Flux 
Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 20 usuários online :: 0 registrados, 0 invisíveis e 20 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
| Power Max |
| |||
| joram |
| |||
| Wings [In Memoriam] |
| |||
| caedurodrigues |
| |||
| Amigo Brasileiro |
| |||
| luizvilarinho |
| |||
| Danii |
| |||
| Admin |
| |||
| Danilo Marsaro |
| |||
| Andreata |
|
Virus de Navegador
2 participantes
Página 2 de 2
Página 2 de 2 • 
1, 2
Re: Virus de Navegador
por emily00 Ter 11 Mar 2014, 06:18
Bom dia,
Seguem o relatório do FRST, só não deu para salvar o programa, não apareceu a janela pedindo para salvar
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2014
Ran by Lu (administrator) on LU-PC on 11-03-2014 05:53:49
Running from C:\Users\Lu\Downloads
Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: Portuguese Brazilian
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\system32\CISVC.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\system32\mqsvc.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Positivo Informática) C:\Program Files\Positivo Informática\Recovery\Recovery2.exe
(Positivo Informática ) C:\Program Files\Positivo Informática\SW_Cadastro\Monitor.exe
(OpenOffice.org) C:\Program Files\BrOffice.org 2.4\program\soffice.exe
(OpenOffice.org) C:\Program Files\BrOffice.org 2.4\program\soffice.BIN
(Positivo Informática ) C:\Program Files\Positivo Informática\SW_Cadastro\Registro.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
==================== Registry (Whitelisted) ==================
Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)
HKU\S-1-5-19\...\Winlogon: [Shell] Explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] Explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION
IFEO\bpsvc.exe: [Debugger] tasklist.exe
Startup: C:\Users\Lu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BrOffice.org 2.4.lnk
ShortcutTarget: BrOffice.org 2.4.lnk -> C:\Program Files\BrOffice.org 2.4\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBCAA048AAB3CCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)
BHO: Jap.fm - {cc018c22-4de8-431f-9a1b-964bc51844a3} - C:\Program Files\Jap.fm\jap.fm.dll (Jap.fm Company)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 189.7.104.16 189.7.104.22 201.6.4.116
Tcpip\..\Interfaces\{9D1DA1F1-798A-4343-92B9-F1C9E3B3E367}: [NameServer]8.26.56.26,156.154.70.22
FireFox:
========
FF ProfilePath: C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\2hhbp2z6.default
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Lu\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Lu\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Lu\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2014-03-09]
FF HKLM\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\ []
Chrome:
=======
CHR DefaultSearchKeyword: google.com.br
CHR Plugin: (Google Talk Plugin) - c:\users\lu\appdata\roaming\mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - c:\users\lu\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - c:\users\lu\appdata\roaming\mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Google Earth Plugin) - c:\program files\google\google earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Photo Gallery) - c:\program files\windows live\photo gallery\npwlpg.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6) - c:\program files\quicktime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - c:\program files\quicktime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - c:\program files\quicktime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - c:\program files\quicktime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - c:\program files\quicktime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - c:\program files\quicktime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - c:\program files\quicktime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Extension: (Foxtab Speed Dial (Beta)) - C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcendgajlhoaiiccpijilcpmgphfflnj [2013-08-21]
CHR Extension: (Google Wallet) - C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Norton Identity Protection) - C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-03-09]
CHR HKLM\...\Chrome\Extension: [kcendgajlhoaiiccpijilcpmgphfflnj] - C:\Users\Lu\AppData\Local\newhb.crx [2013-08-01]
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2014-03-10]
========================== Services (Whitelisted) =================
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4163584 2014-03-09] (Emsisoft GmbH)
R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [132424 2009-03-05] (Apple Inc.)
R2 GbpSv; C:\Program Files\GbPlugin\gbpsv.exe [519720 2014-02-21] (GAS Tecnologia)
R2 iprip; C:\Windows\System32\iprip.dll [29696 2009-07-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [8704 2009-07-13] (Microsoft Corporation)
R2 NAV; C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\NAV.exe [262288 2013-10-08] (Symantec Corporation)
R2 NCO; C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)
==================== Drivers (Whitelisted) ====================
R1 360FileOem; C:\Windows\system32\drivers\360FileOem.sys [152880 2013-07-10] (360.cn)
R0 360HookOem; C:\Windows\System32\drivers\360HookOEM.sys [61488 2013-07-10] (360安全中心)
R1 360RegOem; C:\Windows\system32\drivers\360RegOem.sys [29744 2013-07-10] (360安全中心)
R1 360SpOEM; C:\Windows\System32\drivers\360SpOEM.sys [64048 2013-07-10] (360安全中心)
R1 60514181; C:\Windows\System32\DRIVERS\60514181.sys [128016 2014-03-03] (Kaspersky Lab)
R0 60514182; C:\Windows\System32\DRIVERS\60514182.sys [37392 2014-03-03] (Kaspersky Lab)
S3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [57944 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R1 BHDrvx86; C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys [1098968 2014-02-14] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAV\1501000.012\ccSetx86.sys [127064 2013-09-25] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NST\7DE06000.01B\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation)
S3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2014-03-08] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2014-03-08] (Symantec Corporation)
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [49536 2013-05-08] (GAS Tecnologia)
R1 IDSVix86; C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20140309.001\IDSvix86.sys [395992 2014-03-07] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [141824 2010-11-20] (Microsoft Corporation)
R3 NAVENG; C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140310.033\NAVENG.SYS [93272 2014-03-08] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140310.033\NAVEX15.SYS [1612376 2014-03-08] (Symantec Corporation)
R1 Ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2014-03-02] (GAS Tecnologia)
R1 SRTSP; C:\Windows\system32\drivers\NAV\1501000.012\SRTSP.SYS [651352 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAV\1501000.012\SRTSPX.SYS [32344 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAV\1501000.012\SYMDS.SYS [367704 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAV\1501000.012\SYMEFA.SYS [935512 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2014-03-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAV\1501000.012\Ironx86.SYS [206936 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NAV\1501000.012\SYMNETS.SYS [446552 2013-09-26] (Symantec Corporation)
S3 utm0nziw; C:\Windows\system32\Drivers\utm0nziw.sys [0 2014-03-05] ()
S3 BdApiUtil; \??\C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.sys [X]
S0 Bhbase; System32\drivers\Bhbase.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 NdisrdMP; system32\DRIVERS\gbpndisrd.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-11 05:53 - 2014-03-11 05:55 - 00015146 _____ () C:\Users\Lu\Downloads\FRST.txt
2014-03-11 05:53 - 2014-03-11 05:53 - 00000000 ____D () C:\FRST
2014-03-11 05:52 - 2014-03-11 05:53 - 01145856 _____ (Farbar) C:\Users\Lu\Downloads\FRST.exe
2014-03-10 17:29 - 2014-03-10 17:29 - 00001349 _____ () C:\Users\Lu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-10 17:26 - 2014-03-10 16:59 - 00005460 _____ () C:\Users\Lu\Desktop\ZHPFixReport.txt
2014-03-10 17:07 - 2014-03-10 17:07 - 00005460 _____ () C:\Users\Lu\Documents\nicolas colman.txt
2014-03-10 17:01 - 2014-03-10 17:01 - 00000000 ____D () C:\Users\Lu\Desktop\Nicolas
2014-03-09 23:11 - 2014-03-09 23:11 - 00048756 _____ () C:\Users\Lu\Desktop\ZHPDiag.txt
2014-03-09 23:06 - 2014-03-09 23:06 - 00001893 _____ () C:\Users\Lu\Desktop\ZHPFix.lnk
2014-03-09 23:06 - 2014-03-09 23:06 - 00001766 _____ () C:\Users\Lu\Desktop\ZHPDiag.lnk
2014-03-09 23:05 - 2014-03-10 17:26 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\ZHP
2014-03-09 23:05 - 2014-03-09 23:06 - 00000000 ____D () C:\Program Files\ZHPDiag
2014-03-09 23:03 - 2014-03-09 23:05 - 06866603 _____ (Nicolas Coolman ) C:\Users\Lu\Downloads\ZHPDiag2.exe
2014-03-09 22:30 - 2014-03-09 22:30 - 00001907 _____ () C:\Users\Lu\Desktop\JRT.txt
2014-03-09 22:29 - 2014-03-09 22:29 - 00000000 ____D () C:\Windows\ERUNT
2014-03-09 22:28 - 2014-03-09 22:28 - 01037734 _____ (Thisisu) C:\Users\Lu\Downloads\JRT.exe
2014-03-09 22:23 - 2014-03-09 22:23 - 00668480 _____ ( ) C:\Users\Lu\Downloads\DownloadManagerSetup.exe
2014-03-09 22:23 - 2014-03-09 22:23 - 00668480 _____ ( ) C:\Users\Lu\Downloads\DownloadManagerSetup (1).exe
2014-03-09 21:36 - 2014-03-09 21:36 - 00000095 _____ () C:\files.log
2014-03-09 21:36 - 2014-03-09 21:13 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-09 21:32 - 2014-03-09 21:36 - 00000000 ____D () C:\zoek
2014-03-09 21:20 - 2014-03-09 21:40 - 00013320 _____ () C:\zoek-results.log
2014-03-09 21:19 - 2014-03-09 21:20 - 00000000 ____D () C:\Users\Lu\Downloads\zoek (1)
2014-03-09 21:18 - 2014-03-09 21:19 - 04095370 _____ () C:\Users\Lu\Downloads\zoek (1).zip
2014-03-09 21:15 - 2014-03-09 21:17 - 04095370 _____ () C:\Users\Lu\Downloads\zoek.zip
2014-03-09 21:14 - 2014-03-09 21:14 - 01285120 _____ () C:\Users\Lu\Downloads\zoek (1).exe
