -> [2015/01/20 18:38:00 | 000,565,560 | ---- | M] (GAS Tecnologia)
(IEEtwCollectorService) Internet Explorer ETW Collector Service [On_Demand | Stopped] -> C:\Windows\System32\IEEtwCollector.exe -> [2014/11/21 22:55:14 | 000,102,912 | ---- | M] (Microsoft Corporation)
(Warsaw Technology) Warsaw Technology [Auto | Running] -> C:\Arquivos de Programas\Diebold\Warsaw\core.exe -> [2014/09/06 10:56:26 | 000,507,704 | ---- | M] (GAS Tecnologia LTDA)
(FoxitCloudUpdateService) Foxit Cloud Safe Update Service [On_Demand | Stopped] -> C:\Arquivos de Programas\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe -> [2014/06/17 17:56:02 | 000,242,216 | ---- | M] (Foxit Corporation)
(WinDefend) Windows Defender [On_Demand | Stopped] -> C:\Arquivos de Programas\Windows Defender\MpSvc.dll -> [2013/05/27 01:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation)
(WatAdminSvc) Serviço de Tecnologias de Ativação do Windows [Unknown | Stopped] -> C:\Windows\System32\Wat\WatAdminSvc.exe -> [2012/09/05 22:07:07 | 001,343,400 | ---- | M] (Microsoft Corporation)
(StorSvc) Serviço de Armazenamento [Auto | Running] -> C:\Windows\System32\StorSvc.dll -> [2009/07/13 22:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation)
(SensrSvc) Brilho Adaptável [On_Demand | Stopped] -> C:\Windows\System32\sensrsvc.dll -> [2009/07/13 22:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation)
(PeerDistSvc) BranchCache [On_Demand | Stopped] -> C:\Windows\System32\PeerDistSvc.dll -> [2009/07/13 22:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation)
(WcesComm) Conectividade do dispositivo baseado no Windows Mobile 2003 [Auto | Running] -> C:\Windows\WindowsMobile\wcescomm.dll -> [2007/05/31 15:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation)
(RapiMgr) Conectividade do dispositivo baseado no Windows Mobile [Auto | Running] -> C:\Windows\WindowsMobile\rapimgr.dll -> [2007/05/31 15:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation)
(rpcapd) Remote Packet Capture Protocol v.0 (experimental) [On_Demand | Stopped] -> C:\Program Files\WinPcap\rpcapd.exe -> [2004/05/14 03:02:46 | 000,086,016 | ---- | M] (NetGroup - Politecnico di Torino)

[Driver Services - Safe List]
(MBAMSwissArmy) MBAMSwissArmy [File_System | On_Demand | Running] -> C:\Windows\System32\drivers\MBAMSwissArmy.sys -> [2015/04/27 12:02:44 | 000,119,512 | ---- | M] (Malwarebytes Corporation)
(GbpKm) Gbp KernelMode [Kernel | Boot | Running] -> C:\Windows\system32\drivers\gbpkm.sys -> [2015/04/24 08:57:48 | 000,046,552 | ---- | M] (GAS Tecnologia)
(Avgldx86) AVG AVI Loader Driver [File_System | System | Running] -> C:\Windows\System32\drivers\avgldx86.sys -> [2015/04/15 13:05:06 | 000,206,816 | ---- | M] (AVG Technologies CZ, s.r.o.)
(MBAMWebAccessControl) MBAMWebAccessControl [File_System | On_Demand | Running] -> C:\Windows\System32\drivers\mwac.sys -> [2015/04/14 09:37:54 | 000,051,928 | ---- | M] (Malwarebytes Corporation)
(MBAMProtector) MBAMProtector [File_System | On_Demand | Running] -> C:\Windows\System32\drivers\mbam.sys -> [2015/04/14 09:37:42 | 000,023,256 | ---- | M] (Malwarebytes Corporation)
(AVGIDSDriver) AVGIDSDriver [File_System | System | Running] -> C:\Windows\System32\drivers\avgidsdriverx.sys -> [2015/04/09 14:12:50 | 000,226,784 | ---- | M] (AVG Technologies CZ, s.r.o.)
(Avgtdix) AVG TDI Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\avgtdix.sys -> [2015/04/07 12:45:10 | 000,213,984 | ---- | M] (AVG Technologies CZ, s.r.o.)
(Avgmfx86) AVG Mini-Filter Resident Anti-Virus Shield [File_System | Boot | Running] -> C:\Windows\system32\DRIVERS\avgmfx86.sys -> [2015/04/03 09:37:24 | 000,110,048 | ---- | M] (AVG Technologies CZ, s.r.o.)
(Avgrkx86) AVG Anti-Rootkit Driver [File_System | Boot | Running] -> C:\Windows\system32\DRIVERS\avgrkx86.sys -> [2015/03/20 12:18:22 | 000,035,808 | ---- | M] (AVG Technologies CZ, s.r.o.)
(Avglogx) AVG Logging Driver [File_System | Boot | Running] -> C:\Windows\system32\DRIVERS\avglogx.sys -> [2015/03/11 12:13:52 | 000,269,792 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AVGIDSHX) AVGIDSHX [File_System | Boot | Running] -> C:\Windows\system32\DRIVERS\avgidshx.sys -> [2015/03/11 12:13:46 | 000,166,880 | ---- | M] (AVG Technologies CZ, s.r.o.)
(Avgdiskx) AVG Disk Driver [File_System | System | Running] -> C:\Windows\System32\drivers\avgdiskx.sys -> [2015/03/11 12:13:46 | 000,132,576 | ---- | M] (AVG Technologies CZ, s.r.o.)
(AVGIDSShim) AVGIDSShim [Kernel | System | Running] -> C:\Windows\System32\drivers\avgidsshimx.sys -> [2015/03/11 12:08:24 | 000,029,664 | ---- | M] (AVG Technologies CZ, s.r.o.)
(ndisrd) GAS Tecnologia Filter Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\gbpndisrdn.sys -> [2014/12/19 13:18:46 | 000,029,400 | ---- | M] (GAS Tecnologia)
(TsUsbFlt) TsUsbFlt [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\TsUsbFlt.sys -> [2013/10/01 21:42:31 | 000,049,152 | ---- | M] (Microsoft Corporation)
(WsAudio_Device) WsAudio_Device [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\VirtualAudio.sys -> [2013/03/25 10:46:36 | 000,027,496 | ---- | M] (Wondershare)
(RdpVideoMiniport) Remote Desktop Video Miniport Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\rdpvideominiport.sys -> [2012/08/23 11:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation)
(vmbus) Barramento da Máquina Virtual [Kernel | Boot | Running] -> C:\Windows\system32\drivers\vmbus.sys -> [2010/11/20 09:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation)
(storflt) Driver de Filtro de Aceleração do Barramento da Máquina Virtual do Disco [Kernel | Boot | Running] -> C:\Windows\system32\drivers\vmstorfl.sys -> [2010/11/20 09:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation)
(storvsc) storvsc [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\storvsc.sys -> [2010/11/20 09:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation)
(WinUsb) WinUsb [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\winusb.sys -> [2010/11/20 06:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation)
(VMBusHID) VMBusHID [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\VMBusHID.sys -> [2010/11/20 06:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation)
(s3cap) s3cap [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\vms3cap.sys -> [2010/11/20 06:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation)
(DCamUSBSTK02N) Standard Camera [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\STK02NW2.sys -> [2007/03/12 14:25:00 | 000,101,520 | ---- | M] (Syntek Ltd.)
(NPF) NetGroup Packet Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\npf.sys -> [2004/05/14 01:37:10 | 000,032,896 | ---- | M] (NetGroup - Politecnico di Torino)

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> ->
HKEY_LOCAL_MACHINE\: Main\\"Secondary Start Pages" -> ->
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> www.google.com ->
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> ->
HKEY_USERS\.DEFAULT\: "ProxyOverride" -> <-loopback> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> ->
HKEY_USERS\S-1-5-18\: "ProxyOverride" -> <-loopback> ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> ->
HKEY_USERS\S-1-5-19\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> ->
HKEY_USERS\S-1-5-20\: "ProxyEnable" -> 0 ->
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\] > -> ->
HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\: Main\\"Secondary Start Pages" -> ->
HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\: "ProxyEnable" -> 0 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions -> ->
< FireFox Extensions [User Folders] > ->
< HOSTS File > ([2015/04/23 18:01:19 | 000,000,840 | ---- | M] - 21 lines) -> C:\Windows\System32\drivers\etc\hosts ->
Reset Hosts
127.0.0.1 localhost
::1 localhost
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ ->
{9030D464-4C02-4ABF-8ECC-5164760863C6} [HKLM] -> C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll [Windows Live ID Sign-in Helper] -> [2012/07/17 14:51:50 | 000,441,592 | ---- | M] (Microsoft Corp.)
