cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-05-2015 02
Ran by Administrador (administrator) on 2013LL on 16-05-2015 14:35:48
Running from C:\Documents and Settings\Administrador\Meus documentos\Downloads
Loaded Profiles: Administrador (Available profiles: Administrador)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Português (Brasil)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(GAS Tecnologia) C:\ARQUIV~1\GbPlugin\GbpSv.exe
(Microsoft Corporation) C:\Arquivos de programas\Microsoft Security Client\Antimalware\MsMpEng.exe
(AVAST Software) C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe
(Avira Operations GmbH & Co. KG) C:\Arquivos de programas\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Arquivos de programas\Avira\Antivirus\avguard.exe
(Oracle Corporation) C:\Arquivos de programas\Java\jre7\bin\jqs.exe
(Motorola Mobility LLC) C:\Arquivos de programas\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Prolific Technology Inc.) C:\WINDOWS\system32\IoctlSvc.exe
(Motorola Mobility LLC) C:\Arquivos de programas\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(GAS Tecnologia LTDA) C:\Arquivos de programas\Diebold\Warsaw\core.exe
(AVAST Software) C:\Arquivos de programas\AVAST Software\Avast\avastui.exe
(Avira Operations GmbH & Co. KG) C:\Arquivos de programas\Avira\Launcher\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Arquivos de programas\Avira\Antivirus\avgnt.exe
(Nero AG) C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe
(Avira Operations GmbH & Co. KG) C:\Arquivos de programas\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(Nero AG) C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe
(Nero AG) C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexStoreSvr.exe
(Microsoft Corporation) C:\WINDOWS\system32\wbem\unsecapp.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Arquivos de programas\Avira\Antivirus\update.exe
(Avira Operations GmbH & Co. KG) C:\Arquivos de programas\Avira\Antivirus\updrgui.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Avira Operations GmbH & Co. KG) C:\Arquivos de programas\Avira\Antivirus\update.exe
(Google Inc.) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Arquivos de programas\AVAST Software\Avast\AvastUI.exe [4085896 2014-09-20] (AVAST Software)
HKLM\...\Run: [Avira Systray] => C:\Arquivos de programas\Avira\Launcher\Avira.OE.Systray.exe [127792 2015-04-21] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [avgnt] => C:\Arquivos de programas\Avira\Antivirus\avgnt.exe [726320 2015-03-27] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\ GbPluginUni: C:\Arquivos de programas\GbPlugin\gbiehUni.dll [2014-02-24] (Banco Itaú Unibanco)
Winlogon\Notify\LMIinit: C:\WINDOWS\system32\LMIinit.dll [2012-11-10] (LogMeIn, Inc.)
HKU\S-1-5-21-484763869-1383384898-1177238915-500\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG)
HKU\S-1-5-21-484763869-1383384898-1177238915-500\...\MountPoints2: {7667eff4-4c54-11e1-9169-0019dbfae058} - J:\RunClubSanDisk.exe
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\DW\DWTRIG20.EXE [437160 2007-02-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Arquivos de programas\AVAST Software\Avast\ashShell.dll [2014-09-20] (AVAST Software)
ShellIconOverlayIdentifiers: [BaiduAntivirusIconLock] -> {0A93904A-BB1E-4a0c-9753-B57B9AE272CC} => No File
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-484763869-1383384898-1177238915-500\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.com
HKU\S-1-5-21-484763869-1383384898-1177238915-500\Software\Microsoft\Internet Explorer\Main,Search Page = https://br.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-484763869-1383384898-1177238915-500\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp
HKU\S-1-5-21-484763869-1383384898-1177238915-500\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkID=226786&Mkt=pt-BR&Src=MSE&Tid=0003295F&OHP=http%3A%2F%2Fwww.default%2Dsearch.net%3Fsid%3D498%26aid%3D157%26itype%3Da%26ver%3D15005%26tm%3D460%26src%3Dhmp&OSP=https%3A%2F%2Fbr.search.yahoo.com%2Fyhs%2Fsearch%3Ftype%3Davastbcl%26hspart%3Davast%26hsimp%3Dyhs%2D001%26p%3D%7BsearchTerms%7D