2014-03-09 21:13 - 2014-03-09 21:32 - 00000000 ____D () C:\zoek_backup
2014-03-09 21:13 - 2014-03-09 21:13 - 01285120 _____ () C:\Users\Lu\Downloads\zoek.exe
2014-03-09 20:22 - 2014-03-09 20:23 - 01244192 _____ () C:\Users\Lu\Downloads\AdwCleaner (1).exe
2014-03-09 16:11 - 2014-03-09 16:11 - 00667272 _____ ( ) C:\Users\Lu\Downloads\ZipSetup.exe
2014-03-09 16:09 - 2014-03-09 16:10 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lu\Downloads\HijackThis (1).exe
2014-03-09 14:29 - 2014-03-09 14:29 - 00001009 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-03-09 14:28 - 2014-03-09 20:29 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2014-03-09 14:28 - 2014-03-09 14:28 - 00000000 ____D () C:\Users\Lu\Documents\Anti-Malware
2014-03-09 14:09 - 2014-03-09 14:10 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lu\Downloads\HijackThis.exe
2014-03-09 13:50 - 2014-03-09 14:27 - 224608616 _____ (Emsisoft GmbH ) C:\Users\Lu\Downloads\EmsisoftAntiMalwareSetup.exe
2014-03-09 13:41 - 2014-03-09 13:42 - 00987442 _____ () C:\Users\Lu\Downloads\SecurityCheck.exe
2014-03-09 12:40 - 2014-03-09 23:35 - 00000000 ____D () C:\AdwCleaner
2014-03-09 12:39 - 2014-03-09 12:40 - 01244192 _____ () C:\Users\Lu\Downloads\AdwCleaner.exe
2014-03-09 12:35 - 2014-03-09 12:36 - 00683008 _____ ( ) C:\Users\Lu\Downloads\adwcleaner-3-012-52716-br-setup.exe
2014-03-09 12:35 - 2014-03-09 12:35 - 00683008 _____ ( ) C:\Users\Lu\Downloads\Não confirmado 586394.crdownload
2014-03-09 02:02 - 2014-03-09 02:03 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-09 02:02 - 2014-03-09 02:02 - 00001027 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-09 02:01 - 2014-03-09 02:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lu\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-03-09 01:59 - 2014-03-09 02:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lu\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-09 00:56 - 2014-03-09 12:23 - 00000000 ____D () C:\Users\Lu\AppData\Local\NPE
2014-03-08 22:45 - 2014-03-08 22:45 - 00000448 _____ () C:\Windows\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job
2014-03-08 22:07 - 2014-03-09 00:57 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-03-08 22:07 - 2014-03-08 22:07 - 00142936 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2014-03-08 22:07 - 2014-03-08 22:07 - 00008194 _____ () C:\Windows\system32\Drivers\SYMEVENT.CAT
2014-03-08 22:07 - 2014-03-08 22:07 - 00002351 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-03-08 22:07 - 2014-03-08 22:07 - 00000000 ____D () C:\Windows\system32\Drivers\NST
2014-03-08 22:07 - 2014-03-08 22:07 - 00000000 ____D () C:\Program Files\Norton Identity Safe
2014-03-08 22:06 - 2014-03-08 22:06 - 00000000 ____D () C:\Windows\system32\Drivers\NAV
2014-03-08 22:06 - 2014-03-08 22:06 - 00000000 ____D () C:\Program Files\Norton AntiVirus
2014-03-08 21:37 - 2014-03-08 22:06 - 221064696 ____N (Symantec Corporation) C:\Users\Lu\Downloads\NAV-TW-21.1.0-BR.exe
2014-03-08 21:24 - 2014-03-09 00:46 - 00001224 _____ () C:\Windows\system32\PCloudCleanerService.log
2014-03-08 21:12 - 2014-03-08 21:12 - 00000000 _____ () C:\Windows\SETUP.LST
2014-03-08 02:46 - 2014-03-08 02:46 - 00001200 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-03-08 02:46 - 2014-03-08 02:46 - 00000000 ____D () C:\Program Files\Panda Security
2014-03-08 02:42 - 2014-03-08 02:46 - 27969272 _____ (Panda Security ) C:\Users\Lu\Downloads\PandaCloudCleaner.exe
2014-03-07 20:11 - 2014-03-07 22:34 - 938475520 _____ () C:\Users\Lu\Downloads\ubuntu-13.10-desktop-i386.iso
2014-03-07 19:18 - 2014-03-07 19:18 - 00000000 _____ () C:\Windows\system32\Drivers\GDWFPCD32.SYS
2014-03-07 19:08 - 2014-03-07 19:08 - 00016048 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2014-03-07 03:01 - 2014-02-05 05:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-07 03:01 - 2014-02-05 05:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-07 03:01 - 2014-02-05 05:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-07 03:01 - 2014-02-05 05:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-07 03:01 - 2014-02-05 05:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-07 03:01 - 2014-02-05 05:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-07 03:01 - 2014-02-05 05:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-07 03:01 - 2014-02-05 05:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-07 03:01 - 2014-02-05 05:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-07 03:01 - 2014-02-05 05:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-07 03:01 - 2014-02-05 05:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-07 03:01 - 2014-02-05 05:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-07 03:01 - 2014-02-05 05:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-07 03:01 - 2014-02-05 05:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-07 03:01 - 2014-02-05 05:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-07 03:01 - 2014-02-05 05:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-07 02:37 - 2014-03-07 02:37 - 00000000 ____D () C:\Users\Lu\AppData\Local\COMODO
2014-03-06 22:10 - 2014-03-06 22:55 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-03-06 22:07 - 2014-03-06 22:07 - 00000000 ___HD () C:\VritualRoot
2014-03-06 21:52 - 2014-03-08 22:46 - 00000000 ____D () C:\Users\Todos os Usuários\CPA_VA
2014-03-06 21:52 - 2014-03-08 22:46 - 00000000 ____D () C:\ProgramData\CPA_VA
2014-03-06 21:29 - 2014-03-08 19:47 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-03-06 21:27 - 2014-03-06 22:41 - 00000000 ____D () C:\Users\Todos os Usuários\Comodo
2014-03-06 21:27 - 2014-03-06 22:41 - 00000000 ____D () C:\ProgramData\Comodo
2014-03-06 21:27 - 2014-03-06 21:28 - 00000000 ____D () C:\Program Files\COMODO
2014-03-06 21:27 - 2014-03-06 21:27 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\gdiplus.dll
2014-03-06 21:27 - 2014-03-06 21:27 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
2014-03-06 21:27 - 2014-03-06 21:27 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2014-03-06 21:22 - 2014-03-06 21:27 - 00000000 ____D () C:\Users\Todos os Usuários\Comodo Downloader
2014-03-06 21:22 - 2014-03-06 21:27 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-03-06 21:20 - 2014-03-06 21:21 - 03862856 _____ (COMODO) C:\Users\Lu\Desktop\cav_installer(1).exe
2014-03-06 21:19 - 2014-03-06 21:20 - 03862856 _____ (COMODO) C:\Users\Lu\Desktop\cav_installer.exe
2014-03-06 02:37 - 2014-03-06 02:37 - 01071000 _____ (Solid State Networks) C:\Users\Lu\Downloads\install_flashplayer12x32_mssa_aaa_aih.exe
2014-03-06 01:59 - 2014-03-06 01:59 - 00001065 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-06 01:59 - 2014-03-06 01:59 - 00000000 ____D () C:\Users\Todos os Usuários\Mozilla
2014-03-06 01:59 - 2014-03-06 01:59 - 00000000 ____D () C:\Users\Lu\AppData\Local\Mozilla
2014-03-06 01:59 - 2014-03-06 01:59 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-06 01:59 - 2014-03-06 01:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-06 01:54 - 2014-03-06 01:54 - 00283016 _____ (Mozilla) C:\Users\Lu\Downloads\Firefox Setup Stub 27.0.1.exe
2014-03-06 01:46 - 2014-03-06 01:46 - 00009994 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-05 02:01 - 2014-03-05 02:01 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\AVG2014
2014-03-05 01:59 - 2014-03-08 17:56 - 00000000 ____D () C:\Users\Todos os Usuários\AVG2014
2014-03-05 01:59 - 2014-03-08 17:56 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-05 01:58 - 2014-03-05 01:58 - 00000000 ____D () C:\Windows\system32\%systemroot%
2014-03-05 01:58 - 2014-03-05 01:58 - 00000000 ____D () C:\Program Files\AVG
2014-03-05 01:47 - 2014-03-05 02:42 - 00000000 ____D () C:\Users\Lu\AppData\Local\Avg2014
2014-03-05 01:17 - 2014-03-05 01:17 - 00000000 _____ () C:\Windows\system32\Drivers\utm0nziw.sys
2014-03-04 20:14 - 2014-03-03 20:39 - 00311312 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\6051418.sys
2014-03-04 20:14 - 2014-03-03 20:39 - 00128016 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\60514181.sys
2014-03-04 20:14 - 2014-03-03 20:39 - 00037392 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\60514182.sys
2014-03-04 20:01 - 2014-03-04 20:05 - 00000000 ____D () C:\Program Files\Oasis Games Limited
2014-03-03 21:00 - 2014-03-03 21:10 - 00000000 ____D () C:\Program Files\FineRecovery
2014-03-03 21:00 - 2014-03-03 21:00 - 00000000 ____D () C:\Users\Lu\AppData\Local\CrashRpt
2014-03-03 20:19 - 2014-03-03 20:19 - 00000000 ____D () C:\Users\Todos os Usuários\Martau
2014-03-03 20:19 - 2014-03-03 20:19 - 00000000 ____D () C:\ProgramData\Martau
2014-03-03 20:18 - 2014-03-03 20:19 - 00000000 ____D () C:\Program Files\Total Uninstall 6
2014-03-03 20:13 - 2014-03-04 19:54 - 00000000 ____D () C:\Program Files\MiPony
2014-03-03 20:13 - 2014-03-03 20:13 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony
2014-03-03 20:13 - 2014-03-03 20:13 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\1H1Q
2014-03-03 19:55 - 2014-03-03 21:21 - 00000000 ____D () C:\Program Files\Xvid
2014-03-03 17:54 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-03 15:51 - 2014-03-05 01:04 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab
2014-03-03 15:51 - 2014-03-05 01:04 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-03 15:31 - 2014-03-03 15:33 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\DivX
2014-03-03 15:27 - 2014-03-03 21:12 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-03-03 15:18 - 2014-03-03 15:45 - 135005840 _____ ( ) C:\Users\Lu\Desktop\kaspersky.exe
2014-03-03 15:05 - 2014-03-03 21:12 - 00000000 ____D () C:\Users\Todos os Usuários\DivX
2014-03-03 15:05 - 2014-03-03 21:12 - 00000000 ____D () C:\ProgramData\DivX
2014-03-03 15:05 - 2014-03-03 21:08 - 00000000 ____D () C:\Program Files\DSP-worx
2014-03-03 15:05 - 2014-03-03 15:05 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\LavFilters
2014-03-03 15:05 - 2014-03-03 15:05 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\CDXReader