{C41A1C0E-EA6C-11D4-B1B8-444553540000} [HKLM] -> C:\Arquivos de Programas\GbPlugin\gbieh.dll [GbIehObj Class] -> [2015/03/10 10:37:02 | 001,864,576 | ---- | M] (Banco do Brasil)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ->
"AVG_UI" -> C:\Program Files\AVG\AVG2015\avgui.exe ["C:\Program Files\AVG\AVG2015\avgui.exe" /TRAYONLY] -> [2015/04/15 13:17:20 | 003,745,232 | ---- | M] (AVG Technologies CZ, s.r.o.)
"Diebold - Warsaw" -> C:\Arquivos de Programas\Diebold\Warsaw\core.exe [C:\Program Files\Diebold\Warsaw\core.exe] -> [2014/09/06 10:56:26 | 000,507,704 | ---- | M] (GAS Tecnologia LTDA)
< RunOnce [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"mctadmin" -> C:\Windows\System32\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> [2009/07/13 22:14:23 | 000,093,696 | ---- | M] (Microsoft Corporation)
< RunOnce [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce ->
"mctadmin" -> C:\Windows\System32\mctadmin.exe [C:\Windows\System32\mctadmin.exe] -> [2009/07/13 22:14:23 | 000,093,696 | ---- | M] (Microsoft Corporation)
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [189] -> File not found
\\"NoControlPanel" -> [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
\\"ConsentPromptBehaviorAdmin" -> [5] -> File not found
\\"ConsentPromptBehaviorUser" -> [3] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000] > -> HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer ->
HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveTypeAutoRun" -> [145] -> File not found
\\"NoLowDiskSpaceChecks" -> [1] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000] > -> HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System ->
HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ ->
{2EAF5BB1-070F-11D3-9307-00C04FAE2D4F}:{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> C:\Windows\WindowsMobile\INetRepl.dll [Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222] -> [2007/05/31 08:21:16 | 000,176,520 | ---- | M] (Microsoft Corporation)
{2EAF5BB2-070F-11D3-9307-00C04FAE2D4F}:{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} [HKLM] -> C:\Windows\WindowsMobile\INetRepl.dll [Menu: @C:\Windows\WindowsMobile\INetRepl.dll,-223] -> [2007/05/31 08:21:16 | 000,176,520 | ---- | M] (Microsoft Corporation)
{92780B25-18CC-41C8-B9BE-3C9C571A8263}:{FF059E31-CC5A-4E2E-BF3B-96E929D65503} [HKLM] -> C:\Arquivos de Programas\Microsoft Office\OFFICE11\REFIEBAR.DLL [Button: Pesquisar] -> [2007/04/19 13:10:18 | 000,063,840 | ---- | M] (Microsoft Corporation)
< Internet Explorer Plugins [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Plugins\ ->
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 0 domain(s) found. ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\] > -> HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ ->
HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 2 domain(s) found. ->
www_bancobrasil.com.br [*] -> Trusted sites ->
www14_bancobrasil.com.br [*] -> Trusted sites ->
www14_bancobrasil.com.br [https] -> Trusted sites ->
www2_bancobrasil.com.br [*] -> Trusted sites ->
www2_bancobrasil.com.br [https] -> Trusted sites ->
seg_bb.com.br [https] -> Trusted sites ->
www_bb.com.br [*] -> Trusted sites ->
www_bb.com.br [http] -> Trusted sites ->
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\] > -> HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ ->
HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 0 range(s) found. ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ ->
DhcpNameServer -> 192.168.1.1 ->
< Name Servers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\ ->
{D1D932FC-A61D-4549-A8A7-ED856D7FA098}\\DhcpNameServer -> 192.168.1.1 (Realtek PCIe FE Family Controller) ->
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon ->
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell ->
explorer.exe -> C:\Windows\explorer.exe -> [2011/02/25 02:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*UserInit* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\UserInit ->
C:\Windows\system32\userinit.exe -> C:\Windows\System32\userinit.exe -> [2010/11/20 09:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> ->
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
SystemPropertiesPerformance.exe -> C:\Windows\System32\SystemPropertiesPerformance.exe -> [2009/07/13 22:14:42 | 000,081,920 | ---- | M] (Microsoft Corporation)
/pagefile -> -> File not found
*MultiFile Done* -> ->
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ ->
GbPluginBb -> C:\Arquivos de Programas\GbPlugin\gbieh.dll -> [2015/03/10 10:37:02 | 001,864,576 | ---- | M] (Banco do Brasil)
< SSODL [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad ->
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}" [HKLM] -> Reg Error: Key error. [WebCheck] -> File not found
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks ->
"{E37CB5F0-51F5-4395-A808-5FA49E399F83}" [HKLM] -> C:\Arquivos de Programas\GbPlugin\gbieh.dll [GbPlugin ShlObj] -> [2015/03/10 10:37:02 | 001,864,576 | ---- | M] (Banco do Brasil)
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot ->
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 ->
"DisplayName" -> Driver de CD-ROM ->
"ImagePath" -> [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > -> ->
C:\autoexec.bat [REM Dummy file for NTVDM | ] -> C:\autoexec.bat [ NTFS ] -> [2009/06/10 18:42:20 | 000,000,024 | ---- | M] ()
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 ->
\{0d082789-6cc6-11e4-8007-c89cdc46e5f4}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d082789-6cc6-11e4-8007-c89cdc46e5f4}\shell
\{0d082789-6cc6-11e4-8007-c89cdc46e5f4}\shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0d082789-6cc6-11e4-8007-c89cdc46e5f4}\shell\AutoRun\command
\{0d082789-6cc6-11e4-8007-c89cdc46e5f4}\shell\AutoRun\command\\"" -> [E:\AutoRun.exe] -> File not found
\{42a6e84a-bf24-11e4-b062-c89cdc46e5f4}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{42a6e84a-bf24-11e4-b062-c89cdc46e5f4}\shell
\{42a6e84a-bf24-11e4-b062-c89cdc46e5f4}\shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{42a6e84a-bf24-11e4-b062-c89cdc46e5f4}\shell\AutoRun\command
\{42a6e84a-bf24-11e4-b062-c89cdc46e5f4}\shell\AutoRun\command\\"" -> [E:\AutoRun.exe] -> File not found
\{67750551-0bb2-11e4-895c-c89cdc46e5f4}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67750551-0bb2-11e4-895c-c89cdc46e5f4}\shell
\{67750551-0bb2-11e4-895c-c89cdc46e5f4}\shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{67750551-0bb2-11e4-895c-c89cdc46e5f4}\shell\AutoRun\command
\{67750551-0bb2-11e4-895c-c89cdc46e5f4}\shell\AutoRun\command\\"" -> [E:\AutoRun.exe] -> File not found
\{ad111030-6c30-11e4-bcab-c89cdc46e5f4}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad111030-6c30-11e4-bcab-c89cdc46e5f4}\shell
\{ad111030-6c30-11e4-bcab-c89cdc46e5f4}\shell\\"" -> [AutoRun] -> File not found
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad111030-6c30-11e4-bcab-c89cdc46e5f4}\shell\AutoRun\command
\{ad111030-6c30-11e4-bcab-c89cdc46e5f4}\shell\AutoRun\command\\"" -> [E:\AutoRun.exe] -> File not found
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command ->
comfile [open] -> "%1" %* ->
exefile [open] -> "%1" %* ->
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.com [@ = comfile] -> "%1" %* ->
.exe [@ = exefile] -> "%1" %* ->

[Registry - Additional Scans - Safe List]
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ ->
.bat [@ = batfile] -> "%1" %* ->
.cmd [@ = cmdfile] -> "%1" %* ->
.com [@ = comfile] -> "%1" %* ->
.cpl [@ = cplfile] -> C:\Windows\System32\control.exe -> [2009/07/13 22:14:15 | 000,113,152 | ---- | M] (Microsoft Corporation)
.exe [@ = exefile] -> "%1" %* ->
.hlp [@ = hlpfile] -> C:\Windows\winhlp32.exe -> [2009/07/13 22:14:45 | 000,009,728 | ---- | M] (Microsoft Corporation)
.html [@ = BaiduSparkHTML] -> "C:\Program Files\baidu\Spark26.5.9999.3313\Spark.exe" -- "%1" ->
.pif [@ = piffile] -> "%1" %* ->
.scr [@ = scrfile] -> "%1" /S ->
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost > -> ->
*netsvcs* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\\netsvcs ->
FastUserSwitchingCompatibility -> -> File not found
Ias -> C:\Windows\System32\ias.dll -> [2009/07/13 22:15:26 | 000,019,456 | ---- | M] (Microsoft Corporation)
Nla -> -> File not found
Ntmssvc -> -> File not found
NWCWorkstation -> -> File not found
Nwsapagent -> -> File not found
SRService -> -> File not found
WmdmPmSp -> -> File not found
LogonHours -> -> File not found
PCAudit -> -> File not found
helpsvc -> -> File not found
uploadmgr -> -> File not found
*MultiFile Done* -> ->
< Protocol Filters [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Filter\ ->
text/xml:{807553E5-5146-11D5-A672-00B0D022E945} [HKLM] -> C:\Arquivos de Programas\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL[Reg Error: Value error.] -> [2007/04/19 12:57:40 | 000,046,432 | ---- | M] (Microsoft Corporation)
< Protocol Handlers [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ ->
livecall:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.dll[Reg Error: Value error.] -> [2012/07/28 03:09:00 | 000,075,712 | ---- | M] (Microsoft Corporation)
