Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-07-2015 Ran by Glauber Segalla (administrator) on GLAUBER on 07-07-2015 00:37:36 Running from C:\Documents and Settings\Glauber Segalla\desktop Loaded Profiles: Glauber Segalla (Available Profiles: Glauber Segalla) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Português (Brasil) Internet Explorer Version 8 (Default browser path: "C:\Arquivos de programas\Pale Moon\palemoon.exe" -osint -url "%1") Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Panda Security, S.L.) C:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSUAMain.exe (SizeComplete Software) C:\Arquivos de programas\SizeComplete Control. Demo Version\SizeComplete.exe (Panda Security, S.L.) C:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSANHost.exe (Panda Security, S.L.) C:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSUAService.exe (Analog Devices, Inc.) C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe (Moonchild Productions) C:\Arquivos de programas\Pale Moon\palemoon.exe (Tonec Inc.) C:\Arquivos de programas\Internet Download Manager\IDMan.exe (Farbar) C:\Documents and Settings\Glauber Segalla\desktop\FRST_2.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [PSUAMain] => C:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSUAMain.exe [32032 2012-11-14] (Panda Security, S.L.) HKU\S-1-5-21-776561741-1801674531-1892100126-1003\...\Run: [SizeComplete Control] => C:\Arquivos de programas\SizeComplete Control. Demo Version\SizeComplete.exe [204800 2009-02-19] (SizeComplete Software) ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Arquivos de programas\Internet Download Manager\IDMShellExt.dll [2014-04-21] (Tonec Inc.) BootExecute: autocheck autochk * ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-776561741-1801674531-1892100126-1003\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-776561741-1801674531-1892100126-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://favoritosglauber.blogspot.com.br/ HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-776561741-1801674531-1892100126-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-776561741-1801674531-1892100126-1003 -> {068101D0-F494-467D-8E20-38EE27E280A9} URL = http://www.vagalume.com.br/search.php?t=art&q={searchTerms}&utm_medium=opensearch&utm_term={searchTerms}&utm_campaign=Search+Tools SearchScopes: HKU\S-1-5-21-776561741-1801674531-1892100126-1003 -> {3962CC70-E481-4A94-B622-7F66EE136058} URL = http://www.priberam.pt/dlpo/dlpo.aspx?pal={searchTerms} SearchScopes: HKU\S-1-5-21-776561741-1801674531-1892100126-1003 -> {A97B63C7-36FC-4B69-97AE-1124A5A55DC0} URL = http://www.google.com/search?hl=en&q={searchTerms} BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Arquivos de programas\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Arquivos de programas\Java\jre1.8.0_45\bin\ssv.dll [2015-06-30] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Arquivos de programas\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-30] (Oracle Corporation) Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation) Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation) Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation) Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation) Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation) Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation) Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\SYSTEM\OLE DB\msdaipp.dll [2003-07-11] (Microsoft Corporation) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 200.189.80.137 200.189.80.132 Tcpip\..