2014-03-02 20:01 - 2014-03-02 20:01 - 00000000 _____ () C:\Users\Lu\AppData\Roaming\FileShred.log
2014-03-02 14:41 - 2014-03-05 00:30 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-02 13:59 - 2014-03-02 13:59 - 00029400 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpndisrdn.sys
2014-03-01 17:32 - 2014-03-07 19:19 - 00000000 ____D () C:\Program Files\Common Files\G Data
2014-03-01 17:31 - 2014-03-07 19:19 - 00000000 ____D () C:\Users\Todos os Usuários\G Data
2014-03-01 17:31 - 2014-03-07 19:19 - 00000000 ____D () C:\ProgramData\G Data
2014-02-28 19:48 - 2014-02-28 19:48 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-02-28 19:48 - 2014-02-28 19:48 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\Malwarebytes
2014-02-28 19:48 - 2014-02-28 19:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-27 23:36 - 2014-02-27 23:36 - 00262144 _____ () C:\Windows\system32\config\elam
2014-02-27 22:28 - 2014-03-01 15:32 - 00000000 ____D () C:\Users\Todos os Usuários\AVAST Software
2014-02-27 22:28 - 2014-03-01 15:32 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-27 21:10 - 2014-03-01 15:20 - 00000000 ____D () C:\Users\Lu\AppData\Local\DoNotTrackPlus
2014-02-27 21:04 - 2014-03-04 20:02 - 00000000 ____D () C:\Users\Todos os Usuários\Log
2014-02-27 21:04 - 2014-03-04 20:02 - 00000000 ____D () C:\ProgramData\Log
2014-02-27 20:55 - 2014-02-27 20:55 - 00000000 ____D () C:\Users\Todos os Usuários\CheckPoint
2014-02-27 20:55 - 2014-02-27 20:55 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-02-27 19:30 - 2014-02-27 19:30 - 00000000 ____H () C:\Users\Lu\Documents\Default.rdp
2014-02-25 01:04 - 2014-02-25 01:04 - 00001475 _____ () C:\Users\Lu\Desktop\YouTube.url
2014-02-23 23:06 - 2014-02-23 23:06 - 00001481 _____ () C:\Users\Lu\AppData\Local\recently-used.xbel
2014-02-22 12:51 - 2014-02-22 13:01 - 00000000 ____D () C:\Users\Lu\AppData\Local\cache
2014-02-22 12:51 - 2014-02-22 12:51 - 00000000 ____D () C:\Users\Lu\.android
2014-02-22 12:15 - 2014-02-22 12:15 - 00000029 _____ () C:\Windows\system32\config.ini
2014-02-22 12:13 - 2014-03-02 13:57 - 00000000 ____D () C:\Segnas
2014-02-22 12:13 - 2008-07-05 13:30 - 00001351 _____ () C:\Windows\system32\Receitas.dll
2014-02-22 12:13 - 2004-08-04 00:45 - 00561179 _____ (Microsoft Corporation) C:\Windows\system32\dao360.dll
2014-02-22 12:13 - 1998-06-18 00:00 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\VB6STKIT.DLL
2014-02-12 19:25 - 2013-12-31 20:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 19:25 - 2013-12-05 23:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 19:25 - 2013-12-05 23:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 19:24 - 2013-12-24 20:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 19:24 - 2013-12-03 23:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 19:24 - 2013-12-03 23:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 19:24 - 2013-12-03 23:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 19:24 - 2013-12-03 23:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 19:24 - 2013-12-03 23:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 19:24 - 2013-12-03 22:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 19:24 - 2013-12-03 22:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 19:24 - 2013-12-03 22:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 19:24 - 2013-12-03 22:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 19:24 - 2013-11-26 05:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 10:15 - 2014-02-12 10:15 - 00001014 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2631333086-1251509141-173655686-1000Core1cf27f47b41858d.job
2014-02-10 20:32 - 2014-02-10 20:32 - 01152656 _____ () C:\Windows\system32\MovieMode.48CA2AEFA22D.dll
==================== One Month Modified Files and Folders =======
2014-03-11 05:55 - 2014-03-11 05:53 - 00015146 _____ () C:\Users\Lu\Downloads\FRST.txt
2014-03-11 05:53 - 2014-03-11 05:53 - 00000000 ____D () C:\FRST
2014-03-11 05:53 - 2014-03-11 05:52 - 01145856 _____ (Farbar) C:\Users\Lu\Downloads\FRST.exe
2014-03-11 05:33 - 2009-07-14 01:34 - 00016160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-11 05:33 - 2009-07-14 01:34 - 00016160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-11 05:30 - 2010-01-09 09:21 - 01357487 _____ () C:\Windows\WindowsUpdate.log
2014-03-11 05:26 - 2013-08-21 20:32 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\BrOffice.org2
2014-03-11 05:26 - 2013-06-05 16:23 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-11 05:25 - 2013-10-09 20:36 - 00000000 ____D () C:\Users\Todos os Usuários\GbPlugin
2014-03-11 05:25 - 2013-10-09 20:36 - 00000000 ____D () C:\ProgramData\GbPlugin
2014-03-11 05:25 - 2009-12-09 23:13 - 00579770 _____ () C:\Windows\PFRO.log
2014-03-11 05:25 - 2009-07-14 01:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-11 05:25 - 2009-07-14 01:39 - 00101574 _____ () C:\Windows\setupact.log
2014-03-10 21:58 - 2013-07-05 20:14 - 00000000 ____D () C:\Users\Todos os Usuários\Skype
2014-03-10 21:58 - 2013-07-05 20:14 - 00000000 ____D () C:\ProgramData\Skype
2014-03-10 21:57 - 2013-06-05 16:23 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-10 21:23 - 2013-07-10 22:22 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-10 20:07 - 2013-07-05 20:14 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\Skype
2014-03-10 20:04 - 2013-10-09 20:36 - 00000000 ____D () C:\Program Files\GbPlugin
2014-03-10 17:29 - 2014-03-10 17:29 - 00001349 _____ () C:\Users\Lu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-10 17:28 - 2010-01-10 14:53 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-10 17:26 - 2014-03-09 23:05 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\ZHP
2014-03-10 17:07 - 2014-03-10 17:07 - 00005460 _____ () C:\Users\Lu\Documents\nicolas colman.txt
2014-03-10 17:01 - 2014-03-10 17:01 - 00000000 ____D () C:\Users\Lu\Desktop\Nicolas
2014-03-10 16:59 - 2014-03-10 17:26 - 00005460 _____ () C:\Users\Lu\Desktop\ZHPFixReport.txt
2014-03-10 16:58 - 2013-06-13 23:56 - 00000000 ____D () C:\Program Files\Baidu Security
2014-03-09 23:35 - 2014-03-09 12:40 - 00000000 ____D () C:\AdwCleaner
2014-03-09 23:11 - 2014-03-09 23:11 - 00048756 _____ () C:\Users\Lu\Desktop\ZHPDiag.txt
2014-03-09 23:06 - 2014-03-09 23:06 - 00001893 _____ () C:\Users\Lu\Desktop\ZHPFix.lnk
2014-03-09 23:06 - 2014-03-09 23:06 - 00001766 _____ () C:\Users\Lu\Desktop\ZHPDiag.lnk
2014-03-09 23:06 - 2014-03-09 23:05 - 00000000 ____D () C:\Program Files\ZHPDiag
2014-03-09 23:05 - 2014-03-09 23:03 - 06866603 _____ (Nicolas Coolman ) C:\Users\Lu\Downloads\ZHPDiag2.exe
2014-03-09 22:49 - 2013-11-29 10:39 - 00000286 __RSH () C:\Users\Lu\ntuser.pol
2014-03-09 22:49 - 2010-01-09 09:22 - 00000000 ____D () C:\Users\Lu
2014-03-09 22:30 - 2014-03-09 22:30 - 00001907 _____ () C:\Users\Lu\Desktop\JRT.txt
2014-03-09 22:29 - 2014-03-09 22:29 - 00000000 ____D () C:\Windows\ERUNT
2014-03-09 22:28 - 2014-03-09 22:28 - 01037734 _____ (Thisisu) C:\Users\Lu\Downloads\JRT.exe
2014-03-09 22:23 - 2014-03-09 22:23 - 00668480 _____ ( ) C:\Users\Lu\Downloads\DownloadManagerSetup.exe
2014-03-09 22:23 - 2014-03-09 22:23 - 00668480 _____ ( ) C:\Users\Lu\Downloads\DownloadManagerSetup (1).exe
2014-03-09 21:40 - 2014-03-09 21:20 - 00013320 _____ () C:\zoek-results.log
2014-03-09 21:36 - 2014-03-09 21:36 - 00000095 _____ () C:\files.log
2014-03-09 21:36 - 2014-03-09 21:32 - 00000000 ____D () C:\zoek
2014-03-09 21:32 - 2014-03-09 21:13 - 00000000 ____D () C:\zoek_backup
2014-03-09 21:20 - 2014-03-09 21:19 - 00000000 ____D () C:\Users\Lu\Downloads\zoek (1)
2014-03-09 21:19 - 2014-03-09 21:18 - 04095370 _____ () C:\Users\Lu\Downloads\zoek (1).zip
2014-03-09 21:17 - 2014-03-09 21:15 - 04095370 _____ () C:\Users\Lu\Downloads\zoek.zip
2014-03-09 21:14 - 2014-03-09 21:14 - 01285120 _____ () C:\Users\Lu\Downloads\zoek (1).exe
2014-03-09 21:13 - 2014-03-09 21:36 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-09 21:13 - 2014-03-09 21:13 - 01285120 _____ () C:\Users\Lu\Downloads\zoek.exe
2014-03-09 20:29 - 2014-03-09 14:28 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2014-03-09 20:23 - 2014-03-09 20:22 - 01244192 _____ () C:\Users\Lu\Downloads\AdwCleaner (1).exe
2014-03-09 16:11 - 2014-03-09 16:11 - 00667272 _____ ( ) C:\Users\Lu\Downloads\ZipSetup.exe
2014-03-09 16:10 - 2014-03-09 16:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lu\Downloads\HijackThis (1).exe
2014-03-09 14:29 - 2014-03-09 14:29 - 00001009 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-03-09 14:28 - 2014-03-09 14:28 - 00000000 ____D () C:\Users\Lu\Documents\Anti-Malware
2014-03-09 14:27 - 2014-03-09 13:50 - 224608616 _____ (Emsisoft GmbH ) C:\Users\Lu\Downloads\EmsisoftAntiMalwareSetup.exe
2014-03-09 14:10 - 2014-03-09 14:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lu\Downloads\HijackThis.exe
2014-03-09 13:42 - 2014-03-09 13:41 - 00987442 _____ () C:\Users\Lu\Downloads\SecurityCheck.exe
2014-03-09 12:40 - 2014-03-09 12:39 - 01244192 _____ () C:\Users\Lu\Downloads\AdwCleaner.exe
2014-03-09 12:36 - 2014-03-09 12:35 - 00683008 _____ ( ) C:\Users\Lu\Downloads\adwcleaner-3-012-52716-br-setup.exe
2014-03-09 12:35 - 2014-03-09 12:35 - 00683008 _____ ( ) C:\Users\Lu\Downloads\Não confirmado 586394.crdownload
2014-03-09 12:23 - 2014-03-09 00:56 - 00000000 ____D () C:\Users\Lu\AppData\Local\NPE
2014-03-09 12:03 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\AppCompat
2014-03-09 03:33 - 2009-09-16 19:29 - 01768848 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-09 03:33 - 2009-07-14 05:31 - 00756410 _____ () C:\Windows\system32\prfh0416.dat
2014-03-09 03:33 - 2009-07-14 05:31 - 00165954 _____ () C:\Windows\system32\prfc0416.dat
2014-03-09 03:28 - 2009-09-17 00:16 - 00000000 ____D () C:\Windows\ConfigSetRoot