msdaipp\0x00000001:{E1D2BF42-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> C:\Arquivos de Programas\Common Files\System\Ole DB\MSDAIPP.DLL[MSDAMON.BINDER] -> [2005/09/20 11:33:58 | 000,843,984 | ---- | M] (Microsoft Corporation)
msdaipp\oledb:{E1D2BF40-A96B-11d1-9C6B-0000F875AC61} [HKLM] -> C:\Arquivos de Programas\Common Files\System\Ole DB\MSDAIPP.DLL[MSDAIPP.BINDER] -> [2005/09/20 11:33:58 | 000,843,984 | ---- | M] (Microsoft Corporation)
ms-itss:{0A9007C0-4076-11D3-8789-0000F8105754} [HKLM] -> C:\Arquivos de Programas\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL[Microsoft Infotech Storage Protocol for IE 4.0] -> [2000/04/19 18:47:36 | 000,520,117 | ---- | M] (Microsoft Corporation)
msnim:{828030A1-22C1-4009-854F-8E305202313F} [HKLM] -> C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.dll[Reg Error: Value error.] -> [2012/07/28 03:09:00 | 000,075,712 | ---- | M] (Microsoft Corporation)
mso-offdap:{3D9F03FA-7A94-11D3-BE81-0050048385D1} [HKLM] -> C:\Arquivos de Programas\Common Files\microsoft shared\Web Components\10\OWC10.DLL[Data Page Pluggable Protocol mso-offdap Handler] -> [2009/05/18 00:28:42 | 007,255,872 | ---- | M] (Microsoft Corporation)
mso-offdap11:{32505114-5902-49B2-880A-1F7738E5A384} [HKLM] -> C:\Arquivos de Programas\Common Files\microsoft shared\Web Components\11\OWC11.DLL[Data Page Plugable Protocal mso-offdap11 Handler] -> [2009/03/24 16:47:14 | 008,058,192 | ---- | M] (Microsoft Corporation)
< Security Center Settings > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center
\\"cval" -> [1] -> File not found
\\"AutoUpdateDisableNotify" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\ -> ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc
\Svc\\"VistaSp1" -> Reg Error: Unknown registry data type [Reg Error: Unknown registry data type] -> File not found
\Svc\\"AntiVirusOverride" -> [0] -> File not found
\Svc\\"AntiSpywareOverride" -> [0] -> File not found
\Svc\\"FirewallOverride" -> [0] -> File not found
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol\ -> ->
< Windows DomainProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile
\\"DisableNotifications" -> [0] -> File not found
\\"EnableFirewall" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\Logging\ -> ->
< Windows StandardProfile Firewall Policy Settings > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile ->
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
\\"DisableNotifications" -> [0] -> File not found
\\"EnableFirewall" -> [1] -> File not found
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\Logging\ -> ->
< Winsock2 Catalogs [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\ ->
NameSpace_Catalog5\Catalog_Entries\000000000005 [WindowsLive NSP] -> C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL -> [2012/07/17 14:49:00 | 000,145,648 | ---- | M] (Microsoft Corp.)
NameSpace_Catalog5\Catalog_Entries\000000000006 [WindowsLive Local NSP] -> C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL -> [2012/07/17 14:49:00 | 000,145,648 | ---- | M] (Microsoft Corp.)
< Default Protocols [HKEY_LOCAL_MACHINE\] - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
knownfolder -> 0 = Computer (Not a Default Protocol) ->
ldap -> 4 = Restricted sites (Not a Default Protocol) ->
news -> 4 = Restricted sites (Not a Default Protocol) ->
nntp -> 4 = Restricted sites (Not a Default Protocol) ->
oecmd -> 4 = Restricted sites (Not a Default Protocol) ->
snews -> 4 = Restricted sites (Not a Default Protocol) ->
< Default Protocols [HKEY_USERS\.DEFAULT\] - Select to Repair > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
knownfolder -> 0 = Computer (Not a Default Protocol) ->
< Default Protocols [HKEY_USERS\S-1-5-18\] - Select to Repair > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
knownfolder -> 0 = Computer (Not a Default Protocol) ->
< Default Protocols [HKEY_USERS\S-1-5-19\] - Select to Repair > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
@ivt -> @ivt protocol not assigned ->
file -> file protocol not assigned ->
ftp -> ftp protocol not assigned ->
http -> http protocol not assigned ->
https -> https protocol not assigned ->
shell -> shell protocol not assigned ->
< Default Protocols [HKEY_USERS\S-1-5-20\] - Select to Repair > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
@ivt -> @ivt protocol not assigned ->
file -> file protocol not assigned ->
ftp -> ftp protocol not assigned ->
http -> http protocol not assigned ->
https -> https protocol not assigned ->
shell -> shell protocol not assigned ->
< Default Protocols [HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\] - Select to Repair > -> HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProtocolDefaults ->
knownfolder -> 0 = Computer (Not a Default Protocol) ->
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
{0B5FDC99-E373-4F0F-938D-42AD090BACC0} -> Windows Live UX Platform Language Pack
{1057511B-F8FE-4230-9ED3-AB949A57EE4A} -> Windows Live PIMT Platform
{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E} -> Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
{1894024D-500C-4FBE-9F77-5BE07D30E4B5} -> AVG 2015
{1945A4B5-73B6-4DE9-99A3-05261B7FDED0} -> Shared C Run-time for x86
{1F1C2DFC-2D24-3E06-BCB8-725134ADF989} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
{20E60725-16C8-4FB9-8BC2-AF92C5F8D06D}_is1 -> Warsaw 1.5.2.9896 32 bits
{29315CEC-E6CE-4394-84DC-6F862E8D9A52} -> Windows Live UX Platform
{2D598A54-750B-4120-B8AD-ED938F74932C} -> Windows Live Essentials
{31495D38-0A7A-3D27-845B-9210E6ED8CFE} -> Microsoft .NET Framework 4.5.1 (PTB)
{36386dc9-8543-4b12-ae6b-220fd52f19f3}_is1 -> Módulo de Segurança - Banco do Brasil
{3C3D696B-0DB7-3C6D-A356-3DB8CE541918} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
{415FA9AD-DA10-4ABE-97B6-5051D4795C90} -> HP FWUpdateEDO2
{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1 -> Foxit Cloud
{4903D172-DCCB-392F-93A3-34CA9D47FE3D} -> Microsoft .NET Framework 4.5.1
{4F9A382F-4478-4036-905C-F77DF2EA0370} -> Windows Live SOXE
{4FA8F084-C42F-45E1-B7E5-E0C8A1083DC5} -> Windows Live SOXE Definitions
{56C049BE-79E9-4502-BEA7-9754A3E60F9B} -> neroxml
{64DF7404-9D46-44AF-AFA1-A2F8D5648C2D} -> Windows Live Photo Common
{69969D5E-20DA-47FF-B657-E5D152672AB5} -> HP Deskjet 3510 series Software básico do dispositivo
{6A853D8D-C934-46F9-9A93-6F1D337DA392} -> AVG 2015
{76EE8FE7-1957-4C51-9074-4930A8CFB1AF} -> Windows Live Installer
{7AEEF79F-4278-4510-AAD0-23AD14508217} -> Photo Common
{8256F87F-8554-4457-8C3D-3F3324697D9F} -> Windows Live ID Sign-in Assistant
{84BEAA30-1AF1-450B-9DD7-AD38B84004BA} -> Windows Live Messenger
{8833FFB6-5B0C-4764-81AA-06DFEED9A476} -> Realtek Ethernet Controller Driver
{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} -> MSVCRT
{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA} -> MSVCRT110
{90110416-6000-11D3-8CFE-0150048383C9} -> Microsoft Office Professional Edição 2003
{90140000-2005-0000-0000-0000000FF1CE} -> Microsoft Office File Validation Add-In
{904CCF62-818D-4675-BC76-D37EB399F917} -> Windows Mobile Device Center
{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033 -> Microsoft .NET Framework 4.5.1
{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046 -> Microsoft .NET Framework 4.5.1 (Português do Brasil)
{95120000-00B9-0409-0000-0000000FF1CE} -> Microsoft Application Error Reporting
{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8} -> Visual Studio 2012 x86 Redistributables
{9BE518E6-ECC6-35A9-88E4-87755C07200F} -> Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
{A5163E8D-19B6-4AFD-A43B-9723A1796AE3} -> Windows Live Messenger
{BA73469B-D8C7-4FE3-B33C-1340D09F0709} -> Windows Live Communications Platform
{D0795B21-0CDA-4a92-AB9E-6E92D8111E44} -> SAMSUNG USB Driver for Mobile Phones
{E09C4DB7-630C-4F06-A631-8EA7239923AF} -> D3DX10
{E42E07F5-5A90-4BA9-B55A-79FCF9EAF9B5} -> STK02N 2.2
{f65db027-aff3-4070-886a-0d87064aabb1} -> Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185} -> Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Adobe Flash Player ActiveX -> Adobe Flash Player 14 ActiveX
AVG -> AVG 2015
DigiMaster_is1 -> DigiMaster 2.0
Fishdom 2_is1 -> Fishdom 2
Fishdom Harvest Splash_is1 -> Fishdom Harvest Splash
Fishdom_is1 -> Fishdom
Foxit Reader_is1 -> Foxit Reader
HDMI -> Intel(R) Graphics Media Accelerator Driver
HP Photo Creations -> HP Photo Creations
InstallShield_{758C8301-2696-4855-AF45-534B1200980A} -> Samsung Kies
JigsawBoom_is1 -> JigsawBoom
Malwarebytes Anti-Malware_is1 -> Malwarebytes Anti-Malware versão 2.1.6.1022
Pacxon 2_is1 -> Pacxon 2
WinLiveSuite -> Windows Live Essentials
WinPcapInst -> WinPcap 3.1 beta3
WinRAR archiver -> WinRAR 5.10 (32-bit)
Zero Assumption Recovery_is1 -> Zero Assumption Recovery Version 9
ZHPDiag_is1 -> ZHPDiag 2015
< Uninstall List [HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\] > -> HKEY_USERS\S-1-5-21-755782756-4124950194-2197105660-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ ->
< EventViewer Logs - Last 10 Errors > -> Event Information -> Description
Application [ Error ] 27/04/2015 06:36:41 Computer Name = Familia-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1542 -> Description = O Windows não pode carregar o arquivo de Registro de classes. DETALHE - O sistema não pode encontrar o arquivo especificado.