\Interfaces\{6AEC3B6A-A33D-4CBF-913C-CF4103FBAB2A}: [DhcpNameServer] 200.189.80.137 200.189.80.132 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-27] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2015-04-17] (Adobe Systems, Inc.) FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Arquivos de programas\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-30] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Arquivos de programas\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-30] (Oracle Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2007-11-07] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Arquivos de programas\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Arquivos de programas\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.) FF HKU\S-1-5-21-776561741-1801674531-1892100126-1003\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\IDM\idmmzcc5 FF Extension: IDM CC - C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\IDM\idmmzcc5 [2015-04-04] FF HKU\S-1-5-21-776561741-1801674531-1892100126-1003\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\IDM\idmmzcc5 Chrome: ======= CHR Profile: C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default CHR Extension: (Honey) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bmnlcjabgnpnenekpadlanbbkooimhnj [2015-05-28] CHR Extension: (Google Search) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30] CHR Extension: (Speed Dial PT-BR) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\cpedghkhonngfmopiiaelhomheijjnmd [2013-09-02] CHR Extension: (Disable Youtube™ HTML5 Player) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\enmofgaijnbjpblfljopnpdogpldapoc [2015-06-15] CHR Extension: (LastPass: Free Password Manager) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2013-09-02] CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-20] CHR Extension: (Tradutor do Google) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mdcjigankddpmmhffdbdolcmdchcnjjl [2013-09-02] CHR Extension: (IDM Integration Module) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-03-13] CHR Extension: (Google Wallet) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-14] CHR Extension: (Click&Clean App) - C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-03-27] CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Arquivos de programas\Internet Download Manager\IDMGCExt.crx [2015-04-20] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S2 gupdate; C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [116648 2013-09-02] (Google Inc.) S3 gupdatem; C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [116648 2013-09-02] (Google Inc.) S2 HidServ; C:\WINDOWS\System32\svchost.exe [14336 2008-04-14] (Microsoft Corporation) S3 idsvc; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [864256 2007-10-11] (Microsoft Corporation) [File not signed] R2 NanoServiceMain; C:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSANHost.exe [140064 2012-11-12] (Panda Security, S.L.) S4 NetTcpPortSharing; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [122880 2007-10-11] (Microsoft Corporation) [File not signed] S3 NMIndexingService; C:\Arquivos de programas\Arquivos comuns\Nero\Lib\NMIndexingService.exe [382248 2007-09-20] (Nero AG) S3 ose; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation) R2 PSUAService; C:\Arquivos de programas\Panda Security\Panda Cloud Antivirus\PSUAService.exe [36640 2012-11-14] (Panda Security, S.L.) S2 SkypeUpdate; C:\Arquivos de programas\Skype\Updater\Updater.exe [315488 2015-02-18] (Skype Technologies) R2 SoundMAX Agent Service (default); C:\Arquivos de programas\Analog Devices\SoundMAX\SMAgent.exe [45056 2002-09-20] (Analog Devices, Inc.) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 aeaudio; C:\WINDOWS\System32\drivers\aeaudio.sys [4816 2002-04-01] (Andrea Electronics Corporation) [File not signed] S3 Apowersoft_AudioDevice; C:\WINDOWS\System32\drivers\Apowersoft_AudioDevice.sys [26032 2013-06-02] (Wondershare) R1 ElRawDisk; C:\WINDOWS\system32\drivers\dddsk.sys [22312 2009-02-12] (EldoS Corporation) R1 IDMTDI; C:\WINDOWS\System32\DRIVERS\idmtdi.sys [127224 2015-04-17] (Tonec Inc.) R1 NNSALPC; C:\WINDOWS\System32\DRIVERS\NNSAlpc.sys [119208 2012-11-09] (Panda Security, S.L.) R1 NNSHTTP; C:\WINDOWS\System32\DRIVERS\NNSHttp.sys [139176 2012-11-09] (Panda Security, S.L.) R1 NNSIDS; C:\WINDOWS\System32\DRIVERS\NNSIds.sys [163112 2012-11-09] (Panda Security, S.L.) S3 NNSNAHS; C:\WINDOWS\System32\DRIVERS\NNSNAHS.sys [38824 2012-10-22] (Panda Security, S.L.) R1 NNSPICC; C:\WINDOWS\System32\DRIVERS\NNSPicc.sys [133544 2012-11-09] (Panda Security, S.L.) S4 NNSPIHS; C:\WINDOWS\System32\DRIVERS\NNSPihs.sys [63400 2012-11-09] (Panda Security, S.L.) R1 NNSPOP3; C:\WINDOWS\System32\DRIVERS\NNSPop3.sys [125480 2012-11-09] (Panda Security, S.L.) R1 NNSPROT; C:\WINDOWS\System32\DRIVERS\NNSProt.sys [370216 2012-11-09] (Panda Security, S.L.) R1 NNSPRV; C:\WINDOWS\System32\DRIVERS\NNSPrv.sys [191528 2012-11-09] (Panda Security, S.L.) R1 NNSSMTP; C:\WINDOWS\System32\DRIVERS\NNSSmtp.sys [128040 2012-11-09] (Panda Security, S.L.) R1 NNSSTRM; C:\WINDOWS\System32\DRIVERS\NNSStrm.sys [276520 2012-11-09] (Panda Security, S.L.) R1 NNSTLSC; C:\WINDOWS\System32\DRIVERS\NNSTlsc.sys [133928 2012-11-09] (Panda Security, S.L.) R3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2012-02-03] (VSO Software) [File not signed] R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [149288 2012-11-09] (Panda Security, S.L.) R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [102184 2012-11-09] (Panda Security, S.L.) R1 PSINKNC; C:\WINDOWS\System32\DRIVERS\psinknc.sys [178728 2012-11-09] (Panda Security, S.L.) R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [114216 2012-11-09] (Panda Security, S.L.) R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [123560 2012-11-09] (Panda Security, S.L.) S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [46672 2012-11-07] (Panda Security, S.L.) R3 SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [323072 1999-12-31] (Silicon Integrated Systems Corporation) R3 SiSGbeXP; C:\WINDOWS\System32\DRIVERS\SiSGbeXP.sys [43392 1999-12-31] (Silicon Integrated Systems Corp.) R0 SiSide; C:\WINDOWS\System32\DRIVERS\siside.sys [4096 1999-12-31] (Silicon Integrated Systems Corp.) R0 sisidex; C:\WINDOWS\System32\drivers\sisidex.sys [49024 1999-12-31] (Windows (R) 2000 DDK provider) [File not signed] R0 sisperf; C:\WINDOWS\System32\drivers\sisperf.sys [9472 1999-12-31] (Silicon Integrated Systems Corp.) [File not signed] R0 SiSRaid2; C:\WINDOWS\System32\DRIVERS\SiSRaid2.sys [30976 2005-01-11] (Silicon Integrated Systems Corp) [File not signed] R3 smwdm; C:\WINDOWS\System32\drivers\smwdm.sys [578304 2003-08-29] (Analog Devices, Inc.) [File not signed] S4 IntelIde; No ImagePath S1 SiSkp; system32\DRIVERS\srvkp.sys [X] U5 UnlockerDriver5; C:\Arquivos de programas\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Three Months Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-07 00:34 - 2015-07-07 00:34 - 01636352 _____ (Farbar) C:\Documents and Settings\Glauber Segalla\desktop\FRST_2.exe 2015-07-07 00:32 - 2015-07-07 00:32 - 11580322 _____ C:\Documents and Settings\Glauber Segalla\desktop\Aprenda a Gravar a Tela do Computador com o Atube Catcher - YouTube.mp4 2015-07-06 20:02 - 2015-07-06 20:02 - 00231912 _____ C:\Documents and Settings\Glauber Segalla\desktop\WRCFree-47591149.exe 2015-07-06 19:22 - 2015-07-06 20:36 - 00000156 _____ C:\WINDOWS\WindowsUpdate.log 2015-07-06 18:36 - 2015-07-06 18:36 - 00000000 ____D C:\Documents and Settings\All Users\Dados de aplicativos\IDM 2015-07-06 18:19 - 2015-07-06 18:19 - 00008620 _____ C:\Documents and Settings\Glauber Segalla\desktop\zoek-results.txt 2015-07-06 18:17 - 2015-07-07 00:38 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Configurações locais\Temp 2015-07-06 18:17 - 2015-07-06 18:17 - 00000000 ____D C:\Documents and Settings\NetworkService\Configuraþ§es locais 2015-07-06 18:17 - 2015-07-06 18:17 - 00000000 ____D C:\Documents and Settings\LocalService\Configuraþ§es locais 2015-07-06 18:17 - 2015-07-06 18:17 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Configuraþ§es locais 2015-07-06 18:17 - 2015-07-06 17:58 - 00024064 _____ C:\WINDOWS\zoek-delete.exe 2015-07-06 18:00 - 2015-07-06 18:18 - 00008620 _____ C:\zoek-results.log 2015-07-06 18:00 - 2015-07-06 10:31 - 00016563 _____ C:\zoek-results2015-07-06-133103.log 2015-07-06 17:29 - 2015-07-06 17:29 - 01308672 _____ C:\Documents and Settings\Glauber Segalla\desktop\zoek.exe 2015-07-06 16:31 - 2015-07-06 16:31 - 32999756 _____ C:\Documents and Settings\Glauber Segalla\desktop\Como Vender Mais - 4 Dicas Poderosas de Como Vender Mais no Youtube - YouTube.mp4 2015-07-06 16:31 - 2015-07-06 16:31 - 14614940 _____ C:\Documents and Settings\Glauber Segalla\desktop\Como aprimorar o registro do computador (Windows) - YouTube.mp4 2015-07-06 14:15 - 2015-07-06 14:17 - 00002584 _____ C:\Documents and Settings\Glauber Segalla\desktop\ZHPCleaner.txt 2015-07-06 14:08 - 2015-07-06 14:08 - 01845248 _____ C:\Documents and Settings\Glauber Segalla\desktop\ZHPCleaner.exe 2015-07-06 14:08 - 2015-07-06 14:08 - 00000861 _____ C:\Documents and Settings\Glauber Segalla\desktop\ZHPCleaner.lnk 2015-07-06 14:07 - 2015-07-06 14:07 - 00001373 _____ C:\Documents and Settings\Glauber Segalla\desktop\JRT.txt 2015-07-06 14:03 - 2015-07-06 14:03 - 00000000 ____D C:\RegBackup 2015-07-06 14:02 - 2015-07-06 14:02 - 02953457 _____ (Malwarebytes Corporation) C:\Documents and Settings\Glauber Segalla\desktop\JRT.exe 2015-07-06 14:01 - 2015-07-06 14:01 - 00001778 _____ C:\Documents and Settings\Glauber Segalla\desktop\AdwCleaner[S0].txt 2015-07-06 13:55 - 2015-07-06 13:59 - 00000000 ____D C:\AdwCleaner 2015-07-06 13:54 - 2015-07-06 13:54 - 02244096 _____ C:\Documents and Settings\Glauber Segalla\desktop\AdwCleaner.exe 2015-07-06 10:57 - 2015-07-06 10:57 - 114696813 _____ C:\Documents and Settings\Glauber Segalla\desktop\Youtube Dominado Módulo 7 - Aula 4 - Vendendo Infoproduto De Marcenaria.mp4 2015-07-06 10:33 - 2015-07-06 10:33 - 00002568 _____ C:\Documents and Settings\Glauber Segalla\desktop\FSS.txt 2015-07-06 10:32 - 2015-07-06 10:32 - 00415232 _____ (Farbar) C:\Documents and Settings\Glauber Segalla\desktop\FSS.exe 2015-07-06 10:32 - 2015-07-06 10:32 - 00008074 _____ C:\Documents and Settings\Glauber Segalla\desktop\MbrScan.log 2015-07-06 10:32 - 2015-07-06 10:32 - 00000512 _____ C:\Documents and Settings\Glauber Segalla\desktop\Dump_Hdd0_DR0.mbr 2015-07-06 10:31 - 2015-07-06 10:31 - 00147456 _____ (Eric_71) C:\Documents and Settings\Glauber Segalla\desktop\MbrScan.exe 2015-07-06 10:31 - 2015-07-06 10:31 - 00016563 _____ C:\Documents and Settings\Glauber Segalla\desktop\ZA-Scan.txt 2015-07-06 10:29 - 2015-07-06 18:12 - 00000000 ____D C:\zoek_backup 2015-07-06 10:28 - 2015-07-06 10:28 - 01368576 _____ C:\Documents and Settings\Glauber Segalla\desktop\ZA-Scan.exe 2015-07-06 10:23 - 2015-07-06 10:23 - 00064894 _____ C:\Documents and Settings\Glauber Segalla\desktop\ZHPDiag.txt 2015-07-06 10:21 - 2015-07-06 10:21 - 01836544 _____ C:\Documents and Settings\Glauber Segalla\desktop\ZHPDiag3.exe 2015-07-06 10:21 - 2015-07-06 10:21 - 00000851 _____ C:\Documents and Settings\Glauber Segalla\desktop\ZHPDiag.lnk 2015-07-06 01:36 - 2015-07-06 01:36 - 00073565 _____ C:\Documents and Settings\Glauber Segalla\desktop\Shortcut.txt 2015-07-06 01:34 - 2015-07-06 01:36 - 00025681 _____ C:\Documents and Settings\Glauber Segalla\desktop\Addition.txt 2015-07-06 01:33 - 2015-07-07 00:37 - 00015450 _____ C:\Documents and Settings\Glauber Segalla\desktop\FRST.txt 2015-07-06 01:32 - 2015-07-07 00:37 - 00000000 ____D C:\FRST 2015-07-06 01:30 - 2015-07-06 01:30 - 01636352 _____ (Farbar) C:\Documents and Settings\Glauber Segalla\desktop\FRST.exe 2015-07-05 16:04 - 2015-07-05 16:04 - 26105293 _____ C:\Documents and Settings\Glauber