2014-03-09 02:03 - 2014-03-09 02:02 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-09 02:03 - 2014-03-09 02:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lu\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-03-09 02:02 - 2014-03-09 02:02 - 00001027 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-09 02:01 - 2014-03-09 01:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lu\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-09 01:31 - 2013-07-27 18:37 - 00000258 _____ () C:\Users\Lu\AppData\Roaming\WB.CFG
2014-03-09 00:57 - 2014-03-08 22:07 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-03-09 00:56 - 2009-12-09 22:54 - 00000000 ____D () C:\Users\Todos os Usuários\Norton
2014-03-09 00:56 - 2009-12-09 22:54 - 00000000 ____D () C:\ProgramData\Norton
2014-03-09 00:46 - 2014-03-08 21:24 - 00001224 _____ () C:\Windows\system32\PCloudCleanerService.log
2014-03-08 23:24 - 2013-07-07 22:44 - 00000000 ____D () C:\Users\Lu\Desktop\BACKUP
2014-03-08 23:22 - 2010-01-09 09:36 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\vlc
2014-03-08 23:21 - 2013-08-01 15:50 - 00000000 ___RD () C:\Users\Lu\SkyDrive
2014-03-08 22:46 - 2014-03-06 21:52 - 00000000 ____D () C:\Users\Todos os Usuários\CPA_VA
2014-03-08 22:46 - 2014-03-06 21:52 - 00000000 ____D () C:\ProgramData\CPA_VA
2014-03-08 22:45 - 2014-03-08 22:45 - 00000448 _____ () C:\Windows\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job
2014-03-08 22:07 - 2014-03-08 22:07 - 00142936 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2014-03-08 22:07 - 2014-03-08 22:07 - 00008194 _____ () C:\Windows\system32\Drivers\SYMEVENT.CAT
2014-03-08 22:07 - 2014-03-08 22:07 - 00002351 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-03-08 22:07 - 2014-03-08 22:07 - 00000000 ____D () C:\Windows\system32\Drivers\NST
2014-03-08 22:07 - 2014-03-08 22:07 - 00000000 ____D () C:\Program Files\Norton Identity Safe
2014-03-08 22:06 - 2014-03-08 22:06 - 00000000 ____D () C:\Windows\system32\Drivers\NAV
2014-03-08 22:06 - 2014-03-08 22:06 - 00000000 ____D () C:\Program Files\Norton AntiVirus
2014-03-08 22:06 - 2014-03-08 21:37 - 221064696 ____N (Symantec Corporation) C:\Users\Lu\Downloads\NAV-TW-21.1.0-BR.exe
2014-03-08 21:12 - 2014-03-08 21:12 - 00000000 _____ () C:\Windows\SETUP.LST
2014-03-08 19:47 - 2014-03-06 21:29 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-03-08 17:57 - 2013-06-05 18:45 - 00000000 ____D () C:\Users\Todos os Usuários\MFAData
2014-03-08 17:57 - 2013-06-05 18:45 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-08 17:56 - 2014-03-05 01:59 - 00000000 ____D () C:\Users\Todos os Usuários\AVG2014
2014-03-08 17:56 - 2014-03-05 01:59 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-08 17:56 - 2013-06-05 18:53 - 00000000 ___HD () C:\$AVG
2014-03-08 17:50 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-03-08 04:02 - 2013-07-14 01:43 - 00000000 ____D () C:\Users\DefaultAppPool
2014-03-08 02:46 - 2014-03-08 02:46 - 00001200 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-03-08 02:46 - 2014-03-08 02:46 - 00000000 ____D () C:\Program Files\Panda Security
2014-03-08 02:46 - 2014-03-08 02:42 - 27969272 _____ (Panda Security ) C:\Users\Lu\Downloads\PandaCloudCleaner.exe
2014-03-07 22:34 - 2014-03-07 20:11 - 938475520 _____ () C:\Users\Lu\Downloads\ubuntu-13.10-desktop-i386.iso
2014-03-07 19:21 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\spool
2014-03-07 19:19 - 2014-03-01 17:32 - 00000000 ____D () C:\Program Files\Common Files\G Data
2014-03-07 19:19 - 2014-03-01 17:31 - 00000000 ____D () C:\Users\Todos os Usuários\G Data
2014-03-07 19:19 - 2014-03-01 17:31 - 00000000 ____D () C:\ProgramData\G Data
2014-03-07 19:19 - 2009-07-13 23:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-07 19:19 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\winevt
2014-03-07 19:19 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\SMI
2014-03-07 19:19 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\MUI
2014-03-07 19:19 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\com
2014-03-07 19:18 - 2014-03-07 19:18 - 00000000 _____ () C:\Windows\system32\Drivers\GDWFPCD32.SYS
2014-03-07 19:08 - 2014-03-07 19:08 - 00016048 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2014-03-07 02:37 - 2014-03-07 02:37 - 00000000 ____D () C:\Users\Lu\AppData\Local\COMODO
2014-03-07 02:29 - 2013-06-05 21:07 - 00000000 ____D () C:\Program Files\77zip
2014-03-07 02:28 - 2009-12-09 23:01 - 00000000 ____D () C:\Mundo da Criança
2014-03-07 02:09 - 2010-05-26 16:02 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\dvdcss
2014-03-07 01:38 - 2013-12-18 22:39 - 00000116 _____ () C:\Windows\NeroDigital.ini
2014-03-07 00:53 - 2010-06-22 21:18 - 00000000 ____D () C:\Users\Lu\AppData\Local\Google
2014-03-07 00:23 - 2013-06-05 21:07 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-06 22:55 - 2014-03-06 22:10 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-03-06 22:41 - 2014-03-06 21:27 - 00000000 ____D () C:\Users\Todos os Usuários\Comodo
2014-03-06 22:41 - 2014-03-06 21:27 - 00000000 ____D () C:\ProgramData\Comodo
2014-03-06 22:07 - 2014-03-06 22:07 - 00000000 ___HD () C:\VritualRoot
2014-03-06 21:28 - 2014-03-06 21:27 - 00000000 ____D () C:\Program Files\COMODO
2014-03-06 21:27 - 2014-03-06 21:27 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\gdiplus.dll
2014-03-06 21:27 - 2014-03-06 21:27 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
2014-03-06 21:27 - 2014-03-06 21:27 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2014-03-06 21:27 - 2014-03-06 21:22 - 00000000 ____D () C:\Users\Todos os Usuários\Comodo Downloader
2014-03-06 21:27 - 2014-03-06 21:22 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-03-06 21:21 - 2014-03-06 21:20 - 03862856 _____ (COMODO) C:\Users\Lu\Desktop\cav_installer(1).exe
2014-03-06 21:20 - 2014-03-06 21:19 - 03862856 _____ (COMODO) C:\Users\Lu\Desktop\cav_installer.exe
2014-03-06 02:37 - 2014-03-06 02:37 - 01071000 _____ (Solid State Networks) C:\Users\Lu\Downloads\install_flashplayer12x32_mssa_aaa_aih.exe
2014-03-06 01:59 - 2014-03-06 01:59 - 00001065 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-06 01:59 - 2014-03-06 01:59 - 00000000 ____D () C:\Users\Todos os Usuários\Mozilla
2014-03-06 01:59 - 2014-03-06 01:59 - 00000000 ____D () C:\Users\Lu\AppData\Local\Mozilla
2014-03-06 01:59 - 2014-03-06 01:59 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-06 01:59 - 2014-03-06 01:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-06 01:59 - 2013-06-05 21:07 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\Mozilla
2014-03-06 01:54 - 2014-03-06 01:54 - 00283016 _____ (Mozilla) C:\Users\Lu\Downloads\Firefox Setup Stub 27.0.1.exe
2014-03-06 01:46 - 2014-03-06 01:46 - 00009994 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-06 00:42 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-03-05 22:06 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\registration
2014-03-05 04:57 - 2013-11-19 21:04 - 00022085 _____ () C:\Windows\IE11_main.log
2014-03-05 04:27 - 2010-06-25 20:50 - 00015872 _____ () C:\Users\Lu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-05 02:42 - 2014-03-05 01:47 - 00000000 ____D () C:\Users\Lu\AppData\Local\Avg2014
2014-03-05 02:01 - 2014-03-05 02:01 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\AVG2014
2014-03-05 01:58 - 2014-03-05 01:58 - 00000000 ____D () C:\Windows\system32\%systemroot%
2014-03-05 01:58 - 2014-03-05 01:58 - 00000000 ____D () C:\Program Files\AVG
2014-03-05 01:17 - 2014-03-05 01:17 - 00000000 _____ () C:\Windows\system32\Drivers\utm0nziw.sys
2014-03-05 01:04 - 2014-03-03 15:51 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab
2014-03-05 01:04 - 2014-03-03 15:51 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-05 00:30 - 2014-03-02 14:41 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-04 20:05 - 2014-03-04 20:01 - 00000000 ____D () C:\Program Files\Oasis Games Limited
2014-03-04 20:02 - 2014-02-27 21:04 - 00000000 ____D () C:\Users\Todos os Usuários\Log
2014-03-04 20:02 - 2014-02-27 21:04 - 00000000 ____D () C:\ProgramData\Log
2014-03-04 19:54 - 2014-03-03 20:13 - 00000000 ____D () C:\Program Files\MiPony
2014-03-04 19:54 - 2013-12-05 15:47 - 00000000 ____D () C:\Program Files\FlvPlayer
2014-03-03 21:21 - 2014-03-03 19:55 - 00000000 ____D () C:\Program Files\Xvid
2014-03-03 21:13 - 2010-01-09 09:50 - 00000000 ____D () C:\Users\Lu\AppData\Local\CrashDumps
2014-03-03 21:12 - 2014-03-03 15:27 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-03-03 21:12 - 2014-03-03 15:05 - 00000000 ____D () C:\Users\Todos os Usuários\DivX
2014-03-03 21:12 - 2014-03-03 15:05 - 00000000 ____D () C:\ProgramData\DivX
2014-03-03 21:10 - 2014-03-03 21:00 - 00000000 ____D () C:\Program Files\FineRecovery
2014-03-03 21:08 - 2014-03-03 15:05 - 00000000 ____D () C:\Program Files\DSP-worx
2014-03-03 21:00 - 2014-03-03 21:00 - 00000000 ____D () C:\Users\Lu\AppData\Local\CrashRpt
2014-03-03 20:39 - 2014-03-04 20:14 - 00311312 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\6051418.sys
2014-03-03 20:39 - 2014-03-04 20:14 - 00128016 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\60514181.sys
2014-03-03 20:39 - 2014-03-04 20:14 - 00037392 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\60514182.sys
2014-03-03 20:19 - 2014-03-03 20:19 - 00000000 ____D () C:\Users\Todos os Usuários\Martau
2014-03-03 20:19 - 2014-03-03 20:19 - 00000000 ____D () C:\ProgramData\Martau
2014-03-03 20:19 - 2014-03-03 20:18 - 00000000 ____D () C:\Program Files\Total Uninstall 6
2014-03-03 20:13 - 2014-03-03 20:13 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony
2014-03-03 20:13 - 2014-03-03 20:13 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\1H1Q
2014-03-03 18:40 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-03 16:39 - 2010-01-09 09:22 - 00118080 _____ () C:\Users\Lu\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-03 16:37 - 2009-07-14 01:33 - 00463512 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-03 15:45 - 2014-03-03 15:18 - 135005840 _____ ( ) C:\Users\Lu\Desktop\kaspersky.exe
2014-03-03 15:33 - 2014-03-03 15:31 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\DivX
2014-03-03 15:05 - 2014-03-03 15:05 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\LavFilters
