cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-07-2015
Ran by Glauber Segalla (administrator) on GLAUBER on 06-07-2015 01:33:35
Running from C:\Documents and Settings\Glauber Segalla\desktop
Loaded Profiles: Glauber Segalla (Available Profiles: Glauber Segalla)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Português (Brasil)
Internet Explorer Version 8 (Default browser path: "C:\Arquivos de programas\Pale Moon\palemoon.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Panda Security, S.L.) C:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
(SizeComplete Software) C:\Arquivos de programas\SizeComplete Control. Demo Version\SizeComplete.exe
(Panda Security, S.L.) C:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSANHost.exe
(Panda Security, S.L.) C:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSUAService.exe
(Analog Devices, Inc.) C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe
(Moonchild Productions) C:\Arquivos de programas\Pale Moon\palemoon.exe
(Tonec Inc.) C:\Arquivos de programas\Internet Download Manager\IDMan.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [PSUAMain] => C:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSUAMain.exe [32032 2012-11-14] (Panda Security, S.L.)
HKU\S-1-5-21-776561741-1801674531-1892100126-1003\...\Run: [SizeComplete Control] => C:\Arquivos de programas\SizeComplete Control. Demo Version\SizeComplete.exe [204800 2009-02-19] (SizeComplete Software)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Arquivos de programas\Internet Download Manager\IDMShellExt.dll [2014-04-21] (Tonec Inc.)
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-776561741-1801674531-1892100126-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-776561741-1801674531-1892100126-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://favoritosglauber.blogspot.com.br/
SearchScopes: HKU\S-1-5-21-776561741-1801674531-1892100126-1003 -> DefaultScope {A97B63C7-36FC-4B69-97AE-1124A5A55DC0} URL = http://www.google.com/search?hl=en&q={searchTerms}
SearchScopes: HKU\S-1-5-21-776561741-1801674531-1892100126-1003 -> {068101D0-F494-467D-8E20-38EE27E280A9} URL = http://www.vagalume.com.br/search.php?t=art&q={searchTerms}&utm_medium=opensearch&utm_term={searchTerms}&utm_campaign=Search+Tools
SearchScopes: HKU\S-1-5-21-776561741-1801674531-1892100126-1003 -> {3962CC70-E481-4A94-B622-7F66EE136058} URL = http://www.priberam.pt/dlpo/dlpo.aspx?pal={searchTerms}
SearchScopes: HKU\S-1-5-21-776561741-1801674531-1892100126-1003 -> {A1F5378B-73A2-4C03-8646-B61A9FBC209E} URL = http://baixahits.virgula.uol.com.br/index.asp?secao_link=busca&combo=Geral&busca={searchTerms}
SearchScopes: HKU\S-1-5-21-776561741-1801674531-1892100126-1003 -> {A97B63C7-36FC-4B69-97AE-1124A5A55DC0} URL = http://www.google.com/search?hl=en&q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Arquivos de programas\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Arquivos de programas\Java\jre1.8.0_45\bin\ssv.dll [2015-06-30] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Arquivos de programas\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-30] (Oracle Corporation)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 200.189.80.137 200.189.80.132
Tcpip\..\Interfaces\{6AEC3B6A-A33D-4CBF-913C-CF4103FBAB2A}: [DhcpNameServer] 200.189.80.137 200.189.80.132

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-27] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Arquivos de programas\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Arquivos de programas\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-30] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2007-11-07] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Arquivos de programas\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Arquivos de programas\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF HKU\S-1-5-21-776561741-1801674531-1892100126-1003\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\IDM\idmmzcc5
FF Extension: IDM CC - C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\IDM\idmmzcc5 [2015-04-04]
FF HKU\S-1-5-21-776561741-1801674531-1892100126-1003\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\IDM\idmmzcc5