Application [ Error ] 27/04/2015 06:38:44 Computer Name = Familia-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1542 -> Description = O Windows não pode carregar o arquivo de Registro de classes. DETALHE - O sistema não pode encontrar o arquivo especificado.
Application [ Error ] 27/04/2015 06:38:53 Computer Name = Familia-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1542 -> Description = O Windows não pode carregar o arquivo de Registro de classes. DETALHE - O sistema não pode encontrar o arquivo especificado.
Application [ Error ] 27/04/2015 06:40:02 Computer Name = Familia-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1542 -> Description = O Windows não pode carregar o arquivo de Registro de classes. DETALHE - O sistema não pode encontrar o arquivo especificado.
Application [ Error ] 27/04/2015 06:40:04 Computer Name = Familia-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1542 -> Description = O Windows não pode carregar o arquivo de Registro de classes. DETALHE - O sistema não pode encontrar o arquivo especificado.
Application [ Error ] 27/04/2015 06:41:25 Computer Name = Familia-PC | Source = Application Hang | ID = 1002 -> Description = O programa FRST.exe versão 26.4.2015.0 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: 688 Hora de Início: 01d080d685a5a37c Hora de Término: 16 Caminho do Aplicativo: C:\Users\Familia\Downloads\FRST-OlderVersion\FRST.exe Id do Relatório: ecc84644-ecc9-11e4-b4e8-c89cdc46e5f4
Application [ Error ] 27/04/2015 13:25:28 Computer Name = Familia-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1542 -> Description = O Windows não pode carregar o arquivo de Registro de classes. DETALHE - O sistema não pode encontrar o arquivo especificado.
Application [ Error ] 27/04/2015 13:25:29 Computer Name = Familia-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1542 -> Description = O Windows não pode carregar o arquivo de Registro de classes. DETALHE - O sistema não pode encontrar o arquivo especificado.
Application [ Error ] 27/04/2015 13:28:58 Computer Name = Familia-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1542 -> Description = O Windows não pode carregar o arquivo de Registro de classes. DETALHE - O sistema não pode encontrar o arquivo especificado.
Application [ Error ] 27/04/2015 13:28:58 Computer Name = Familia-PC | Source = Microsoft-Windows-User Profiles Service | ID = 1542 -> Description = O Windows não pode carregar o arquivo de Registro de classes. DETALHE - O sistema não pode encontrar o arquivo especificado.
Media Center [ Error ] 23/10/2012 04:55:29 Computer Name = Familia-PC | Source = MCUpdate | ID = 0 -> Description = 06:55:23 - Erro ao estabelecer conexão com a Internet. 06:55:23 - Não foi possível contatar o servidor..
Media Center [ Error ] 26/10/2012 07:39:28 Computer Name = Familia-PC | Source = MCUpdate | ID = 0 -> Description = 09:39:28 - Erro ao estabelecer conexão com a Internet. 09:39:28 - Não foi possível contatar o servidor..
Media Center [ Error ] 26/10/2012 07:39:39 Computer Name = Familia-PC | Source = MCUpdate | ID = 0 -> Description = 09:39:33 - Erro ao estabelecer conexão com a Internet. 09:39:33 - Não foi possível contatar o servidor..
Media Center [ Error ] 28/10/2012 05:46:07 Computer Name = Familia-PC | Source = MCUpdate | ID = 0 -> Description = 07:46:07 - Erro ao estabelecer conexão com a Internet. 07:46:07 - Não foi possível contatar o servidor..
Media Center [ Error ] 28/10/2012 05:46:18 Computer Name = Familia-PC | Source = MCUpdate | ID = 0 -> Description = 07:46:13 - Erro ao estabelecer conexão com a Internet. 07:46:13 - Não foi possível contatar o servidor..
Media Center [ Error ] 30/10/2012 05:18:56 Computer Name = Familia-PC | Source = MCUpdate | ID = 0 -> Description = 07:18:56 - Erro ao estabelecer conexão com a Internet. 07:18:56 - Não foi possível contatar o servidor..
Media Center [ Error ] 30/10/2012 05:19:08 Computer Name = Familia-PC | Source = MCUpdate | ID = 0 -> Description = 07:19:01 - Erro ao estabelecer conexão com a Internet. 07:19:01 - Não foi possível contatar o servidor..
Media Center [ Error ] 31/10/2012 04:34:19 Computer Name = Familia-PC | Source = MCUpdate | ID = 0 -> Description = 06:34:19 - Erro ao estabelecer conexão com a Internet. 06:34:19 - Não foi possível contatar o servidor..
Media Center [ Error ] 31/10/2012 04:34:31 Computer Name = Familia-PC | Source = MCUpdate | ID = 0 -> Description = 06:34:25 - Erro ao estabelecer conexão com a Internet. 06:34:25 - Não foi possível contatar o servidor..
Media Center [ Error ] 25/11/2012 07:57:22 Computer Name = Familia-PC | Source = MCUpdate | ID = 0 -> Description = 09:57:17 - Erro ao estabelecer conexão com a Internet. 09:57:17 - Não foi possível contatar o servidor..
System [ Error ] 27/04/2015 06:32:09 Computer Name = Familia-PC | Source = Service Control Manager | ID = 7031 -> Description = O serviço Gbp Service foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 1000 milissegundos: Reiniciar o serviço.
System [ Error ] 27/04/2015 06:32:09 Computer Name = Familia-PC | Source = Service Control Manager | ID = 7034 -> Description = O serviço MBAMScheduler foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
System [ Error ] 27/04/2015 06:32:09 Computer Name = Familia-PC | Source = Service Control Manager | ID = 7034 -> Description = O serviço MBAMService foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
System [ Error ] 27/04/2015 06:32:09 Computer Name = Familia-PC | Source = Service Control Manager | ID = 7031 -> Description = O serviço Windows Search foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 30000 milissegundos: Reiniciar o serviço.
System [ Error ] 27/04/2015 06:32:10 Computer Name = Familia-PC | Source = Service Control Manager | ID = 7034 -> Description = O serviço Machine Debug Manager foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
System [ Error ] 27/04/2015 06:32:10 Computer Name = Familia-PC | Source = Service Control Manager | ID = 7031 -> Description = O serviço Windows Live ID Sign-in Assistant foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 10000 milissegundos: Reiniciar o serviço.
System [ Error ] 27/04/2015 06:32:12 Computer Name = Familia-PC | Source = Service Control Manager | ID = 7034 -> Description = O serviço Warsaw Technology foi encerrado inesperadamente. Isso aconteceu 1 vez(es).