HKU\S-1-5-21-484763869-1383384898-1177238915-500\Software\Microsoft\Internet Explorer\Main,Search Bar = https://br.yahoo.com/?fr=hp-avast&type=avastbcl
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION
SearchScopes: HKLM -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-484763869-1383384898-1177238915-500 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-484763869-1383384898-1177238915-500 -> Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Arquivos de programas\Java\jre7\bin\ssv.dll [2014-04-14] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Arquivos de programas\AVAST Software\Avast\aswWebRepIE.dll [2014-09-20] (AVAST Software)
BHO: GbIehObj Class -> {C41A1C0E-EA6C-11D4-B1B8-444553540008} -> C:\Arquivos de programas\GbPlugin\gbiehuni.dll [2014-02-24] (Banco Itaú Unibanco)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll [2014-04-14] (Oracle Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll [2006-10-26] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL [2006-10-26] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2009-03-08] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2009-03-08] (Microsoft Corporation)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Arquivos de programas\GbPlugin\gbiehuni.dll [1587768 2014-02-24] (Banco Itaú Unibanco)
Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\ein6s2z7.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll [2013-07-12] (Google)
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> C:\Arquivos de programas\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Arquivos de programas\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @raidcall.com/RCplugin -> C:\Documents and Settings\Administrador\Dados de aplicativos\raidcall\plugins\webplugin.dll [2012-06-05] (Raidcall)
FF Plugin: @real.com/nppl3260;version=6.0.12.450 -> C:\Arquivos de programas\Real Alternative\browser\plugins\nppl3260.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> C:\Arquivos de programas\Real Alternative\browser\plugins\nprpjplug.dll [2010-02-15] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Arquivos de programas\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Arquivos de programas\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
FF Plugin HKU\S-1-5-21-484763869-1383384898-1177238915-500: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-484763869-1383384898-1177238915-500: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-484763869-1383384898-1177238915-500: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-04] (Google Inc.)
FF Plugin HKU\S-1-5-21-484763869-1383384898-1177238915-500: gastecnologia.com.br/sf/cef -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\npsf_cef.dll [2014-05-30] (GAS Tecnologia)
FF Plugin HKU\S-1-5-21-484763869-1383384898-1177238915-500: gastecnologia.com.br/sf/uni -> C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\npsf_uni.dll [2014-08-26] (GAS Tecnologia)
FF SearchPlugin: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\ein6s2z7.default\searchplugins\yahoo-avast.xml [2014-12-27]
FF SearchPlugin: C:\Arquivos de programas\mozilla firefox\browser\searchplugins\buscape.xml [2014-08-27]
FF SearchPlugin: C:\Arquivos de programas\mozilla firefox\browser\searchplugins\mercadolivre.xml [2014-08-27]
FF Extension: Avira Browser Safety - C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\ein6s2z7.default\Extensions\abs@avira.com [2015-05-11]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Arquivos de programas\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Arquivos de programas\AVAST Software\Avast\WebRep\FF [2014-09-20]
FF HKU\S-1-5-21-484763869-1383384898-1177238915-500\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8873}] - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\uni\xpi