Chrome:
=======
CHR Profile: C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default
CHR Extension: (Honey) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2015-05-28]
CHR Extension: (Google Search) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
CHR Extension: (Speed Dial PT-BR) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\cpedghkhonngfmopiiaelhomheijjnmd [2013-09-02]
CHR Extension: (Disable Youtube™ HTML5 Player) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\enmofgaijnbjpblfljopnpdogpldapoc [2015-06-15]
CHR Extension: (LastPass: Free Password Manager) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-09-02]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-20]
CHR Extension: (Tradutor do Google) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mdcjigankddpmmhffdbdolcmdchcnjjl [2013-09-02]
CHR Extension: (IDM Integration Module) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-03-13]
CHR Extension: (Google Wallet) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-14]
CHR Extension: (Click&Clean App) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-03-27]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Arquivos de programas\Internet Download Manager\IDMGCExt.crx [2015-04-20]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 gupdate; C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [116648 2013-09-02] (Google Inc.)
S3 gupdatem; C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [116648 2013-09-02] (Google Inc.)
S2 HidServ; C:\WINDOWS\System32\svchost.exe [14336 2008-04-14] (Microsoft Corporation)
S3 idsvc; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [864256 2007-10-11] (Microsoft Corporation) [File not signed]
R2 NanoServiceMain; C:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSANHost.exe [140064 2012-11-12] (Panda Security, S.L.)
S4 NetTcpPortSharing; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [122880 2007-10-11] (Microsoft Corporation) [File not signed]
S3 NMIndexingService; C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG)
S3 ose; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
R2 PSUAService; C:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSUAService.exe [36640 2012-11-14] (Panda Security, S.L.)
S2 SkypeUpdate; C:\Arquivos de programas\Skype\Updater\Updater.exe [315488 2015-02-18] (Skype Technologies)
R2 SoundMAX Agent Service (default); C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aeaudio; C:\WINDOWS\System32\drivers\aeaudio.sys [4816 2002-04-01] (Andrea Electronics Corporation) [File not signed]
S3 Apowersoft_AudioDevice; C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys [26032 2013-06-02] (Wondershare)
R1 ElRawDisk; C:\WINDOWS\system32\drivers\dddsk.sys [22312 2009-02-12] (EldoS Corporation)
R1 IDMTDI; C:\WINDOWS\System32\DRIVERS\idmtdi.sys [127224 2015-04-17] (Tonec Inc.)
R1 NNSALPC; C:\WINDOWS\System32\DRIVERS\NNSAlpc.sys [119208 2012-11-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\System32\DRIVERS\NNSHttp.sys [139176 2012-11-09] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\System32\DRIVERS\NNSIds.sys [163112 2012-11-09] (Panda Security, S.L.)
S3 NNSNAHS; C:\WINDOWS\System32\DRIVERS\NNSNAHS.sys [38824 2012-10-22] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\System32\DRIVERS\NNSPicc.sys [133544 2012-11-09] (Panda Security, S.L.)
S4 NNSPIHS; C:\WINDOWS\System32\DRIVERS\NNSPihs.sys [63400 2012-11-09] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\System32\DRIVERS\NNSPop3.sys [125480 2012-11-09] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\System32\DRIVERS\NNSProt.sys [370216 2012-11-09] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\System32\DRIVERS\NNSPrv.sys [191528 2012-11-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\System32\DRIVERS\NNSSmtp.sys [128040 2012-11-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\System32\DRIVERS\NNSStrm.sys [276520 2012-11-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\System32\DRIVERS\NNSTlsc.sys [133928 2012-11-09] (Panda Security, S.L.)
R3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2012-02-03] (VSO Software) [File not signed]
R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [149288 2012-11-09] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [102184 2012-11-09] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\System32\DRIVERS\psinknc.sys [178728 2012-11-09] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [114216 2012-11-09] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [123560 2012-11-09] (Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [46672 2012-11-07] (Panda Security, S.L.)
R3 SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [323072 1999-12-31] (Silicon Integrated Systems Corporation)
R3 SiSGbeXP; C:\WINDOWS\System32\DRIVERS\SiSGbeXP.sys [43392 1999-12-31] (Silicon Integrated Systems Corp.)
R0 SiSide; C:\WINDOWS\System32\DRIVERS\siside.sys [4096 1999-12-31] (Silicon Integrated Systems Corp.)
R0 sisidex; C:\WINDOWS\System32\drivers\sisidex.sys [49024 1999-12-31] (Windows (R) 2000 DDK provider) [File not signed]
R1 SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [18944 1999-12-31] (Silicon Integrated Systems Corporation)
R0 sisperf; C:\WINDOWS\System32\drivers\sisperf.sys [9472 1999-12-31] (Silicon Integrated Systems Corp.) [File not signed]
R0 SiSRaid2; C:\WINDOWS\System32\DRIVERS\SiSRaid2.sys [30976 2005-01-11] (Silicon Integrated Systems Corp) [File not signed]
R3 smwdm; C:\WINDOWS\System32\drivers\smwdm.sys [578304 2003-08-29] (Analog Devices, Inc.) [File not signed]
S4 IntelIde; No ImagePath
U5 UnlockerDriver5; C:\Arquivos de programas\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 01:33 - 2015-07-06 01:33 - 00015657 _____ C:\Documents and Settings\Glauber Segalla\desktop\FRST.txt
2015-07-06 01:32 - 2015-07-06 01:33 - 00000000 ____D C:\FRST
2015-07-06 01:30 - 2015-07-06 01:30 - 01636352 _____ (Farbar) C:\Documents and Settings\Glauber Segalla\desktop\FRST.exe
2015-07-05 16:04 - 2015-07-05 16:04 - 26105293 _____ C:\Documents and Settings\Glauber Segalla\desktop\Youtube ADS Premium - Oferta 19.mp4
2015-07-05 15:19 - 2015-07-05 15:19 - 223011731 _____ C:\Documents and Settings\Glauber Segalla\desktop\SABER Y GANAR 05-07-15.mp4
2015-07-05 14:22 - 2015-07-05 14:22 - 09108473 _____ C:\Documents and Settings\Glauber Segalla\desktop\Explicação Appliwon resumida em Português A Unica de Cota fixa Diária - YouTube.mp4
2015-07-01 01:35 - 2015-07-01 01:35 - 00000000 ____D C:\WINDOWS\system32\Adobe
2015-07-01 00:49 - 2012-11-07 08:00 - 00046672 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys
2015-06-30 00:25 - 2015-06-30 00:25 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-06-30 00:25 - 2015-06-30 00:25 - 00096352 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-06-30 00:25 - 2015-06-30 00:25 - 00000000 ____D C:\Documents and Settings\All Users\Menu Iniciar\Programas\Java
2015-06-30 00:24 - 2015-06-30 00:24 - 00000000 ____D C:\Arquivos de programas\Java
2015-06-29 11:46 - 2015-06-29 11:46 - 00000747 _____ C:\Documents and Settings\Glauber Segalla\desktop\Atalho para CURSO 5 MIL FÃS NO FACEBOOK.lnk
2015-06-29 10:51 - 2015-06-29 10:51 - 00000539 _____ C:\Documents and Settings\Glauber Segalla\desktop\Atalho para VENDA REALIZADA.lnk
2015-06-26 01:27 - 2015-06-26 01:30 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\desktop\Como usar plugin Wordpress SEO Yoast Corretamente
2015-06-15 00:04 - 2015-06-15 00:05 - 00000000 ____D C:\Arquivos de programas\Pale Moon