2014-03-03 15:05 - 2014-03-03 15:05 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\CDXReader
2014-03-02 21:16 - 2013-04-03 23:43 - 00000000 ____D () C:\Program Files\FreeTime
2014-03-02 20:01 - 2014-03-02 20:01 - 00000000 _____ () C:\Users\Lu\AppData\Roaming\FileShred.log
2014-03-02 16:02 - 2013-11-14 18:16 - 00000008 _____ () C:\Windows\audaces.ini
2014-03-02 13:59 - 2014-03-02 13:59 - 00029400 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpndisrdn.sys
2014-03-02 13:58 - 2013-06-30 21:34 - 00000000 ____D () C:\Windows\system32\SPReview
2014-03-02 13:58 - 2009-12-09 23:03 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-03-02 13:58 - 2009-12-09 23:03 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-03-02 13:58 - 2009-12-09 22:54 - 00000000 ____D () C:\Program Files\Faces
2014-03-02 13:58 - 2009-12-09 22:52 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-03-02 13:58 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-03-02 13:58 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-02 13:58 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\rescache
2014-03-02 13:57 - 2014-02-22 12:13 - 00000000 ____D () C:\Segnas
2014-03-02 13:57 - 2013-11-29 10:39 - 00000000 ____D () C:\Program Files\Jap.fm
2014-03-02 13:57 - 2013-11-14 18:26 - 00000000 ____D () C:\Program Files\Apple Software Update
2014-03-02 13:57 - 2013-11-05 02:31 - 00000000 ____D () C:\Program Files\PDF Image Extraction Wizard
2014-03-02 13:57 - 2013-08-23 22:56 - 00000000 ____D () C:\Program Files\Paint.NET
2014-03-02 13:57 - 2013-08-23 22:41 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\PhotoScape
2014-03-02 13:57 - 2013-08-23 22:40 - 00000000 ____D () C:\Program Files\PhotoScape
2014-03-02 13:57 - 2013-07-05 20:14 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-02 13:57 - 2013-06-05 16:55 - 00000000 ____D () C:\Program Files\WinRAR
2014-03-02 13:57 - 2012-11-28 16:12 - 00000000 ____D () C:\Program Files\jFinanças Pessoal 2012
2014-03-02 13:57 - 2010-01-10 14:52 - 00000000 ____D () C:\Program Files\QuickTime
2014-03-02 13:53 - 2010-01-09 09:22 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\Adobe
2014-03-02 13:50 - 2009-12-09 22:53 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-02 13:50 - 2009-12-09 22:53 - 00000000 ____D () C:\Program Files\Adobe
2014-03-01 15:32 - 2014-02-27 22:28 - 00000000 ____D () C:\Users\Todos os Usuários\AVAST Software
2014-03-01 15:32 - 2014-02-27 22:28 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-01 15:20 - 2014-02-27 21:10 - 00000000 ____D () C:\Users\Lu\AppData\Local\DoNotTrackPlus
2014-02-28 19:48 - 2014-02-28 19:48 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-02-28 19:48 - 2014-02-28 19:48 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\Malwarebytes
2014-02-28 19:48 - 2014-02-28 19:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-27 23:36 - 2014-02-27 23:36 - 00262144 _____ () C:\Windows\system32\config\elam
2014-02-27 20:55 - 2014-02-27 20:55 - 00000000 ____D () C:\Users\Todos os Usuários\CheckPoint
2014-02-27 20:55 - 2014-02-27 20:55 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-02-27 19:30 - 2014-02-27 19:30 - 00000000 ____H () C:\Users\Lu\Documents\Default.rdp
2014-02-25 01:04 - 2014-02-25 01:04 - 00001475 _____ () C:\Users\Lu\Desktop\YouTube.url
2014-02-24 22:45 - 2010-01-09 09:33 - 00000000 ____D () C:\Users\Lu\AppData\Local\Adobe
2014-02-23 23:07 - 2013-08-23 23:20 - 00000000 ____D () C:\Users\Lu\.gimp-2.8
2014-02-23 23:06 - 2014-02-23 23:06 - 00001481 _____ () C:\Users\Lu\AppData\Local\recently-used.xbel
2014-02-23 23:06 - 2013-08-24 00:37 - 00000000 ____D () C:\Users\Lu\.thumbnails
2014-02-23 22:59 - 2013-08-23 22:56 - 00000000 ____D () C:\Users\Lu\AppData\Local\Paint.NET
2014-02-23 22:42 - 2014-01-01 13:32 - 00019456 ____H () C:\Users\Lu\Desktop\photothumb.db
2014-02-22 18:52 - 2013-11-15 13:02 - 00000000 ____D () C:\output
2014-02-22 13:01 - 2014-02-22 12:51 - 00000000 ____D () C:\Users\Lu\AppData\Local\cache
2014-02-22 12:51 - 2014-02-22 12:51 - 00000000 ____D () C:\Users\Lu\.android
2014-02-22 12:44 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\Resources
2014-02-22 12:15 - 2014-02-22 12:15 - 00000029 _____ () C:\Windows\system32\config.ini
2014-02-20 22:25 - 2013-07-10 22:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-20 22:25 - 2013-07-10 22:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-12 20:29 - 2013-08-15 02:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 20:27 - 2013-06-29 03:25 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-12 10:15 - 2014-02-12 10:15 - 00001014 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2631333086-1251509141-173655686-1000Core1cf27f47b41858d.job
2014-02-10 20:32 - 2014-02-10 20:32 - 01152656 _____ () C:\Windows\system32\MovieMode.48CA2AEFA22D.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-20 00:08
==================== End Of Log ============================
Seguem o relatório do FRST, só não deu para salvar o programa, não apareceu a janela pedindo para salvar
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-03-2014
Ran by Lu (administrator) on LU-PC on 11-03-2014 05:53:49
Running from C:\Users\Lu\Downloads
Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: Portuguese Brazilian
Internet Explorer Version 9
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(GAS Tecnologia) C:\Program Files\GbPlugin\gbpsv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\system32\CISVC.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Windows\system32\mqsvc.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Microsoft Corporation) C:\Windows\System32\tcpsvcs.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\NST.exe
(Symantec Corporation) C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\NAV.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Positivo Informática) C:\Program Files\Positivo Informática\Recovery\Recovery2.exe
(Positivo Informática ) C:\Program Files\Positivo Informática\SW_Cadastro\Monitor.exe
(OpenOffice.org) C:\Program Files\BrOffice.org 2.4\program\soffice.exe
(OpenOffice.org) C:\Program Files\BrOffice.org 2.4\program\soffice.BIN
(Positivo Informática ) C:\Program Files\Positivo Informática\SW_Cadastro\Registro.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\wuauclt.exe
==================== Registry (Whitelisted) ==================
Winlogon\Notify\ GbPluginBb: C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)
HKU\S-1-5-19\...\Winlogon: [Shell] Explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] Explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION
IFEO\bpsvc.exe: [Debugger] tasklist.exe
Startup: C:\Users\Lu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BrOffice.org 2.4.lnk
ShortcutTarget: BrOffice.org 2.4.lnk -> C:\Program Files\BrOffice.org 2.4\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBCAA048AAB3CCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
BHO: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll (Banco do Brasil)
BHO: Jap.fm - {cc018c22-4de8-431f-9a1b-964bc51844a3} - C:\Program Files\Jap.fm\jap.fm.dll (Jap.fm Company)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Identity Safe Toolbar - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\coIEPlg.dll (Symantec Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 189.7.104.16 189.7.104.22 201.6.4.116
Tcpip\..\Interfaces\{9D1DA1F1-798A-4343-92B9-F1C9E3B3E367}: [NameServer]8.26.56.26,156.154.70.22
FireFox:
========
FF ProfilePath: C:\Users\Lu\AppData\Roaming\Mozilla\Firefox\Profiles\2hhbp2z6.default
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Lu\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Lu\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Lu\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\buscape.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\mercadolivre.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-br.xml
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.1.0.18\IPSFF [2014-03-09]
FF HKLM\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn\ []
Chrome:
=======
CHR DefaultSearchKeyword: google.com.br
CHR Plugin: (Google Talk Plugin) - c:\users\lu\appdata\roaming\mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - c:\users\lu\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (Google Talk Plugin Video Renderer) - c:\users\lu\appdata\roaming\mozilla\plugins\npo1d.dll (Google)
CHR Plugin: (Google Earth Plugin) - c:\program files\google\google earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Photo Gallery) - c:\program files\windows live\photo gallery\npwlpg.dll (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.6) - c:\program files\quicktime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - c:\program files\quicktime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - c:\program files\quicktime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - c:\program files\quicktime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - c:\program files\quicktime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - c:\program files\quicktime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6) - c:\program files\quicktime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Extension: (Foxtab Speed Dial (Beta)) - C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcendgajlhoaiiccpijilcpmgphfflnj [2013-08-21]
CHR Extension: (Google Wallet) - C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Norton Identity Protection) - C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob [2014-03-09]
CHR HKLM\...\Chrome\Extension: [kcendgajlhoaiiccpijilcpmgphfflnj] - C:\Users\Lu\AppData\Local\newhb.crx [2013-08-01]
CHR HKLM\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\Exts\Chrome.crx [2014-03-10]
========================== Services (Whitelisted) =================
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [4163584 2014-03-09] (Emsisoft GmbH)
R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [132424 2009-03-05] (Apple Inc.)