FF Extension: Guardião - Itaú 30 horas - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\uni\xpi [2014-08-26]

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR DefaultSearchKeyword: Profile 5 -> gl
CHR DefaultSearchURL: Profile 5 -> http://www.google.com/search?q={searchTerms}
CHR DefaultSuggestURL: Profile 5 ->
CHR Profile: C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Profile 5
CHR Extension: (Google Slides) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-11]
CHR Extension: (Google Docs) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-11]
CHR Extension: (Google Drive) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-11]
CHR Extension: (YouTube) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-11]
CHR Extension: (Google Search) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Profile 5\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-11]
CHR Extension: (Google Sheets) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-11]
CHR Extension: (Avira Browser Safety) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Profile 5\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-11]
CHR Extension: (Bookmark Manager) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Profile 5\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-11]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Profile 5\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-11]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-11]
CHR Extension: (Gmail) - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-11]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
StartMenuInternet: chrome.exe - c:\documents and settings\administrador\configurações locais\dados de aplicativos\google\chrome\application\chrome.exe http://www.navegaki.com/?bd=sc&oem=Cube&uid=WDCXWD800BD-08MRA1_WD-WMAM9YU7086570865&version=2.3.0.8724&pid=414031160&tid=430

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Arquivos de programas\Avira\Antivirus\avmailc.exe [815352 2015-03-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Arquivos de programas\Avira\Antivirus\sched.exe [434424 2015-03-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Arquivos de programas\Avira\Antivirus\avguard.exe [434424 2015-03-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Arquivos de programas\Avira\Antivirus\AVWEBGRD.EXE [1004032 2015-03-27] (Avira Operations GmbH & Co. KG)
R2 avast! Antivirus; C:\Arquivos de programas\AVAST Software\Avast\AvastSvc.exe [50344 2014-09-20] (AVAST Software)
S2 Avira.OE.ServiceHost; C:\Arquivos de programas\Avira\Launcher\Avira.ServiceHost.exe [205616 2015-04-21] (Avira Operations GmbH & Co. KG)
R2 GbpSv; C:\Arquivos de programas\GbPlugin\GbpSv.exe [519224 2014-02-24] (GAS Tecnologia)
R2 JavaQuickStarterService; C:\Arquivos de programas\Java\jre7\bin\jqs.exe [182696 2014-04-14] (Oracle Corporation)
S2 MBAMService; C:\Arquivos de programas\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 Microsoft Office Groove Audit Service; C:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe [65824 2006-10-26] (Microsoft Corporation)
R2 Motorola Device Manager; C:\Arquivos de programas\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S3 MozillaMaintenance; C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe [114800 2015-03-25] (Mozilla Foundation)
R2 MsMpSvc; C:\Arquivos de programas\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2011-04-27] (Microsoft Corporation)
S3 NBService; C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe [800040 2008-04-08] (Nero AG)
R3 NMIndexingService; C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG)
S3 npggsvc; C:\WINDOWS\system32\GameMon.des [5132656 2013-11-25] (INCA Internet Co., Ltd.)
S3 odserv; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE [441136 2006-10-26] (Microsoft Corporation)
S3 ose; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)
R2 PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