System [ Error ] 27/04/2015 06:32:12 Computer Name = Familia-PC | Source = Service Control Manager | ID = 7031 -> Description = O serviço Spooler de Impressão foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 60000 milissegundos: Reiniciar o serviço.
System [ Error ] 27/04/2015 06:32:39 Computer Name = Familia-PC | Source = DCOM | ID = 10010 -> Description =
System [ Error ] 27/04/2015 06:32:47 Computer Name = Familia-PC | Source = DCOM | ID = 10010 -> Description =

[Files/Folders - Created Within 30 Days]
FRST -> C:\FRST -> [2015/04/26 12:21:44 | 000,000,000 | ---D | C]
FRST -> \FRST -> [2015/04/26 12:21:44 | 000,000,000 | ---D | C]
GAS Tecnologia -> C:\Program Files\GAS Tecnologia -> [2015/04/25 01:12:23 | 000,000,000 | -H-D | C]
Diebold -> C:\Program Files\Diebold -> [2015/04/25 01:12:23 | 000,000,000 | ---D | C]
ZHP -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP -> [2015/04/24 10:55:07 | 000,000,000 | ---D | C]
ZHPDiag -> C:\Program Files\ZHPDiag -> [2015/04/24 10:55:01 | 000,000,000 | ---D | C]
RegBackup -> C:\RegBackup -> [2015/04/23 16:39:10 | 000,000,000 | ---D | C]
RegBackup -> \RegBackup -> [2015/04/23 16:39:10 | 000,000,000 | ---D | C]
$RECYCLE.BIN -> C:\$RECYCLE.BIN -> [2015/04/23 16:01:53 | 000,000,000 | -HSD | C]
$RECYCLE.BIN -> \$RECYCLE.BIN -> [2015/04/23 16:01:53 | 000,000,000 | -HSD | C]
Temp -> C:\Windows\Temp -> [2015/04/23 15:59:53 | 000,000,000 | ---D | C]
zoek_backup -> C:\zoek_backup -> [2015/04/23 15:36:02 | 000,000,000 | ---D | C]
zoek_backup -> \zoek_backup -> [2015/04/23 15:36:02 | 000,000,000 | ---D | C]
AVG -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG -> [2015/04/20 23:20:54 | 000,000,000 | ---D | C]
$AVG -> C:\$AVG -> [2015/04/20 23:19:47 | 000,000,000 | -H-D | C]
$AVG -> \$AVG -> [2015/04/20 23:19:47 | 000,000,000 | -H-D | C]
AVG2015 -> C:\ProgramData\AVG2015 -> [2015/04/20 23:19:47 | 000,000,000 | ---D | C]
%systemroot% -> C:\Windows\System32\%systemroot% -> [2015/04/20 23:18:04 | 000,000,000 | ---D | C]
AVG -> C:\Program Files\AVG -> [2015/04/20 23:18:03 | 000,000,000 | ---D | C]
MFAData -> C:\ProgramData\MFAData -> [2015/04/20 23:08:07 | 000,000,000 | ---D | C]
MBAMSwissArmy.sys -> C:\Windows\System32\drivers\MBAMSwissArmy.sys -> [2015/04/20 22:57:12 | 000,119,512 | ---- | C] (Malwarebytes Corporation)
Malwarebytes Anti-Malware -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware -> [2015/04/20 22:56:40 | 000,000,000 | ---D | C]
mbamchameleon.sys -> C:\Windows\System32\drivers\mbamchameleon.sys -> [2015/04/20 22:56:34 | 000,092,888 | ---- | C] (Malwarebytes Corporation)
mwac.sys -> C:\Windows\System32\drivers\mwac.sys -> [2015/04/20 22:56:34 | 000,051,928 | ---- | C] (Malwarebytes Corporation)
mbam.sys -> C:\Windows\System32\drivers\mbam.sys -> [2015/04/20 22:56:34 | 000,023,256 | ---- | C] (Malwarebytes Corporation)
Malwarebytes Anti-Malware -> C:\Program Files\Malwarebytes Anti-Malware -> [2015/04/20 22:56:34 | 000,000,000 | ---D | C]
Malwarebytes -> C:\ProgramData\Malwarebytes -> [2015/04/20 22:56:34 | 000,000,000 | ---D | C]
avgldx86.sys -> C:\Windows\System32\drivers\avgldx86.sys -> [2015/04/15 13:05:06 | 000,206,816 | ---- | C] (AVG Technologies CZ, s.r.o.)
avgidsdriverx.sys -> C:\Windows\System32\drivers\avgidsdriverx.sys -> [2015/04/09 14:12:50 | 000,226,784 | ---- | C] (AVG Technologies CZ, s.r.o.)
avgtdix.sys -> C:\Windows\System32\drivers\avgtdix.sys -> [2015/04/07 12:45:10 | 000,213,984 | ---- | C] (AVG Technologies CZ, s.r.o.)
avgmfx86.sys -> C:\Windows\System32\drivers\avgmfx86.sys -> [2015/04/03 09:37:24 | 000,110,048 | ---- | C] (AVG Technologies CZ, s.r.o.)

[Files/Folders - Modified Within 30 Days]
MBAMSwissArmy.sys -> C:\Windows\System32\drivers\MBAMSwissArmy.sys -> [2015/04/27 12:02:44 | 000,119,512 | ---- | M] (Malwarebytes Corporation)
7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 -> [2015/04/27 07:46:09 | 000,025,424 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 -> [2015/04/27 07:46:09 | 000,025,424 | -H-- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2015/04/27 07:38:35 | 000,067,584 | --S- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2015/04/27 07:38:33 | 1602,985,984 | -HS- | M] ()
PhysicalDisk0_MBR.bin -> C:\PhysicalDisk0_MBR.bin -> [2015/04/25 10:21:51 | 000,000,512 | ---- | M] ()
FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2015/04/25 07:19:38 | 000,410,360 | ---- | M] ()
.rnd -> C:\.rnd -> [2015/04/25 01:13:42 | 000,001,024 | ---- | M] ()
gbpkm.sys -> C:\Windows\System32\drivers\gbpkm.sys -> [2015/04/24 08:57:48 | 000,046,552 | ---- | M] (GAS Tecnologia)
hosts -> C:\Windows\System32\drivers\etc\hosts -> [2015/04/23 18:01:19 | 000,000,840 | ---- | M] ()
tweaking.com-regbackup-FAMILIA-PC-Windows-7-Professional-(32-bit).dat -> C:\Windows\tweaking.com-regbackup-FAMILIA-PC-Windows-7-Professional-(32-bit).dat -> [2015/04/23 16:39:16 | 000,000,207 | ---- | M] ()
zoek-delete.exe -> C:\Windows\zoek-delete.exe -> [2015/04/23 15:36:02 | 000,024,064 | ---- | M] ()
userawacs.cfg -> C:\Windows\System32\userawacs.cfg -> [2015/04/20 23:21:49 | 000,000,173 | ---- | M] ()
avgldx86.sys -> C:\Windows\System32\drivers\avgldx86.sys -> [2015/04/15 13:05:06 | 000,206,816 | ---- | M] (AVG Technologies CZ, s.r.o.)
mwac.sys -> C:\Windows\System32\drivers\mwac.sys -> [2015/04/14 09:37:54 | 000,051,928 | ---- | M] (Malwarebytes Corporation)
mbamchameleon.sys -> C:\Windows\System32\drivers\mbamchameleon.sys -> [2015/04/14 09:37:44 | 000,092,888 | ---- | M] (Malwarebytes Corporation)
mbam.sys -> C:\Windows\System32\drivers\mbam.sys -> [2015/04/14 09:37:42 | 000,023,256 | ---- | M] (Malwarebytes Corporation)
avgidsdriverx.sys -> C:\Windows\System32\drivers\avgidsdriverx.sys -> [2015/04/09 14:12:50 | 000,226,784 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgtdix.sys -> C:\Windows\System32\drivers\avgtdix.sys -> [2015/04/07 12:45:10 | 000,213,984 | ---- | M] (AVG Technologies CZ, s.r.o.)
prfh0416.dat -> C:\Windows\System32\prfh0416.dat -> [2015/04/03 09:59:09 | 000,705,798 | ---- | M] ()
perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2015/04/03 09:59:09 | 000,654,254 | ---- | M] ()
prfc0416.dat -> C:\Windows\System32\prfc0416.dat -> [2015/04/03 09:59:09 | 000,147,638 | ---- | M] ()
perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2015/04/03 09:59:09 | 000,122,126 | ---- | M] ()
avgmfx86.sys -> C:\Windows\System32\drivers\avgmfx86.sys -> [2015/04/03 09:37:24 | 000,110,048 | ---- | M] (AVG Technologies CZ, s.r.o.)