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-06 01:34 - 2015-03-13 01:11 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Configurações locais\Temp
2015-07-06 01:26 - 2013-09-02 11:42 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-06 01:26 - 2012-01-29 01:17 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-07-06 01:26 - 2012-01-29 01:17 - 00000048 _____ C:\WINDOWS\wiaservc.log
2015-07-06 01:25 - 2012-01-28 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-06 01:06 - 2013-09-02 11:42 - 00001072 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-06 00:52 - 2012-01-28 16:48 - 00000000 ____D C:\Documents and Settings\Glauber Segalla
2015-07-05 16:05 - 2012-12-17 10:16 - 20971520 _____ C:\WINDOWS\system32\config\Nano.evt
2015-07-05 16:05 - 2012-02-28 01:19 - 00000000 ____D C:\Arquivos de programas\CCleaner
2015-07-05 16:05 - 2012-01-28 16:48 - 00000210 ___SH C:\Documents and Settings\Glauber Segalla\ntuser.ini
2015-07-05 16:05 - 2012-01-28 16:45 - 00032346 ____N C:\WINDOWS\SchedLgU.Txt
2015-07-05 16:01 - 2012-09-04 02:01 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\DMCache
2015-07-05 15:00 - 2015-04-30 18:30 - 00000412 _____ C:\WINDOWS\Tasks\update-sys.job
2015-07-05 14:09 - 2015-04-30 18:30 - 00000412 _____ C:\WINDOWS\Tasks\update-S-1-5-21-776561741-1801674531-1892100126-1003.job
2015-07-05 02:31 - 2012-02-28 01:19 - 00000738 _____ C:\Documents and Settings\All Users\desktop\CCleaner.lnk
2015-07-01 12:48 - 2014-05-28 00:11 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\IDM
2015-07-01 01:35 - 2012-01-28 16:25 - 00000000 ____D C:\WINDOWS\system32\Macromed
2015-07-01 01:31 - 2012-01-28 23:42 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\Adobe
2015-07-01 01:17 - 2012-02-06 10:47 - 00000026 _____ C:\WINDOWS\Zone.Identifier
2015-06-30 18:52 - 2013-06-13 18:02 - 00000000 ____D C:\Sisadm
2015-06-30 00:25 - 2012-01-28 14:14 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Iniciar\Programas
2015-06-30 00:24 - 2012-01-28 14:15 - 00000000 ___RD C:\Arquivos de programas
2015-06-27 15:01 - 2014-11-13 12:18 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Adobe
2015-06-27 15:01 - 2014-04-17 11:10 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2015-06-27 15:01 - 2014-04-17 11:10 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2015-06-27 15:01 - 2014-04-17 11:10 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-06-25 12:32 - 2012-05-07 01:14 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\Skype
2015-06-08 20:34 - 2013-05-25 17:43 - 00007680 _____ C:\Documents and Settings\All Users\Dados de aplicativos\NanoRepository.bin
2015-06-08 20:34 - 2012-01-28 14:12 - 00000000 __RHD C:\Documents and Settings\All Users\Dados de aplicativos
2015-06-06 15:47 - 2013-05-25 17:43 - 00007680 _____ C:\Documents and Settings\All Users\Dados de aplicativos\NanoRepository.bin.bak