S3 SwitchBoard; C:\Arquivos de programas\Arquivos comuns\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 Warsaw Technology; C:\Arquivos de programas\Diebold\Warsaw\core.exe [507704 2015-04-23] (GAS Tecnologia LTDA)
S3 WMPNetworkSvc; C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe [914944 2006-11-02] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [24184 2014-09-20] ()
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-09-20] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [55112 2014-09-20] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-09-20] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [779536 2014-09-20] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [414520 2014-09-20] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57800 2014-09-20] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [192352 2014-09-20] ()
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [105864 2015-03-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [136216 2015-03-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2015-03-27] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R0 GbpKm; C:\WINDOWS\System32\drivers\gbpkm.sys [46392 2014-02-24] (GAS Tecnologia)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation)
R1 MpFilter; C:\WINDOWS\System32\DRIVERS\MpFilter.sys [165648 2011-04-18] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
S3 Ndisrd; C:\WINDOWS\System32\DRIVERS\gbpndisrdn.sys [31448 2014-05-20] (GAS Tecnologia)
R3 NdisrdMP; C:\WINDOWS\System32\DRIVERS\gbpndisrdn.sys [31448 2014-05-20] (GAS Tecnologia)
S3 pwdrvio; C:\WINDOWS\system32\pwdrvio.sys [15576 2013-03-07] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [10200 2013-03-07] ()
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2015-03-27] (Avira GmbH)
S3 BTCFilterService; system32\DRIVERS\motfilt.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S4 IntelIde; No ImagePath
S2 LMIInfo; \??\C:\Arquivos de programas\LogMeIn\x86\RaInfo.sys [X]
S4 LMIRfsClientNP; No ImagePath
S3 motandroidusb; System32\Drivers\motoandroid.sys [X]
S3 MotoSwitchService; system32\DRIVERS\motswch.sys [X]
S3 Motousbnet; system32\DRIVERS\Motousbnet.sys [X]
U1 WS2IFSL; No ImagePath
S3 XDva391; \??\C:\WINDOWS\system32\XDva391.sys [X]
S3 XDva392; \??\C:\WINDOWS\system32\XDva392.sys [X]
S3 XDva393; \??\C:\WINDOWS\system32\XDva393.sys [X]
S3 XDva394; \??\C:\WINDOWS\system32\XDva394.sys [X]
S3 XDva397; \??\C:\WINDOWS\system32\XDva397.sys [X]
S3 XDva398; \??\C:\WINDOWS\system32\XDva398.sys [X]
S3 XDva399; \??\C:\WINDOWS\system32\XDva399.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-16 14:35 - 2015-05-16 14:36 - 00000000 ____D () C:\FRST
2015-05-15 17:08 - 2015-05-15 17:09 - 03588648 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-15 17:08 - 2015-05-15 17:08 - 00005778 _____ () C:\WINDOWS\setupapi.log
2015-05-15 17:05 - 2015-05-15 17:05 - 00006790 _____ () C:\WINDOWS\FaxSetup.log
2015-05-15 17:05 - 2015-05-15 17:05 - 00006625 _____ () C:\WINDOWS\iis6.log
2015-05-15 17:05 - 2015-05-15 17:05 - 00006472 _____ () C:\WINDOWS\ocgen.log
2015-05-15 17:05 - 2015-05-15 17:05 - 00004591 _____ () C:\WINDOWS\tsoc.log
2015-05-15 17:05 - 2015-05-15 17:05 - 00002448 _____ () C:\WINDOWS\comsetup.log
2015-05-15 17:05 - 2015-05-15 17:05 - 00001917 _____ () C:\WINDOWS\imsins.log
2015-05-15 17:05 - 2015-05-15 17:05 - 00001898 _____ () C:\WINDOWS\msmqinst.log
2015-05-15 17:05 - 2015-05-15 17:05 - 00001764 _____ () C:\WINDOWS\ntdtcsetup.log
2015-05-15 17:05 - 2015-05-15 17:05 - 00001592 _____ () C:\WINDOWS\netfxocm.log
2015-05-15 17:05 - 2015-05-15 17:05 - 00000719 _____ () C:\WINDOWS\MedCtrOC.log
2015-05-15 17:05 - 2015-05-15 17:05 - 00000479 _____ () C:\WINDOWS\msgsocm.log
2015-05-15 17:05 - 2015-05-15 17:05 - 00000469 _____ () C:\WINDOWS\ocmsn.log
2015-05-15 17:05 - 2015-05-15 17:05 - 00000311 _____ () C:\WINDOWS\tabletoc.log
2015-05-15 17:05 - 2015-05-15 17:05 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-05-15 17:05 - 2015-05-15 17:05 - 00000000 _____ () C:\WINDOWS\setupact.log