[Files - No Company Name]
PhysicalDisk0_MBR.bin -> C:\PhysicalDisk0_MBR.bin -> [2015/04/24 11:01:50 | 000,000,512 | ---- | C] ()
PhysicalDisk0_MBR.bin -> \PhysicalDisk0_MBR.bin -> [2015/04/24 11:01:50 | 000,000,512 | ---- | C] ()
tweaking.com-regbackup-FAMILIA-PC-Windows-7-Professional-(32-bit).dat -> C:\Windows\tweaking.com-regbackup-FAMILIA-PC-Windows-7-Professional-(32-bit).dat -> [2015/04/23 16:39:16 | 000,000,207 | ---- | C] ()
zoek-delete.exe -> C:\Windows\zoek-delete.exe -> [2015/04/23 15:59:53 | 000,024,064 | ---- | C] ()
FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2015/04/21 08:51:57 | 000,410,360 | ---- | C] ()
userawacs.cfg -> C:\Windows\System32\userawacs.cfg -> [2015/04/20 23:21:49 | 000,000,173 | ---- | C] ()
.rnd -> C:\.rnd -> [2015/04/03 14:44:14 | 000,001,024 | ---- | C] ()
.rnd -> \.rnd -> [2015/04/03 14:44:14 | 000,001,024 | ---- | C] ()
memob.dat -> \memob.dat -> [2014/04/15 15:50:48 | 000,000,650 | ---- | C] ()
memob2.dat -> \memob2.dat -> [2014/04/15 15:50:48 | 000,000,520 | ---- | C] ()
AVScanner.ini -> \AVScanner.ini -> [2014/02/21 22:54:16 | 000,000,426 | ---- | C] ()
SecurityScanner.dll -> \SecurityScanner.dll -> [2014/01/15 21:40:14 | 000,487,016 | ---- | C] ()
Archive.ini -> \Archive.ini -> [2013/12/04 13:28:54 | 000,000,047 | ---- | C] ()
fraglist.luar -> \fraglist.luar -> [2013/12/04 13:28:27 | 000,001,068 | ---- | C] ()
PrintBrmUi.exe -> C:\Windows\System32\PrintBrmUi.exe -> [2013/11/08 07:30:21 | 000,066,048 | ---- | C] ()
config.ini -> C:\Windows\System32\config.ini -> [2013/11/02 10:56:18 | 000,000,029 | ---- | C] ()
ASOROSet.bin -> C:\Windows\System32\ASOROSet.bin -> [2013/11/02 09:30:12 | 000,001,664 | ---- | C] ()
Ament.ini -> C:\ProgramData\Ament.ini -> [2013/06/13 23:46:09 | 000,000,057 | ---- | C] ()
MSDOS.SYS -> \MSDOS.SYS -> [2013/06/04 10:14:09 | 000,000,000 | RHS- | C] ()
IO.SYS -> \IO.SYS -> [2013/06/04 10:14:09 | 000,000,000 | RHS- | C] ()
RB.rdat -> \RB.rdat -> [2013/05/25 18:52:34 | 000,000,048 | ---- | C] ()
License_Time.rdat -> \License_Time.rdat -> [2013/05/25 18:52:34 | 000,000,048 | ---- | C] ()
MusiccityDownload.exe -> C:\Windows\MusiccityDownload.exe -> [2013/05/22 20:43:52 | 000,030,568 | ---- | C] ()
cis-2.4.dll -> C:\Windows\System32\cis-2.4.dll -> [2013/05/22 20:43:48 | 000,974,848 | ---- | C] ()
issacapi_bs-2.3.dll -> C:\Windows\System32\issacapi_bs-2.3.dll -> [2013/05/22 20:43:48 | 000,081,920 | ---- | C] ()
issacapi_pe-2.3.dll -> C:\Windows\System32\issacapi_pe-2.3.dll -> [2013/05/22 20:43:48 | 000,065,536 | ---- | C] ()
issacapi_se-2.3.dll -> C:\Windows\System32\issacapi_se-2.3.dll -> [2013/05/22 20:43:48 | 000,057,344 | ---- | C] ()

[File - Lop Check]
Application Data -> C:\Users\All Users\Application Data -> [2009/07/14 01:53:55 | 000,000,000 | ---D | M]
AVG2015 -> C:\Users\All Users\AVG2015 -> [2015/04/21 11:34:35 | 000,000,000 | ---D | M]
Common Files -> C:\Users\All Users\Common Files -> [2013/07/31 20:03:54 | 000,000,000 | ---D | M]
Dados de aplicativos -> C:\Users\All Users\Dados de aplicativos -> [2012/09/05 17:08:09 | 000,000,000 | ---D | M]
Desktop -> C:\Users\All Users\Desktop -> [2009/07/14 01:53:55 | 000,000,000 | ---D | M]
Documentos -> C:\Users\All Users\Documentos -> [2012/09/05 17:08:09 | 000,000,000 | ---D | M]
Documents -> C:\Users\All Users\Documents -> [2009/07/14 01:53:55 | 000,000,000 | ---D | M]
Dress-up-pups -> C:\Users\All Users\Dress-up-pups -> [2014/06/28 12:42:30 | 000,000,000 | ---D | M]
Favorites -> C:\Users\All Users\Favorites -> [2009/07/14 01:53:55 | 000,000,000 | ---D | M]
Favoritos -> C:\Users\All Users\Favoritos -> [2012/09/05 17:08:09 | 000,000,000 | ---D | M]
GAS Tecnologia -> C:\Users\All Users\GAS Tecnologia -> [2015/04/23 12:15:03 | 000,000,000 | ---D | M]
GbPlugin -> C:\Users\All Users\GbPlugin -> [2015/04/27 07:38:36 | 000,000,000 | ---D | M]
Menu Iniciar -> C:\Users\All Users\Menu Iniciar -> [2012/09/05 17:08:09 | 000,000,000 | ---D | M]
MFAData -> C:\Users\All Users\MFAData -> [2015/04/27 08:49:00 | 000,000,000 | ---D | M]
Modelos -> C:\Users\All Users\Modelos -> [2012/09/05 17:08:09 | 000,000,000 | ---D | M]
Playrix Entertainment -> C:\Users\All Users\Playrix Entertainment -> [2014/07/06 13:41:43 | 000,000,000 | ---D | M]
RoboForm -> C:\Users\All Users\RoboForm -> [2012/09/05 17:15:23 | 000,000,000 | ---D | M]
Samsung -> C:\Users\All Users\Samsung -> [2014/06/13 08:47:02 | 000,000,000 | ---D | M]
Start Menu -> C:\Users\All Users\Start Menu -> [2009/07/14 01:53:55 | 000,000,000 | ---D | M]
Temp -> C:\Users\All Users\Temp -> [2014/12/20 17:23:00 | 000,000,000 | ---D | M]
Templates -> C:\Users\All Users\Templates -> [2009/07/14 01:53:55 | 000,000,000 | ---D | M]
TuneUp Software -> C:\Users\All Users\TuneUp Software -> [2013/07/31 20:04:18 | 000,000,000 | ---D | M]
Visan -> C:\Users\All Users\Visan -> [2013/08/18 11:24:09 | 000,000,000 | ---D | M]
Ambiente de impressão -> C:\Users\Default\Ambiente de impressão -> [2012/09/05 17:08:09 | 000,000,000 | -HSD | M]
Ambiente de rede -> C:\Users\Default\Ambiente de rede -> [2012/09/05 17:08:09 | 000,000,000 | -HSD | M]
AppData -> C:\Users\Default\AppData -> [2009/07/13 23:37:05 | 000,000,000 | -H-D | M]
Application Data -> C:\Users\Default\Application Data -> [2009/07/14 01:53:55 | 000,000,000 | -HSD | M]
Configurações locais -> C:\Users\Default\Configurações locais -> [2012/09/05 17:08:09 | 000,000,000 | -HSD | M]
Cookies -> C:\Users\Default\Cookies -> [2009/07/14 01:53:55 | 000,000,000 | -HSD | M]
Dados de aplicativos -> C:\Users\Default\Dados de aplicativos -> [2012/09/05 17:08:09 | 000,000,000 | -HSD | M]
Desktop -> C:\Users\Default\Desktop -> [2009/07/13 23:04:25 | 000,000,000 | R--D | M]
Documents -> C:\Users\Default\Documents -> [2012/09/05 17:08:09 | 000,000,000 | R--D | M]
Downloads -> C:\Users\Default\Downloads -> [2009/07/13 23:04:25 | 000,000,000 | R--D | M]
Favorites -> C:\Users\Default\Favorites -> [2009/07/13 23:04:25 | 000,000,000 | R--D | M]
Links -> C:\Users\Default\Links -> [2009/07/13 23:04:25 | 000,000,000 | R--D | M]
Local Settings -> C:\Users\Default\Local Settings -> [2009/07/14 01:53:55 | 000,000,000 | -HSD | M]
Menu Iniciar -> C:\Users\Default\Menu Iniciar -> [2012/09/05 17:08:09 | 000,000,000 | -HSD | M]
Meus documentos -> C:\Users\Default\Meus documentos -> [2012/09/05 17:08:09 | 000,000,000 | -HSD | M]