R2 GbpSv; C:\Program Files\GbPlugin\gbpsv.exe [519720 2014-02-21] (GAS Tecnologia)
R2 iprip; C:\Windows\System32\iprip.dll [29696 2009-07-13] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [8704 2009-07-13] (Microsoft Corporation)
R2 NAV; C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\NAV.exe [262288 2013-10-08] (Symantec Corporation)
R2 NCO; C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\NST.exe [129424 2013-10-06] (Symantec Corporation)
==================== Drivers (Whitelisted) ====================
R1 360FileOem; C:\Windows\system32\drivers\360FileOem.sys [152880 2013-07-10] (360.cn)
R0 360HookOem; C:\Windows\System32\drivers\360HookOEM.sys [61488 2013-07-10] (360安全中心)
R1 360RegOem; C:\Windows\system32\drivers\360RegOem.sys [29744 2013-07-10] (360安全中心)
R1 360SpOEM; C:\Windows\System32\drivers\360SpOEM.sys [64048 2013-07-10] (360安全中心)
R1 60514181; C:\Windows\System32\DRIVERS\60514181.sys [128016 2014-03-03] (Kaspersky Lab)
R0 60514182; C:\Windows\System32\DRIVERS\60514182.sys [37392 2014-03-03] (Kaspersky Lab)
S3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [57944 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R1 BHDrvx86; C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx86.sys [1098968 2014-02-14] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAV\1501000.012\ccSetx86.sys [127064 2013-09-25] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NST\7DE06000.01B\ccSetx86.sys [127064 2013-09-27] (Symantec Corporation)
S3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50200 2013-12-04] (Emsisoft GmbH)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2014-03-08] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2014-03-08] (Symantec Corporation)
R0 GbpKm; C:\Windows\System32\drivers\gbpkm.sys [49536 2013-05-08] (GAS Tecnologia)
R1 IDSVix86; C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\IPSDefs\20140309.001\IDSvix86.sys [395992 2014-03-07] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [141824 2010-11-20] (Microsoft Corporation)
R3 NAVENG; C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140310.033\NAVENG.SYS [93272 2014-03-08] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton AntiVirus\NortonData\21.1.0.18\Definitions\VirusDefs\20140310.033\NAVEX15.SYS [1612376 2014-03-08] (Symantec Corporation)
R1 Ndisrd; C:\Windows\System32\DRIVERS\gbpndisrdn.sys [29400 2014-03-02] (GAS Tecnologia)
R1 SRTSP; C:\Windows\system32\drivers\NAV\1501000.012\SRTSP.SYS [651352 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAV\1501000.012\SRTSPX.SYS [32344 2013-09-09] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAV\1501000.012\SYMDS.SYS [367704 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAV\1501000.012\SYMEFA.SYS [935512 2013-09-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2014-03-08] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAV\1501000.012\Ironx86.SYS [206936 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NAV\1501000.012\SYMNETS.SYS [446552 2013-09-26] (Symantec Corporation)
S3 utm0nziw; C:\Windows\system32\Drivers\utm0nziw.sys [0 2014-03-05] ()
S3 BdApiUtil; \??\C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.sys [X]
S0 Bhbase; System32\drivers\Bhbase.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 NdisrdMP; system32\DRIVERS\gbpndisrd.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-11 05:53 - 2014-03-11 05:55 - 00015146 _____ () C:\Users\Lu\Downloads\FRST.txt
2014-03-11 05:53 - 2014-03-11 05:53 - 00000000 ____D () C:\FRST
2014-03-11 05:52 - 2014-03-11 05:53 - 01145856 _____ (Farbar) C:\Users\Lu\Downloads\FRST.exe
2014-03-10 17:29 - 2014-03-10 17:29 - 00001349 _____ () C:\Users\Lu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-10 17:26 - 2014-03-10 16:59 - 00005460 _____ () C:\Users\Lu\Desktop\ZHPFixReport.txt
2014-03-10 17:07 - 2014-03-10 17:07 - 00005460 _____ () C:\Users\Lu\Documents\nicolas colman.txt
2014-03-10 17:01 - 2014-03-10 17:01 - 00000000 ____D () C:\Users\Lu\Desktop\Nicolas
2014-03-09 23:11 - 2014-03-09 23:11 - 00048756 _____ () C:\Users\Lu\Desktop\ZHPDiag.txt
2014-03-09 23:06 - 2014-03-09 23:06 - 00001893 _____ () C:\Users\Lu\Desktop\ZHPFix.lnk
2014-03-09 23:06 - 2014-03-09 23:06 - 00001766 _____ () C:\Users\Lu\Desktop\ZHPDiag.lnk
2014-03-09 23:05 - 2014-03-10 17:26 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\ZHP
2014-03-09 23:05 - 2014-03-09 23:06 - 00000000 ____D () C:\Program Files\ZHPDiag
2014-03-09 23:03 - 2014-03-09 23:05 - 06866603 _____ (Nicolas Coolman ) C:\Users\Lu\Downloads\ZHPDiag2.exe
2014-03-09 22:30 - 2014-03-09 22:30 - 00001907 _____ () C:\Users\Lu\Desktop\JRT.txt
2014-03-09 22:29 - 2014-03-09 22:29 - 00000000 ____D () C:\Windows\ERUNT
2014-03-09 22:28 - 2014-03-09 22:28 - 01037734 _____ (Thisisu) C:\Users\Lu\Downloads\JRT.exe
2014-03-09 22:23 - 2014-03-09 22:23 - 00668480 _____ ( ) C:\Users\Lu\Downloads\DownloadManagerSetup.exe
2014-03-09 22:23 - 2014-03-09 22:23 - 00668480 _____ ( ) C:\Users\Lu\Downloads\DownloadManagerSetup (1).exe
2014-03-09 21:36 - 2014-03-09 21:36 - 00000095 _____ () C:\files.log
2014-03-09 21:36 - 2014-03-09 21:13 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-09 21:32 - 2014-03-09 21:36 - 00000000 ____D () C:\zoek
2014-03-09 21:20 - 2014-03-09 21:40 - 00013320 _____ () C:\zoek-results.log
2014-03-09 21:19 - 2014-03-09 21:20 - 00000000 ____D () C:\Users\Lu\Downloads\zoek (1)
2014-03-09 21:18 - 2014-03-09 21:19 - 04095370 _____ () C:\Users\Lu\Downloads\zoek (1).zip
2014-03-09 21:15 - 2014-03-09 21:17 - 04095370 _____ () C:\Users\Lu\Downloads\zoek.zip
2014-03-09 21:14 - 2014-03-09 21:14 - 01285120 _____ () C:\Users\Lu\Downloads\zoek (1).exe
2014-03-09 21:13 - 2014-03-09 21:32 - 00000000 ____D () C:\zoek_backup
2014-03-09 21:13 - 2014-03-09 21:13 - 01285120 _____ () C:\Users\Lu\Downloads\zoek.exe
2014-03-09 20:22 - 2014-03-09 20:23 - 01244192 _____ () C:\Users\Lu\Downloads\AdwCleaner (1).exe
2014-03-09 16:11 - 2014-03-09 16:11 - 00667272 _____ ( ) C:\Users\Lu\Downloads\ZipSetup.exe
2014-03-09 16:09 - 2014-03-09 16:10 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lu\Downloads\HijackThis (1).exe
2014-03-09 14:29 - 2014-03-09 14:29 - 00001009 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-03-09 14:28 - 2014-03-09 20:29 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2014-03-09 14:28 - 2014-03-09 14:28 - 00000000 ____D () C:\Users\Lu\Documents\Anti-Malware
2014-03-09 14:09 - 2014-03-09 14:10 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lu\Downloads\HijackThis.exe
2014-03-09 13:50 - 2014-03-09 14:27 - 224608616 _____ (Emsisoft GmbH ) C:\Users\Lu\Downloads\EmsisoftAntiMalwareSetup.exe
2014-03-09 13:41 - 2014-03-09 13:42 - 00987442 _____ () C:\Users\Lu\Downloads\SecurityCheck.exe
2014-03-09 12:40 - 2014-03-09 23:35 - 00000000 ____D () C:\AdwCleaner
2014-03-09 12:39 - 2014-03-09 12:40 - 01244192 _____ () C:\Users\Lu\Downloads\AdwCleaner.exe
2014-03-09 12:35 - 2014-03-09 12:36 - 00683008 _____ ( ) C:\Users\Lu\Downloads\adwcleaner-3-012-52716-br-setup.exe
2014-03-09 12:35 - 2014-03-09 12:35 - 00683008 _____ ( ) C:\Users\Lu\Downloads\Não confirmado 586394.crdownload
2014-03-09 02:02 - 2014-03-09 02:03 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-09 02:02 - 2014-03-09 02:02 - 00001027 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-09 02:01 - 2014-03-09 02:03 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lu\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-03-09 01:59 - 2014-03-09 02:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lu\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-09 00:56 - 2014-03-09 12:23 - 00000000 ____D () C:\Users\Lu\AppData\Local\NPE
2014-03-08 22:45 - 2014-03-08 22:45 - 00000448 _____ () C:\Windows\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job
2014-03-08 22:07 - 2014-03-09 00:57 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-03-08 22:07 - 2014-03-08 22:07 - 00142936 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2014-03-08 22:07 - 2014-03-08 22:07 - 00008194 _____ () C:\Windows\system32\Drivers\SYMEVENT.CAT
2014-03-08 22:07 - 2014-03-08 22:07 - 00002351 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-03-08 22:07 - 2014-03-08 22:07 - 00000000 ____D () C:\Windows\system32\Drivers\NST
2014-03-08 22:07 - 2014-03-08 22:07 - 00000000 ____D () C:\Program Files\Norton Identity Safe
2014-03-08 22:06 - 2014-03-08 22:06 - 00000000 ____D () C:\Windows\system32\Drivers\NAV
2014-03-08 22:06 - 2014-03-08 22:06 - 00000000 ____D () C:\Program Files\Norton AntiVirus
2014-03-08 21:37 - 2014-03-08 22:06 - 221064696 ____N (Symantec Corporation) C:\Users\Lu\Downloads\NAV-TW-21.1.0-BR.exe
2014-03-08 21:24 - 2014-03-09 00:46 - 00001224 _____ () C:\Windows\system32\PCloudCleanerService.log
2014-03-08 21:12 - 2014-03-08 21:12 - 00000000 _____ () C:\Windows\SETUP.LST
2014-03-08 02:46 - 2014-03-08 02:46 - 00001200 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-03-08 02:46 - 2014-03-08 02:46 - 00000000 ____D () C:\Program Files\Panda Security
2014-03-08 02:42 - 2014-03-08 02:46 - 27969272 _____ (Panda Security ) C:\Users\Lu\Downloads\PandaCloudCleaner.exe
2014-03-07 20:11 - 2014-03-07 22:34 - 938475520 _____ () C:\Users\Lu\Downloads\ubuntu-13.10-desktop-i386.iso
2014-03-07 19:18 - 2014-03-07 19:18 - 00000000 _____ () C:\Windows\system32\Drivers\GDWFPCD32.SYS