2015-05-15 13:05 - 2015-05-15 13:05 - 00111810 _____ () C:\Documents and Settings\Administrador\Desktop\ZHPDiag.txt
2015-05-14 18:22 - 2015-05-14 18:22 - 00006767 _____ () C:\Documents and Settings\Administrador\Desktop\ZHPFixReport.txt
2015-05-14 15:24 - 2015-05-15 13:04 - 00000512 _____ () C:\PhysicalDisk0_MBR.bin
2015-05-14 15:15 - 2015-05-14 15:15 - 00001700 _____ () C:\Documents and Settings\Administrador\Desktop\ZHPFix.lnk
2015-05-14 15:15 - 2015-05-14 15:15 - 00001595 _____ () C:\Documents and Settings\Administrador\Desktop\ZHPDiag.lnk
2015-05-14 15:14 - 2015-05-15 13:04 - 00000000 ____D () C:\Arquivos de programas\ZHPDiag
2015-05-14 15:14 - 2015-05-14 15:15 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Iniciar\Programas\ZHP
2015-05-13 13:16 - 2015-05-13 18:36 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-13 13:15 - 2015-05-13 13:15 - 00000833 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-13 13:15 - 2015-05-13 13:15 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Iniciar\Programas\Malwarebytes Anti-Malware
2015-05-13 13:15 - 2015-05-13 13:15 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes
2015-05-13 13:15 - 2015-05-13 13:15 - 00000000 ____D () C:\Arquivos de programas\Malwarebytes Anti-Malware
2015-05-13 13:15 - 2015-04-14 09:37 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-05-13 13:15 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-05-13 12:15 - 2015-05-13 12:17 - 00006175 _____ () C:\Documents and Settings\Administrador\Desktop\ZHPCleaner.txt
2015-05-13 12:04 - 2015-05-15 17:16 - 00000000 ____D () C:\Documents and Settings\Administrador\Dados de aplicativos\ZHP
2015-05-13 12:04 - 2015-05-13 12:04 - 00000855 _____ () C:\Documents and Settings\Administrador\Desktop\ZHPCleaner.lnk
2015-05-13 00:08 - 2015-05-13 00:08 - 00000021 _____ () C:\folders.log
2015-05-12 23:50 - 2015-05-12 23:50 - 00000000 ____D () C:\zoek
2015-05-12 23:49 - 2015-05-12 22:30 - 00000462 _____ () C:\zoek-results2015-05-13-013019.log
2015-05-12 22:29 - 2015-05-13 00:10 - 00002115 _____ () C:\zoek-results.log
2015-05-12 22:28 - 2015-05-12 22:28 - 00000966 _____ () C:\Documents and Settings\Administrador\Desktop\Atalho para zoek.lnk
2015-05-12 22:26 - 2015-05-13 00:10 - 00002359 _____ () C:\runcheck.txt
2015-05-12 22:25 - 2015-05-12 22:25 - 00000000 ____D () C:\zoek_backup
2015-05-12 21:10 - 2015-05-12 21:10 - 00001253 _____ () C:\Documents and Settings\Administrador\Desktop\JRT.txt
2015-05-12 21:02 - 2015-05-12 21:02 - 00000000 ____D () C:\RegBackup
2015-05-12 18:00 - 2015-05-12 18:00 - 00001030 _____ () C:\Documents and Settings\Administrador\Desktop\Atalho para adwcleaner_4.203.lnk
2015-05-12 17:32 - 2015-05-12 20:09 - 00000000 ____D () C:\AdwCleaner
2015-05-12 13:22 - 2015-05-14 18:03 - 00000000 ____D () C:\Documents and Settings\Administrador\Desktop\Originals
2015-05-11 22:48 - 2015-05-11 22:48 - 00000000 ____D () C:\Documents and Settings\LocalService\Dados de aplicativos\Avira
2015-05-11 22:47 - 2015-05-11 22:47 - 00000000 ____D () C:\Documents and Settings\Administrador\Dados de aplicativos\Avira
2015-05-11 22:32 - 2015-03-27 14:22 - 00028520 _____ (Avira GmbH) C:\WINDOWS\system32\Drivers\ssmdrv.sys
2015-05-11 22:32 - 2015-03-27 14:21 - 00136216 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-05-11 22:32 - 2015-03-27 14:21 - 00105864 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-05-11 22:32 - 2015-03-27 14:21 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-05-11 21:55 - 2015-05-11 22:34 - 00000000 ____D () C:\Documents and Settings\All Users\Menu Iniciar\Programas\Avira
2015-05-11 21:55 - 2015-05-11 21:55 - 00000916 _____ () C:\Documents and Settings\All Users\Desktop\Avira.lnk
2015-05-11 21:54 - 2015-05-11 22:34 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\Avira
2015-05-11 21:54 - 2015-05-11 22:32 - 00000000 ____D () C:\Arquivos de programas\Avira
2015-05-11 21:38 - 2015-05-11 21:38 - 00000000 __SHD () C:\found.000