Modelos -> C:\Users\Default\Modelos -> [2012/09/05 17:08:09 | 000,000,000 | -HSD | M]
Music -> C:\Users\Default\Music -> [2009/07/13 23:04:25 | 000,000,000 | R--D | M]
My Documents -> C:\Users\Default\My Documents -> [2009/07/14 01:53:55 | 000,000,000 | -HSD | M]
NetHood -> C:\Users\Default\NetHood -> [2009/07/14 01:53:55 | 000,000,000 | -HSD | M]
Pictures -> C:\Users\Default\Pictures -> [2009/07/13 23:04:25 | 000,000,000 | R--D | M]
PrintHood -> C:\Users\Default\PrintHood -> [2009/07/14 01:53:55 | 000,000,000 | -HSD | M]
Recent -> C:\Users\Default\Recent -> [2009/07/14 01:53:55 | 000,000,000 | -HSD | M]
Saved Games -> C:\Users\Default\Saved Games -> [2009/07/13 23:04:25 | 000,000,000 | ---D | M]
SendTo -> C:\Users\Default\SendTo -> [2009/07/14 01:53:55 | 000,000,000 | -HSD | M]
Start Menu -> C:\Users\Default\Start Menu -> [2009/07/14 01:53:55 | 000,000,000 | -HSD | M]
Templates -> C:\Users\Default\Templates -> [2009/07/14 01:53:55 | 000,000,000 | -HSD | M]
Videos -> C:\Users\Default\Videos -> [2009/07/13 23:04:25 | 000,000,000 | R--D | M]
Ambiente de impressão -> C:\Users\Familia\Ambiente de impressão -> [2012/09/05 17:08:17 | 000,000,000 | -HSD | M]
Ambiente de rede -> C:\Users\Familia\Ambiente de rede -> [2012/09/05 17:08:17 | 000,000,000 | -HSD | M]
AppData -> C:\Users\Familia\AppData -> [2015/04/21 12:35:48 | 000,000,000 | -H-D | M]
Configurações locais -> C:\Users\Familia\Configurações locais -> [2012/09/05 17:08:17 | 000,000,000 | -HSD | M]
Contacts -> C:\Users\Familia\Contacts -> [2014/08/22 02:04:41 | 000,000,000 | R--D | M]
Cookies -> C:\Users\Familia\Cookies -> [2012/09/05 17:08:17 | 000,000,000 | -HSD | M]
Dados de aplicativos -> C:\Users\Familia\Dados de aplicativos -> [2012/09/05 17:08:17 | 000,000,000 | -HSD | M]
DESENHOS BIBLICOS -> C:\Users\Familia\DESENHOS BIBLICOS -> [2015/04/21 12:14:28 | 000,000,000 | ---D | M]
DESENHOS BIBLICOS] -> C:\Users\Familia\DESENHOS BIBLICOS] -> [2013/05/05 09:28:36 | 000,000,000 | ---D | M]
Desktop -> C:\Users\Familia\Desktop -> [2015/04/26 19:45:14 | 000,000,000 | ---D | M]
Documents -> C:\Users\Familia\Documents -> [2015/04/25 01:22:39 | 000,000,000 | R--D | M]
Downloads -> C:\Users\Familia\Downloads -> [2015/04/27 14:26:32 | 000,000,000 | R--D | M]
Favorites -> C:\Users\Familia\Favorites -> [2015/04/26 19:44:06 | 000,000,000 | R--D | M]
Links -> C:\Users\Familia\Links -> [2014/08/22 02:04:44 | 000,000,000 | R--D | M]
Menu Iniciar -> C:\Users\Familia\Menu Iniciar -> [2012/09/05 17:08:17 | 000,000,000 | -HSD | M]
Meus documentos -> C:\Users\Familia\Meus documentos -> [2012/09/05 17:08:17 | 000,000,000 | -HSD | M]
Modelos -> C:\Users\Familia\Modelos -> [2012/09/05 17:08:17 | 000,000,000 | -HSD | M]
moises -> C:\Users\Familia\moises -> [2013/03/31 08:04:54 | 000,000,000 | ---D | M]
Music -> C:\Users\Familia\Music -> [2015/04/07 11:49:42 | 000,000,000 | R--D | M]
Pictures -> C:\Users\Familia\Pictures -> [2015/04/26 19:32:26 | 000,000,000 | R--D | M]
Recent -> C:\Users\Familia\Recent -> [2012/09/05 17:08:17 | 000,000,000 | -HSD | M]
Saved Games -> C:\Users\Familia\Saved Games -> [2014/08/22 02:04:44 | 000,000,000 | R--D | M]
Searches -> C:\Users\Familia\Searches -> [2014/08/22 02:04:41 | 000,000,000 | R--D | M]
SendTo -> C:\Users\Familia\SendTo -> [2012/09/05 17:08:17 | 000,000,000 | -HSD | M]
Videos -> C:\Users\Familia\Videos -> [2015/04/21 12:29:31 | 000,000,000 | R--D | M]
Desktop -> C:\Users\Public\Desktop -> [2015/04/26 19:45:21 | 000,000,000 | RH-D | M]
Documents -> C:\Users\Public\Documents -> [2015/04/27 07:32:45 | 000,000,000 | R--D | M]
Downloads -> C:\Users\Public\Downloads -> [2009/07/14 01:41:57 | 000,000,000 | R--D | M]
Favorites -> C:\Users\Public\Favorites -> [2009/07/13 23:04:25 | 000,000,000 | RH-D | M]
Foxit Software -> C:\Users\Public\Foxit Software -> [2014/08/15 14:33:27 | 000,000,000 | ---D | M]
Libraries -> C:\Users\Public\Libraries -> [2013/07/20 01:25:18 | 000,000,000 | RH-D | M]
Music -> C:\Users\Public\Music -> [2015/04/07 11:49:43 | 000,000,000 | R--D | M]
Pictures -> C:\Users\Public\Pictures -> [2015/04/07 11:49:43 | 000,000,000 | R--D | M]
Recorded TV -> C:\Users\Public\Recorded TV -> [2013/07/20 01:23:13 | 000,000,000 | R--D | M]
Videos -> C:\Users\Public\Videos -> [2015/04/07 11:49:43 | 000,000,000 | R--D | M]
Application Data -> C:\Users\Todos os Usuários\Application Data -> [2009/07/14 01:53:55 | 000,000,000 | ---D | M]
AVG2015 -> C:\Users\Todos os Usuários\AVG2015 -> [2015/04/21 11:34:35 | 000,000,000 | ---D | M]
Common Files -> C:\Users\Todos os Usuários\Common Files -> [2013/07/31 20:03:54 | 000,000,000 | ---D | M]
Dados de aplicativos -> C:\Users\Todos os Usuários\Dados de aplicativos -> [2012/09/05 17:08:09 | 000,000,000 | ---D | M]
Desktop -> C:\Users\Todos os Usuários\Desktop -> [2009/07/14 01:53:55 | 000,000,000 | ---D | M]
Documentos -> C:\Users\Todos os Usuários\Documentos -> [2012/09/05 17:08:09 | 000,000,000 | ---D | M]
Documents -> C:\Users\Todos os Usuários\Documents -> [2009/07/14 01:53:55 | 000,000,000 | ---D | M]
Dress-up-pups -> C:\Users\Todos os Usuários\Dress-up-pups -> [2014/06/28 12:42:30 | 000,000,000 | ---D | M]
Favorites -> C:\Users\Todos os Usuários\Favorites -> [2009/07/14 01:53:55 | 000,000,000 | ---D | M]
Favoritos -> C:\Users\Todos os Usuários\Favoritos -> [2012/09/05 17:08:09 | 000,000,000 | ---D | M]
GAS Tecnologia -> C:\Users\Todos os Usuários\GAS Tecnologia -> [2015/04/23 12:15:03 | 000,000,000 | ---D | M]
GbPlugin -> C:\Users\Todos os Usuários\GbPlugin -> [2015/04/27 07:38:36 | 000,000,000 | ---D | M]
Menu Iniciar -> C:\Users\Todos os Usuários\Menu Iniciar -> [2012/09/05 17:08:09 | 000,000,000 | ---D | M]
MFAData -> C:\Users\Todos os Usuários\MFAData -> [2015/04/27 08:49:00 | 000,000,000 | ---D | M]
Modelos -> C:\Users\Todos os Usuários\Modelos -> [2012/09/05 17:08:09 | 000,000,000 | ---D | M]
Playrix Entertainment -> C:\Users\Todos os Usuários\Playrix Entertainment -> [2014/07/06 13:41:43 | 000,000,000 | ---D | M]
RoboForm -> C:\Users\Todos os Usuários\RoboForm -> [2012/09/05 17:15:23 | 000,000,000 | ---D | M]
Samsung -> C:\Users\Todos os Usuários\Samsung -> [2014/06/13 08:47:02 | 000,000,000 | ---D | M]
Start Menu -> C:\Users\Todos os Usuários\Start Menu -> [2009/07/14 01:53:55 | 000,000,000 | ---D | M]