==================== Files in the root of some directories =======

2013-12-30 00:46 - 2013-12-30 00:46 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Arquivos de programas\Arquivos comuns\atimpenc.dll
2012-02-03 09:44 - 2012-02-03 10:09 - 0007887 _____ () C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\pcouffin.cat
2012-02-03 09:44 - 2012-02-03 10:09 - 0001144 _____ () C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\pcouffin.inf
2012-02-03 09:44 - 2012-02-03 10:09 - 0000034 _____ () C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\pcouffin.log
2012-02-03 09:44 - 2012-02-03 10:09 - 0047360 _____ (VSO Software) C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\pcouffin.sys
2013-03-25 12:23 - 2014-02-08 11:28 - 0000668 _____ () C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\vso_ts_preview.xml
2012-01-31 23:55 - 2015-03-09 17:30 - 0035328 _____ () C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-01-31 19:11 - 2012-01-31 19:11 - 0082968 ____N () C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\FASTWiz.log
2015-04-30 18:30 - 2015-04-30 18:30 - 0000003 _____ () C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\updater.log
2015-04-30 18:30 - 2015-04-30 18:30 - 0000428 _____ () C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\UserProducts.xml

Some zero byte size files/folders:
==========================
C:\Windows\System32\Drivers\PSINAflt(2).sys

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of log ============================

Publicité


Signaler le contenu de ce document

Publicité