Segalla\desktop\Youtube ADS Premium - Oferta 19.mp4 2015-07-05 14:22 - 2015-07-05 14:22 - 09108473 _____ C:\Documents and Settings\Glauber Segalla\desktop\Explicação Appliwon resumida em Português A Unica de Cota fixa Diária - YouTube.mp4 2015-07-01 01:35 - 2015-07-01 01:35 - 00000000 ____D C:\WINDOWS\system32\Adobe 2015-07-01 00:49 - 2012-11-07 08:00 - 00046672 _____ (Panda Security, S.L.) C:\WINDOWS\system32\Drivers\PSKMAD.sys 2015-06-30 00:25 - 2015-06-30 00:25 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2015-06-30 00:25 - 2015-06-30 00:25 - 00096352 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2015-06-30 00:25 - 2015-06-30 00:25 - 00000000 ____D C:\Documents and Settings\All Users\Menu Iniciar\Programas\Java 2015-06-30 00:24 - 2015-06-30 00:24 - 00000000 ____D C:\Arquivos de programas\Java 2015-06-29 11:46 - 2015-06-29 11:46 - 00000747 _____ C:\Documents and Settings\Glauber Segalla\desktop\Atalho para CURSO 5 MIL FÃS NO FACEBOOK.lnk 2015-06-29 10:51 - 2015-06-29 10:51 - 00000539 _____ C:\Documents and Settings\Glauber Segalla\desktop\Atalho para VENDA REALIZADA.lnk 2015-06-26 01:27 - 2015-06-26 01:30 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\desktop\Como usar plugin Wordpress SEO Yoast Corretamente 2015-06-15 00:04 - 2015-06-15 00:05 - 00000000 ____D C:\Arquivos de programas\Pale Moon 2015-06-01 00:30 - 2015-06-01 00:30 - 00000728 _____ C:\Documents and Settings\Glauber Segalla\desktop\Atalho para CARTOLA.xls.lnk 2015-05-25 12:08 - 2015-05-25 12:08 - 00000000 ___RD C:\Arquivos de programas\Skype 2015-05-25 12:08 - 2015-05-25 12:08 - 00000000 ____D C:\Documents and Settings\All Users\Menu Iniciar\Programas\Skype 2015-05-25 12:08 - 2015-05-25 12:08 - 00000000 ____D C:\Arquivos de programas\Arquivos comuns\Skype 2015-05-14 01:25 - 2015-05-14 01:26 - 00000617 _____ C:\Documents and Settings\Glauber Segalla\desktop\Atalho para CRIE SITES DE VÍDEOS EM PILOTO AUTOMÁTICO.lnk 2015-05-05 20:03 - 2015-05-05 20:03 - 00000521 _____ C:\Documents and Settings\Glauber Segalla\desktop\Atalho para FACEBOOK E YOUTUBE.lnk 2015-05-04 01:54 - 2015-05-04 02:55 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\HandBrake 2015-04-30 18:30 - 2015-04-30 18:30 - 00000428 _____ C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\UserProducts.xml 2015-04-30 18:30 - 2015-04-30 18:30 - 00000003 _____ C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\updater.log 2015-04-27 16:35 - 2015-04-27 16:35 - 00000000 ____D C:\Arquivos de programas\Glarysoft 2015-04-27 00:14 - 2015-04-27 00:14 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\Mozilla 2015-04-25 17:05 - 2015-04-25 17:05 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\Moonchild Productions 2015-04-25 17:05 - 2015-04-25 17:05 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Moonchild Productions 2015-04-10 12:15 - 2015-04-10 12:15 - 00000530 _____ C:\Documents and Settings\Glauber Segalla\desktop\Atalho para VÍDEOS DO YOUTUBE FEITOS PELO FERNANDO DO CURSO YOUTUBE DOMINADO.lnk ==================== Three Months Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-07 00:27 - 2013-09-02 11:42 - 00001068 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-07 00:27 - 2012-01-29 01:17 - 00000157 _____ C:\WINDOWS\wiadebug.log 2015-07-07 00:27 - 2012-01-29 01:17 - 00000048 _____ C:\WINDOWS\wiaservc.log 2015-07-07 00:27 - 2012-01-28 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-07-06 20:36 - 2012-01-28 16:48 - 00000210 ___SH C:\Documents and Settings\Glauber Segalla\ntuser.ini 2015-07-06 20:36 - 2012-01-28 16:45 - 00032346 _____ C:\WINDOWS\SchedLgU.Txt 2015-07-06 20:06 - 2013-09-02 11:42 - 00001072 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-06 20:02 - 2012-09-04 02:01 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\DMCache 2015-07-06 18:36 - 2012-01-28 14:12 - 00000000 __RHD C:\Documents and Settings\All