Temp -> C:\Users\Todos os Usuários\Temp -> [2014/12/20 17:23:00 | 000,000,000 | ---D | M]
Templates -> C:\Users\Todos os Usuários\Templates -> [2009/07/14 01:53:55 | 000,000,000 | ---D | M]
TuneUp Software -> C:\Users\Todos os Usuários\TuneUp Software -> [2013/07/31 20:04:18 | 000,000,000 | ---D | M]
Visan -> C:\Users\Todos os Usuários\Visan -> [2013/08/18 11:24:09 | 000,000,000 | ---D | M]
SCHEDLGU.TXT -> C:\Windows\Tasks\SCHEDLGU.TXT -> [2014/12/25 07:19:00 | 000,032,608 | ---- | M] ()
[Custom Scans]
< %systemdrive%\*.* >
.rnd -> C:\.rnd -> [2015/04/25 01:13:42 | 000,001,024 | ---- | M] ()
Archive.ini -> C:\Archive.ini -> [2014/04/29 09:03:27 | 000,000,047 | ---- | M] ()
autoexec.bat -> C:\autoexec.bat -> [2009/06/10 18:42:20 | 000,000,024 | ---- | M] ()
AVScanner.ini -> C:\AVScanner.ini -> [2014/02/18 09:36:17 | 000,000,426 | ---- | M] ()
config.sys -> C:\config.sys -> [2009/06/10 18:42:20 | 000,000,010 | ---- | M] ()
fraglist.luar -> C:\fraglist.luar -> [2013/12/04 13:28:27 | 000,001,068 | ---- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2015/04/27 07:38:33 | 1602,985,984 | -HS- | M] ()
IO.SYS -> C:\IO.SYS -> [2013/06/04 10:14:09 | 000,000,000 | RHS- | M] ()
License_Time.rdat -> C:\License_Time.rdat -> [2013/05/25 19:05:58 | 000,000,048 | ---- | M] ()
memob.dat -> C:\memob.dat -> [2014/04/15 15:57:37 | 000,000,650 | ---- | M] ()
memob2.dat -> C:\memob2.dat -> [2014/04/15 15:50:48 | 000,000,520 | ---- | M] ()
MSDOS.SYS -> C:\MSDOS.SYS -> [2013/06/04 10:14:09 | 000,000,000 | RHS- | M] ()
pagefile.sys -> C:\pagefile.sys -> [2015/04/27 07:38:33 | 2137,317,376 | -HS- | M] ()
PhysicalDisk0_MBR.bin -> C:\PhysicalDisk0_MBR.bin -> [2015/04/25 10:21:51 | 000,000,512 | ---- | M] ()
RB.rdat -> C:\RB.rdat -> [2013/05/25 19:05:58 | 000,000,048 | ---- | M] ()
relatorio 1.txt -> C:\relatorio 1.txt -> [2015/04/24 07:43:04 | 000,001,269 | ---- | M] ()
SecurityScanner.dll -> C:\SecurityScanner.dll -> [2014/01/15 21:40:14 | 000,487,016 | ---- | M] (McAfee, Inc.)
zoek-results.log -> C:\zoek-results.log -> [2015/04/23 16:01:47 | 000,011,344 | ---- | M] ()
< %systemdrive%\drivers\*.exe >
< %systemroot%\system32\drivers\*.* /90 >
avgdiskx.sys -> C:\Windows\system32\drivers\avgdiskx.sys -> [2015/03/11 12:13:46 | 000,132,576 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgidsdriverx.sys -> C:\Windows\system32\drivers\avgidsdriverx.sys -> [2015/04/09 14:12:50 | 000,226,784 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgidshx.sys -> C:\Windows\system32\drivers\avgidshx.sys -> [2015/03/11 12:13:46 | 000,166,880 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgidsshimx.sys -> C:\Windows\system32\drivers\avgidsshimx.sys -> [2015/03/11 12:08:24 | 000,029,664 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgldx86.sys -> C:\Windows\system32\drivers\avgldx86.sys -> [2015/04/15 13:05:06 | 000,206,816 | ---- | M] (AVG Technologies CZ, s.r.o.)
avglogx.sys -> C:\Windows\system32\drivers\avglogx.sys -> [2015/03/11 12:13:52 | 000,269,792 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgmfx86.sys -> C:\Windows\system32\drivers\avgmfx86.sys -> [2015/04/03 09:37:24 | 000,110,048 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgrkx86.sys -> C:\Windows\system32\drivers\avgrkx86.sys -> [2015/03/20 12:18:22 | 000,035,808 | ---- | M] (AVG Technologies CZ, s.r.o.)
avgtdix.sys -> C:\Windows\system32\drivers\avgtdix.sys -> [2015/04/07 12:45:10 | 000,213,984 | ---- | M] (AVG Technologies CZ, s.r.o.)
gbpkm.sys -> C:\Windows\system32\drivers\gbpkm.sys -> [2015/04/24 08:57:48 | 000,046,552 | ---- | M] (GAS Tecnologia)
mbam.sys -> C:\Windows\system32\drivers\mbam.sys -> [2015/04/14 09:37:42 | 000,023,256 | ---- | M] (Malwarebytes Corporation)
mbamchameleon.sys -> C:\Windows\system32\drivers\mbamchameleon.sys -> [2015/04/14 09:37:44 | 000,092,888 | ---- | M] (Malwarebytes Corporation)
MBAMSwissArmy.sys -> C:\Windows\system32\drivers\MBAMSwissArmy.sys -> [2015/04/27 12:02:44 | 000,119,512 | ---- | M] (Malwarebytes Corporation)
mwac.sys -> C:\Windows\system32\drivers\mwac.sys -> [2015/04/14 09:37:54 | 000,051,928 | ---- | M] (Malwarebytes Corporation)
< %programfiles%\*.* >
desktop.ini -> C:\Program Files\desktop.ini -> [2009/07/14 01:41:57 | 000,000,174 | -HS- | M] ()
Invalid Environment Variable: localappdata
Invalid Environment Variable: localappdata
Invalid Environment Variable: localappdata
Invalid Environment Variable: localappdata
Invalid Environment Variable: localappdata
< %userprofile%\*.exe >
< %userprofile%\*.txt >
< %userprofile%\*.ini >
ntuser.ini -> C:\Users\Familia\ntuser.ini -> [2012/09/05 17:08:17 | 000,000,020 | -HS- | M] ()
< %userprofile%\*.dll >
< %userprofile%\*.dat /30 >
ntuser.dat -> C:\Users\Familia\ntuser.dat -> [2015/04/27 14:41:30 | 009,699,328 | ---- | M] ()
Invalid Environment Variable: appdata
< %systemroot%\system32\tasks\*.* >
< %windir%\tasks\*.* >
SA.DAT -> C:\Windows\tasks\SA.DAT -> [2015/04/27 07:38:42 | 000,000,006 | -H-- | M] ()
SCHEDLGU.TXT -> C:\Windows\tasks\SCHEDLGU.TXT -> [2014/12/25 07:19:00 | 000,032,608 | ---- | M] ()
< HKLM\System\CCS\Services\Tcpip\Parameters >
Reg Error: Key HKEY_LOCAL_MACHINE\System\CCS\Services\Tcpip\Parameters\ not found. -> ->
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
\\"DefaultConnectionSettings" -> [[Binary data over 100 bytes]] -> File not found
\\"SavedLegacySettings" -> [[Binary data over 100 bytes]] -> File not found
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations >
Reg Error: Key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations\ not found. -> ->
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments >
Reg Error: Key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments\ not found. -> ->
< HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT
\\"devenv.exe" -> [1] -> File not found
\\"dexplore.exe" -> [1] -> File not found
\\"helppane.exe" -> [1] -> File not found
\\"PresentationHost.exe" -> [0] -> File not found
\\"sllauncher.exe" -> [0] -> File not found

[Alternate Data Streams]
@Alternate Data Stream - 2 bytes -> C:\Windows\System32:1D53644C_Bb.gbp
@Alternate Data Stream - 208 bytes -> C:\Windows\System32\drivers:GbpKmAp.lst
@Alternate Data Stream - 8 bytes -> C:\Program Files\GbPlugin:IncompleteStartProcessProtection.cnt
< End of report >
[/code]

Publicité


Signaler le contenu de ce document

Publicité