2014-03-07 19:08 - 2014-03-07 19:08 - 00016048 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2014-03-07 03:01 - 2014-02-05 05:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-07 03:01 - 2014-02-05 05:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-07 03:01 - 2014-02-05 05:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-07 03:01 - 2014-02-05 05:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-07 03:01 - 2014-02-05 05:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-07 03:01 - 2014-02-05 05:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-07 03:01 - 2014-02-05 05:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-07 03:01 - 2014-02-05 05:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-07 03:01 - 2014-02-05 05:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-07 03:01 - 2014-02-05 05:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-07 03:01 - 2014-02-05 05:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-07 03:01 - 2014-02-05 05:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-07 03:01 - 2014-02-05 05:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-07 03:01 - 2014-02-05 05:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-07 03:01 - 2014-02-05 05:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-07 03:01 - 2014-02-05 05:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-07 02:37 - 2014-03-07 02:37 - 00000000 ____D () C:\Users\Lu\AppData\Local\COMODO
2014-03-06 22:10 - 2014-03-06 22:55 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-03-06 22:07 - 2014-03-06 22:07 - 00000000 ___HD () C:\VritualRoot
2014-03-06 21:52 - 2014-03-08 22:46 - 00000000 ____D () C:\Users\Todos os Usuários\CPA_VA
2014-03-06 21:52 - 2014-03-08 22:46 - 00000000 ____D () C:\ProgramData\CPA_VA
2014-03-06 21:29 - 2014-03-08 19:47 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-03-06 21:27 - 2014-03-06 22:41 - 00000000 ____D () C:\Users\Todos os Usuários\Comodo
2014-03-06 21:27 - 2014-03-06 22:41 - 00000000 ____D () C:\ProgramData\Comodo
2014-03-06 21:27 - 2014-03-06 21:28 - 00000000 ____D () C:\Program Files\COMODO
2014-03-06 21:27 - 2014-03-06 21:27 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\gdiplus.dll
2014-03-06 21:27 - 2014-03-06 21:27 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
2014-03-06 21:27 - 2014-03-06 21:27 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2014-03-06 21:22 - 2014-03-06 21:27 - 00000000 ____D () C:\Users\Todos os Usuários\Comodo Downloader
2014-03-06 21:22 - 2014-03-06 21:27 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-03-06 21:20 - 2014-03-06 21:21 - 03862856 _____ (COMODO) C:\Users\Lu\Desktop\cav_installer(1).exe
2014-03-06 21:19 - 2014-03-06 21:20 - 03862856 _____ (COMODO) C:\Users\Lu\Desktop\cav_installer.exe
2014-03-06 02:37 - 2014-03-06 02:37 - 01071000 _____ (Solid State Networks) C:\Users\Lu\Downloads\install_flashplayer12x32_mssa_aaa_aih.exe
2014-03-06 01:59 - 2014-03-06 01:59 - 00001065 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-06 01:59 - 2014-03-06 01:59 - 00000000 ____D () C:\Users\Todos os Usuários\Mozilla
2014-03-06 01:59 - 2014-03-06 01:59 - 00000000 ____D () C:\Users\Lu\AppData\Local\Mozilla
2014-03-06 01:59 - 2014-03-06 01:59 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-06 01:59 - 2014-03-06 01:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-06 01:54 - 2014-03-06 01:54 - 00283016 _____ (Mozilla) C:\Users\Lu\Downloads\Firefox Setup Stub 27.0.1.exe
2014-03-06 01:46 - 2014-03-06 01:46 - 00009994 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-05 02:01 - 2014-03-05 02:01 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\AVG2014
2014-03-05 01:59 - 2014-03-08 17:56 - 00000000 ____D () C:\Users\Todos os Usuários\AVG2014
2014-03-05 01:59 - 2014-03-08 17:56 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-05 01:58 - 2014-03-05 01:58 - 00000000 ____D () C:\Windows\system32\%systemroot%
2014-03-05 01:58 - 2014-03-05 01:58 - 00000000 ____D () C:\Program Files\AVG
2014-03-05 01:47 - 2014-03-05 02:42 - 00000000 ____D () C:\Users\Lu\AppData\Local\Avg2014
2014-03-05 01:17 - 2014-03-05 01:17 - 00000000 _____ () C:\Windows\system32\Drivers\utm0nziw.sys
2014-03-04 20:14 - 2014-03-03 20:39 - 00311312 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\6051418.sys
2014-03-04 20:14 - 2014-03-03 20:39 - 00128016 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\60514181.sys
2014-03-04 20:14 - 2014-03-03 20:39 - 00037392 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\60514182.sys
2014-03-04 20:01 - 2014-03-04 20:05 - 00000000 ____D () C:\Program Files\Oasis Games Limited
2014-03-03 21:00 - 2014-03-03 21:10 - 00000000 ____D () C:\Program Files\FineRecovery
2014-03-03 21:00 - 2014-03-03 21:00 - 00000000 ____D () C:\Users\Lu\AppData\Local\CrashRpt
2014-03-03 20:19 - 2014-03-03 20:19 - 00000000 ____D () C:\Users\Todos os Usuários\Martau
2014-03-03 20:19 - 2014-03-03 20:19 - 00000000 ____D () C:\ProgramData\Martau
2014-03-03 20:18 - 2014-03-03 20:19 - 00000000 ____D () C:\Program Files\Total Uninstall 6
2014-03-03 20:13 - 2014-03-04 19:54 - 00000000 ____D () C:\Program Files\MiPony
2014-03-03 20:13 - 2014-03-03 20:13 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony
2014-03-03 20:13 - 2014-03-03 20:13 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\1H1Q
2014-03-03 19:55 - 2014-03-03 21:21 - 00000000 ____D () C:\Program Files\Xvid
2014-03-03 17:54 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-03 15:51 - 2014-03-05 01:04 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab
2014-03-03 15:51 - 2014-03-05 01:04 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-03 15:31 - 2014-03-03 15:33 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\DivX
2014-03-03 15:27 - 2014-03-03 21:12 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-03-03 15:18 - 2014-03-03 15:45 - 135005840 _____ ( ) C:\Users\Lu\Desktop\kaspersky.exe
2014-03-03 15:05 - 2014-03-03 21:12 - 00000000 ____D () C:\Users\Todos os Usuários\DivX
2014-03-03 15:05 - 2014-03-03 21:12 - 00000000 ____D () C:\ProgramData\DivX
2014-03-03 15:05 - 2014-03-03 21:08 - 00000000 ____D () C:\Program Files\DSP-worx
2014-03-03 15:05 - 2014-03-03 15:05 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\LavFilters
2014-03-03 15:05 - 2014-03-03 15:05 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\CDXReader
2014-03-02 20:01 - 2014-03-02 20:01 - 00000000 _____ () C:\Users\Lu\AppData\Roaming\FileShred.log
2014-03-02 14:41 - 2014-03-05 00:30 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-02 13:59 - 2014-03-02 13:59 - 00029400 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpndisrdn.sys
2014-03-01 17:32 - 2014-03-07 19:19 - 00000000 ____D () C:\Program Files\Common Files\G Data
2014-03-01 17:31 - 2014-03-07 19:19 - 00000000 ____D () C:\Users\Todos os Usuários\G Data
2014-03-01 17:31 - 2014-03-07 19:19 - 00000000 ____D () C:\ProgramData\G Data
2014-02-28 19:48 - 2014-02-28 19:48 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-02-28 19:48 - 2014-02-28 19:48 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\Malwarebytes
2014-02-28 19:48 - 2014-02-28 19:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-27 23:36 - 2014-02-27 23:36 - 00262144 _____ () C:\Windows\system32\config\elam
2014-02-27 22:28 - 2014-03-01 15:32 - 00000000 ____D () C:\Users\Todos os Usuários\AVAST Software
2014-02-27 22:28 - 2014-03-01 15:32 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-27 21:10 - 2014-03-01 15:20 - 00000000 ____D () C:\Users\Lu\AppData\Local\DoNotTrackPlus
2014-02-27 21:04 - 2014-03-04 20:02 - 00000000 ____D () C:\Users\Todos os Usuários\Log
2014-02-27 21:04 - 2014-03-04 20:02 - 00000000 ____D () C:\ProgramData\Log
2014-02-27 20:55 - 2014-02-27 20:55 - 00000000 ____D () C:\Users\Todos os Usuários\CheckPoint
2014-02-27 20:55 - 2014-02-27 20:55 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-02-27 19:30 - 2014-02-27 19:30 - 00000000 ____H () C:\Users\Lu\Documents\Default.rdp
2014-02-25 01:04 - 2014-02-25 01:04 - 00001475 _____ () C:\Users\Lu\Desktop\YouTube.url
2014-02-23 23:06 - 2014-02-23 23:06 - 00001481 _____ () C:\Users\Lu\AppData\Local\recently-used.xbel
2014-02-22 12:51 - 2014-02-22 13:01 - 00000000 ____D () C:\Users\Lu\AppData\Local\cache
2014-02-22 12:51 - 2014-02-22 12:51 - 00000000 ____D () C:\Users\Lu\.android
2014-02-22 12:15 - 2014-02-22 12:15 - 00000029 _____ () C:\Windows\system32\config.ini
2014-02-22 12:13 - 2014-03-02 13:57 - 00000000 ____D () C:\Segnas
2014-02-22 12:13 - 2008-07-05 13:30 - 00001351 _____ () C:\Windows\system32\Receitas.dll
2014-02-22 12:13 - 2004-08-04 00:45 - 00561179 _____ (Microsoft Corporation) C:\Windows\system32\dao360.dll
2014-02-22 12:13 - 1998-06-18 00:00 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\VB6STKIT.DLL
2014-02-12 19:25 - 2013-12-31 20:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-12 19:25 - 2013-12-05 23:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 19:25 - 2013-12-05 23:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-12 19:24 - 2013-12-24 20:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 19:24 - 2013-12-03 23:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-12 19:24 - 2013-12-03 23:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-12 19:24 - 2013-12-03 23:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-12 19:24 - 2013-12-03 23:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-12 19:24 - 2013-12-03 23:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 19:24 - 2013-12-03 22:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-12 19:24 - 2013-12-03 22:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-12 19:24 - 2013-12-03 22:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-12 19:24 - 2013-12-03 22:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-12 19:24 - 2013-11-26 05:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 10:15 - 2014-02-12 10:15 - 00001014 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2631333086-1251509141-173655686-1000Core1cf27f47b41858d.job