2015-05-10 00:26 - 2015-05-10 00:26 - 00333506 _____ (AnySend.com) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\nso59.tmp
2015-05-06 23:44 - 2015-05-07 12:59 - 00000000 ____D () C:\Documents and Settings\Administrador\Dados de aplicativos\uTorrent
2015-04-29 19:41 - 2015-04-29 19:41 - 00397140 _____ () C:\Documents and Settings\Administrador\Meus documentos\photo.htm
2015-04-23 17:31 - 2015-04-23 17:31 - 00031032 _____ (Basil) C:\WINDOWS\system32\WinDivert.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-16 14:37 - 2011-11-21 22:20 - 00000000 ____D () C:\Documents and Settings\Administrador\Configurações locais\Temp
2015-05-16 14:35 - 2011-11-21 20:52 - 00000458 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{E46DE979-9AF3-426C-8192-000662D0FD6B}.job
2015-05-16 14:33 - 2011-11-20 11:59 - 00000000 ____D () C:\Documents and Settings\NetworkService\Configurações locais\Temp
2015-05-16 14:32 - 2011-11-20 11:52 - 02093521 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-16 14:28 - 2011-11-21 21:52 - 00000440 ____H () C:\WINDOWS\Tasks\MP Scheduled Scan.job
2015-05-16 14:24 - 2014-09-28 15:12 - 00000000 ____D () C:\Temp
2015-05-16 14:24 - 2011-11-21 22:45 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-05-16 14:24 - 2011-11-21 22:45 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-05-16 14:24 - 2011-11-21 22:22 - 00000470 ____H () C:\WINDOWS\Tasks\User_Feed_Synchronization-{D3D56E0F-81F0-48D3-B4CB-3BFBD16CD32D}.job
2015-05-16 14:23 - 2014-09-20 13:28 - 00000394 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2015-05-16 14:23 - 2011-11-20 11:59 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-16 02:02 - 2011-11-20 11:59 - 00032180 _____ () C:\WINDOWS\SchedLgU.Txt
2015-05-16 02:00 - 2014-09-28 15:33 - 00000380 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-2013LL-Administrador.job
2015-05-16 02:00 - 2012-03-22 22:49 - 00000380 _____ () C:\WINDOWS\Tasks\AdobeAAMUpdater-1.0-PC-Administrador.job
2015-05-16 01:37 - 2012-12-28 00:20 - 00678510 _____ () C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\WPFFontCache_v0400-S-1-5-21-484763869-1383384898-1177238915-500-0.dat
2015-05-16 01:37 - 2012-12-28 00:20 - 00373222 _____ () C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\WPFFontCache_v0400-System.dat
2015-05-16 01:37 - 2011-11-21 22:20 - 00000210 ___SH () C:\Documents and Settings\Administrador\ntuser.ini
2015-05-16 01:37 - 2011-11-21 22:20 - 00000000 ____D () C:\Documents and Settings\Administrador
2015-05-15 17:05 - 2011-11-20 09:45 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Iniciar\Programas
2015-05-15 16:01 - 2015-03-04 17:35 - 00000000 ____D () C:\Documents and Settings\Administrador\Desktop\Nova pasta
2015-05-15 13:14 - 2011-12-07 14:52 - 14802432 ___SH () C:\Documents and Settings\Administrador\Desktop\Thumbs.db
2015-05-15 11:37 - 2011-11-21 22:20 - 00000000 __SHD () C:\WINDOWS\CSC
2015-05-14 18:21 - 2012-03-03 01:37 - 00000704 _____ () C:\Documents and Settings\All Users\Menu Iniciar\Programas\Mozilla Firefox.lnk
2015-05-14 18:21 - 2011-11-21 22:20 - 00000721 _____ () C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Internet Explorer.lnk
2015-05-14 18:21 - 2011-11-21 22:20 - 00000000 ___RD () C:\Documents and Settings\Administrador\Menu Iniciar\Programas
2015-05-14 18:21 - 2011-11-21 22:20 - 00000000 ___HD () C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos
2015-05-14 18:21 - 2011-11-20 09:45 - 00000000 ___RD () C:\Arquivos de programas
2015-05-14 18:21 - 2011-11-20 09:45 - 00000000 ____D () C:\Arquivos de programas\Arquivos comuns
2015-05-14 18:21 - 2011-11-20 09:44 - 00000000 __RHD () C:\Documents and Settings\All Users\Dados de aplicativos
2015-05-14 18:20 - 2012-07-06 22:59 - 00000000 ____D () C:\WINDOWS\Minidump
2015-05-14 18:14 - 2011-11-20 09:45 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar
2015-05-13 18:29 - 2012-11-09 19:57 - 00000000 ____D () C:\WINDOWS\SHELLNEW