Users\Dados de aplicativos 2015-07-06 18:31 - 2012-01-28 16:48 - 00000000 ____D C:\Documents and Settings\Glauber Segalla 2015-07-06 18:19 - 2012-01-30 00:08 - 00000008 __RSH C:\Documents and Settings\All Users\ntuser.pol 2015-07-06 18:18 - 2012-01-28 16:48 - 00000000 ___HD C:\Documents and Settings\Glauber Segalla\Configurações locais 2015-07-06 18:12 - 2013-10-31 23:54 - 00000000 ____D C:\Arquivos de programas\Arquivos comuns\DVDVideoSoft 2015-07-06 18:12 - 2012-01-29 23:30 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2015-07-06 18:12 - 2012-01-28 16:48 - 00000000 __RHD C:\Documents and Settings\Glauber Segalla\Dados de aplicativos 2015-07-06 18:12 - 2012-01-28 14:15 - 00000000 ___RD C:\Arquivos de programas 2015-07-06 18:02 - 2012-01-28 14:14 - 00000000 ___RD C:\Documents and Settings\All Users\Menu Iniciar\Programas 2015-07-06 14:16 - 2015-03-12 01:09 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\ZHP 2015-07-06 10:22 - 2012-01-28 16:48 - 00000000 ___HD C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos 2015-07-06 00:16 - 2008-04-14 09:00 - 00002284 _____ C:\WINDOWS\system32\wpa.dbl 2015-07-05 16:05 - 2012-12-17 10:16 - 20971520 _____ C:\WINDOWS\system32\config\Nano.evt 2015-07-05 16:05 - 2012-02-28 01:19 - 00000000 ____D C:\Arquivos de programas\CCleaner 2015-07-05 02:31 - 2012-02-28 01:19 - 00000738 _____ C:\Documents and Settings\All Users\desktop\CCleaner.lnk 2015-07-01 12:48 - 2014-05-28 00:11 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\IDM 2015-07-01 01:35 - 2012-01-28 16:25 - 00000000 ____D C:\WINDOWS\system32\Macromed 2015-07-01 01:31 - 2012-01-28 23:42 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\Adobe 2015-07-01 01:17 - 2012-02-06 10:47 - 00000026 _____ C:\WINDOWS\Zone.Identifier 2015-06-30 18:52 - 2013-06-13 18:02 - 00000000 ____D C:\Sisadm 2015-06-27 15:01 - 2014-11-13 12:18 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\Adobe 2015-06-27 15:01 - 2014-04-17 11:10 - 00778416 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2015-06-27 15:01 - 2014-04-17 11:10 - 00142512 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2015-06-27 15:01 - 2014-04-17 11:10 - 00000902 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-06-25 12:32 - 2012-05-07 01:14 - 00000000 ____D C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\Skype 2015-06-08 20:34 - 2013-05-25 17:43 - 00007680 _____ C:\Documents and Settings\All Users\Dados de aplicativos\NanoRepository.bin ==================== Files in the root of some directories ======= 2013-12-30 00:46 - 2013-12-30 00:46 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Arquivos de programas\Arquivos comuns\atimpenc.dll 2012-02-03 09:44 - 2012-02-03 10:09 - 0007887 _____ () C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\pcouffin.cat 2012-02-03 09:44 - 2012-02-03 10:09 - 0001144 _____ () C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\pcouffin.inf 2012-02-03 09:44 - 2012-02-03 10:09 - 0047360 _____ (VSO Software) C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\pcouffin.sys 2013-03-25 12:23 - 2014-02-08 11:28 - 0000668 _____ () C:\Documents and Settings\Glauber Segalla\Dados de aplicativos\vso_ts_preview.xml 2012-01-31 23:55 - 2015-03-09 17:30 - 0035328 _____ () C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-01-31 19:11 - 2012-01-31 19:11 - 0082968 ____N () C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\FASTWiz.log 2015-04-30 18:30 - 2015-04-30 18:30 - 0000003 _____ () C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\updater.log 2015-04-30 18:30 - 2015-04-30 18:30 - 0000428 _____ () C:\Documents and Settings\Glauber Segalla\Configurações locais\Dados de aplicativos\UserProducts.xml Some zero byte size files/folders: ========================== C:\Windows\System32\Drivers\PSINAflt(2).sys ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of log ============================