2015-05-13 18:28 - 2014-09-03 21:42 - 00000000 ____D () C:\Documents and Settings\Administrador\Dados de aplicativos\Protect
2015-05-13 18:28 - 2011-11-20 11:59 - 00000000 ___HD () C:\Documents and Settings\NetworkService\Configurações locais\Dados de aplicativos
2015-05-13 12:17 - 2012-07-18 14:19 - 00000000 ____D () C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Temp
2015-05-13 12:17 - 2011-11-21 22:20 - 00000000 __RHD () C:\Documents and Settings\Administrador\Dados de aplicativos
2015-05-12 23:54 - 2011-11-20 11:59 - 00000000 ____D () C:\Documents and Settings\LocalService\Dados de aplicativos
2015-05-12 17:52 - 2014-07-31 13:27 - 00000000 ____D () C:\Documents and Settings\SUPPORT_388945a0\Configurações locais\Dados de aplicativos
2015-05-12 17:52 - 2014-07-31 13:27 - 00000000 ____D () C:\Documents and Settings\HelpAssistant\Configurações locais\Dados de aplicativos
2015-05-12 17:52 - 2014-07-31 13:27 - 00000000 ____D () C:\Documents and Settings\Convidado\Configurações locais\Dados de aplicativos
2015-05-12 17:52 - 2014-07-31 13:27 - 00000000 ____D () C:\Documents and Settings\ASPNET\Configurações locais\Dados de aplicativos
2015-05-12 17:49 - 2011-11-20 09:45 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Iniciar
2015-05-12 17:46 - 2011-11-21 22:20 - 00000000 ___RD () C:\Documents and Settings\Administrador\Meus documentos
2015-05-12 13:22 - 2012-02-18 19:26 - 00035840 ____H () C:\Documents and Settings\Administrador\Desktop\photothumb.db
2015-05-12 00:43 - 2014-07-31 13:27 - 00000008 __RSH () C:\Documents and Settings\All Users\ntuser.pol
2015-05-12 00:38 - 2014-09-18 19:21 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\Package Cache
2015-05-12 00:19 - 2014-07-31 13:27 - 00000000 ___HD () C:\WINDOWS\system32\GroupPolicy
2015-05-12 00:07 - 2011-11-21 22:54 - 00000000 ____D () C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Google Chrome
2015-05-11 23:05 - 2012-05-05 13:28 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2015-05-11 22:55 - 2011-11-20 11:49 - 00000000 ____D () C:\WINDOWS\Registration
2015-05-11 22:55 - 2011-11-20 09:40 - 00000000 ____D () C:\WINDOWS\repair
2015-05-11 21:24 - 2001-09-28 08:00 - 00002228 _____ () C:\WINDOWS\system32\wpa.dbl
2015-05-10 00:48 - 2014-08-30 16:11 - 00000329 _____ () C:\Documents and Settings\Administrador\BullseyeCoverageError.txt
2015-05-07 12:59 - 2011-11-21 22:20 - 00000000 ___RD () C:\Documents and Settings\Administrador\Menu Iniciar
2015-04-27 22:08 - 2011-11-28 22:21 - 00000140 _____ () C:\Documents and Settings\Administrador\default.pls
2015-04-27 22:08 - 2011-11-28 22:20 - 00000069 _____ () C:\WINDOWS\NeroDigital.ini

==================== Files in the root of some directories =======

2011-11-21 22:47 - 2011-11-21 22:48 - 0606544 _____ (Google Inc.) C:\Arquivos de programas\ChromeSetup.exe
2014-09-01 05:18 - 2014-09-01 05:18 - 0001248 _____ () C:\Documents and Settings\Administrador\Dados de aplicativos\GBYC
2014-09-01 05:18 - 2014-09-01 05:18 - 0002086 _____ () C:\Documents and Settings\Administrador\Dados de aplicativos\GTQN
2014-07-07 22:24 - 2014-07-07 22:24 - 0016107 _____ () C:\Documents and Settings\Administrador\Dados de aplicativos\unins000.dat
2014-05-20 16:32 - 2014-05-20 16:32 - 0015540 _____ () C:\Documents and Settings\Administrador\Dados de aplicativos\unins001.dat
2014-09-03 23:26 - 2014-09-03 23:26 - 0000045 _____ () C:\Documents and Settings\Administrador\Dados de aplicativos\WB.CFG
2011-12-03 23:22 - 2013-01-12 13:26 - 0109568 _____ () C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-10 00:26 - 2015-05-10 00:26 - 0333506 _____ (AnySend.com) C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\nso59.tmp

Some content of TEMP:
====================
C:\Documents and Settings\Administrador\Configurações locais\Temp\avgnt.exe
C:\Documents and Settings\Usuario\Configurações locais\Temp\install_flashplayer11x32ax_gtbd_aih[1].exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================

Publicité


Signaler le contenu de ce document

Publicité