2014-02-10 20:32 - 2014-02-10 20:32 - 01152656 _____ () C:\Windows\system32\MovieMode.48CA2AEFA22D.dll
==================== One Month Modified Files and Folders =======
2014-03-11 05:55 - 2014-03-11 05:53 - 00015146 _____ () C:\Users\Lu\Downloads\FRST.txt
2014-03-11 05:53 - 2014-03-11 05:53 - 00000000 ____D () C:\FRST
2014-03-11 05:53 - 2014-03-11 05:52 - 01145856 _____ (Farbar) C:\Users\Lu\Downloads\FRST.exe
2014-03-11 05:33 - 2009-07-14 01:34 - 00016160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-11 05:33 - 2009-07-14 01:34 - 00016160 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-11 05:30 - 2010-01-09 09:21 - 01357487 _____ () C:\Windows\WindowsUpdate.log
2014-03-11 05:26 - 2013-08-21 20:32 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\BrOffice.org2
2014-03-11 05:26 - 2013-06-05 16:23 - 00001044 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-11 05:25 - 2013-10-09 20:36 - 00000000 ____D () C:\Users\Todos os Usuários\GbPlugin
2014-03-11 05:25 - 2013-10-09 20:36 - 00000000 ____D () C:\ProgramData\GbPlugin
2014-03-11 05:25 - 2009-12-09 23:13 - 00579770 _____ () C:\Windows\PFRO.log
2014-03-11 05:25 - 2009-07-14 01:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-11 05:25 - 2009-07-14 01:39 - 00101574 _____ () C:\Windows\setupact.log
2014-03-10 21:58 - 2013-07-05 20:14 - 00000000 ____D () C:\Users\Todos os Usuários\Skype
2014-03-10 21:58 - 2013-07-05 20:14 - 00000000 ____D () C:\ProgramData\Skype
2014-03-10 21:57 - 2013-06-05 16:23 - 00001048 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-10 21:23 - 2013-07-10 22:22 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-10 20:07 - 2013-07-05 20:14 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\Skype
2014-03-10 20:04 - 2013-10-09 20:36 - 00000000 ____D () C:\Program Files\GbPlugin
2014-03-10 17:29 - 2014-03-10 17:29 - 00001349 _____ () C:\Users\Lu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-10 17:28 - 2010-01-10 14:53 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-10 17:26 - 2014-03-09 23:05 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\ZHP
2014-03-10 17:07 - 2014-03-10 17:07 - 00005460 _____ () C:\Users\Lu\Documents\nicolas colman.txt
2014-03-10 17:01 - 2014-03-10 17:01 - 00000000 ____D () C:\Users\Lu\Desktop\Nicolas
2014-03-10 16:59 - 2014-03-10 17:26 - 00005460 _____ () C:\Users\Lu\Desktop\ZHPFixReport.txt
2014-03-10 16:58 - 2013-06-13 23:56 - 00000000 ____D () C:\Program Files\Baidu Security
2014-03-09 23:35 - 2014-03-09 12:40 - 00000000 ____D () C:\AdwCleaner
2014-03-09 23:11 - 2014-03-09 23:11 - 00048756 _____ () C:\Users\Lu\Desktop\ZHPDiag.txt
2014-03-09 23:06 - 2014-03-09 23:06 - 00001893 _____ () C:\Users\Lu\Desktop\ZHPFix.lnk
2014-03-09 23:06 - 2014-03-09 23:06 - 00001766 _____ () C:\Users\Lu\Desktop\ZHPDiag.lnk
2014-03-09 23:06 - 2014-03-09 23:05 - 00000000 ____D () C:\Program Files\ZHPDiag
2014-03-09 23:05 - 2014-03-09 23:03 - 06866603 _____ (Nicolas Coolman ) C:\Users\Lu\Downloads\ZHPDiag2.exe
2014-03-09 22:49 - 2013-11-29 10:39 - 00000286 __RSH () C:\Users\Lu\ntuser.pol
2014-03-09 22:49 - 2010-01-09 09:22 - 00000000 ____D () C:\Users\Lu
2014-03-09 22:30 - 2014-03-09 22:30 - 00001907 _____ () C:\Users\Lu\Desktop\JRT.txt
2014-03-09 22:29 - 2014-03-09 22:29 - 00000000 ____D () C:\Windows\ERUNT
2014-03-09 22:28 - 2014-03-09 22:28 - 01037734 _____ (Thisisu) C:\Users\Lu\Downloads\JRT.exe
2014-03-09 22:23 - 2014-03-09 22:23 - 00668480 _____ ( ) C:\Users\Lu\Downloads\DownloadManagerSetup.exe
2014-03-09 22:23 - 2014-03-09 22:23 - 00668480 _____ ( ) C:\Users\Lu\Downloads\DownloadManagerSetup (1).exe
2014-03-09 21:40 - 2014-03-09 21:20 - 00013320 _____ () C:\zoek-results.log
2014-03-09 21:36 - 2014-03-09 21:36 - 00000095 _____ () C:\files.log
2014-03-09 21:36 - 2014-03-09 21:32 - 00000000 ____D () C:\zoek
2014-03-09 21:32 - 2014-03-09 21:13 - 00000000 ____D () C:\zoek_backup
2014-03-09 21:20 - 2014-03-09 21:19 - 00000000 ____D () C:\Users\Lu\Downloads\zoek (1)
2014-03-09 21:19 - 2014-03-09 21:18 - 04095370 _____ () C:\Users\Lu\Downloads\zoek (1).zip
2014-03-09 21:17 - 2014-03-09 21:15 - 04095370 _____ () C:\Users\Lu\Downloads\zoek.zip
2014-03-09 21:14 - 2014-03-09 21:14 - 01285120 _____ () C:\Users\Lu\Downloads\zoek (1).exe
2014-03-09 21:13 - 2014-03-09 21:36 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-03-09 21:13 - 2014-03-09 21:13 - 01285120 _____ () C:\Users\Lu\Downloads\zoek.exe
2014-03-09 20:29 - 2014-03-09 14:28 - 00000000 ____D () C:\Program Files\Emsisoft Anti-Malware
2014-03-09 20:23 - 2014-03-09 20:22 - 01244192 _____ () C:\Users\Lu\Downloads\AdwCleaner (1).exe
2014-03-09 16:11 - 2014-03-09 16:11 - 00667272 _____ ( ) C:\Users\Lu\Downloads\ZipSetup.exe
2014-03-09 16:10 - 2014-03-09 16:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lu\Downloads\HijackThis (1).exe
2014-03-09 14:29 - 2014-03-09 14:29 - 00001009 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-03-09 14:28 - 2014-03-09 14:28 - 00000000 ____D () C:\Users\Lu\Documents\Anti-Malware
2014-03-09 14:27 - 2014-03-09 13:50 - 224608616 _____ (Emsisoft GmbH ) C:\Users\Lu\Downloads\EmsisoftAntiMalwareSetup.exe
2014-03-09 14:10 - 2014-03-09 14:09 - 00388608 _____ (Trend Micro Inc.) C:\Users\Lu\Downloads\HijackThis.exe
2014-03-09 13:42 - 2014-03-09 13:41 - 00987442 _____ () C:\Users\Lu\Downloads\SecurityCheck.exe
2014-03-09 12:40 - 2014-03-09 12:39 - 01244192 _____ () C:\Users\Lu\Downloads\AdwCleaner.exe
2014-03-09 12:36 - 2014-03-09 12:35 - 00683008 _____ ( ) C:\Users\Lu\Downloads\adwcleaner-3-012-52716-br-setup.exe
2014-03-09 12:35 - 2014-03-09 12:35 - 00683008 _____ ( ) C:\Users\Lu\Downloads\Não confirmado 586394.crdownload
2014-03-09 12:23 - 2014-03-09 00:56 - 00000000 ____D () C:\Users\Lu\AppData\Local\NPE
2014-03-09 12:03 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\AppCompat
2014-03-09 03:33 - 2009-09-16 19:29 - 01768848 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-09 03:33 - 2009-07-14 05:31 - 00756410 _____ () C:\Windows\system32\prfh0416.dat
2014-03-09 03:33 - 2009-07-14 05:31 - 00165954 _____ () C:\Windows\system32\prfc0416.dat
2014-03-09 03:28 - 2009-09-17 00:16 - 00000000 ____D () C:\Windows\ConfigSetRoot
2014-03-09 02:03 - 2014-03-09 02:02 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-09 02:03 - 2014-03-09 02:01 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lu\Downloads\mbam-setup-1.75.0.1300 (1).exe
2014-03-09 02:02 - 2014-03-09 02:02 - 00001027 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-09 02:01 - 2014-03-09 01:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Lu\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-09 01:31 - 2013-07-27 18:37 - 00000258 _____ () C:\Users\Lu\AppData\Roaming\WB.CFG
2014-03-09 00:57 - 2014-03-08 22:07 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-03-09 00:56 - 2009-12-09 22:54 - 00000000 ____D () C:\Users\Todos os Usuários\Norton
2014-03-09 00:56 - 2009-12-09 22:54 - 00000000 ____D () C:\ProgramData\Norton
2014-03-09 00:46 - 2014-03-08 21:24 - 00001224 _____ () C:\Windows\system32\PCloudCleanerService.log
2014-03-08 23:24 - 2013-07-07 22:44 - 00000000 ____D () C:\Users\Lu\Desktop\BACKUP
2014-03-08 23:22 - 2010-01-09 09:36 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\vlc
2014-03-08 23:21 - 2013-08-01 15:50 - 00000000 ___RD () C:\Users\Lu\SkyDrive
2014-03-08 22:46 - 2014-03-06 21:52 - 00000000 ____D () C:\Users\Todos os Usuários\CPA_VA
2014-03-08 22:46 - 2014-03-06 21:52 - 00000000 ____D () C:\ProgramData\CPA_VA
2014-03-08 22:45 - 2014-03-08 22:45 - 00000448 _____ () C:\Windows\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job
2014-03-08 22:07 - 2014-03-08 22:07 - 00142936 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2014-03-08 22:07 - 2014-03-08 22:07 - 00008194 _____ () C:\Windows\system32\Drivers\SYMEVENT.CAT
2014-03-08 22:07 - 2014-03-08 22:07 - 00002351 _____ () C:\Users\Public\Desktop\Norton AntiVirus.lnk
2014-03-08 22:07 - 2014-03-08 22:07 - 00000000 ____D () C:\Windows\system32\Drivers\NST
2014-03-08 22:07 - 2014-03-08 22:07 - 00000000 ____D () C:\Program Files\Norton Identity Safe
2014-03-08 22:06 - 2014-03-08 22:06 - 00000000 ____D () C:\Windows\system32\Drivers\NAV
2014-03-08 22:06 - 2014-03-08 22:06 - 00000000 ____D () C:\Program Files\Norton AntiVirus
2014-03-08 22:06 - 2014-03-08 21:37 - 221064696 ____N (Symantec Corporation) C:\Users\Lu\Downloads\NAV-TW-21.1.0-BR.exe
2014-03-08 21:12 - 2014-03-08 21:12 - 00000000 _____ () C:\Windows\SETUP.LST
2014-03-08 19:47 - 2014-03-06 21:29 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-03-08 17:57 - 2013-06-05 18:45 - 00000000 ____D () C:\Users\Todos os Usuários\MFAData
2014-03-08 17:57 - 2013-06-05 18:45 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-08 17:56 - 2014-03-05 01:59 - 00000000 ____D () C:\Users\Todos os Usuários\AVG2014
2014-03-08 17:56 - 2014-03-05 01:59 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-08 17:56 - 2013-06-05 18:53 - 00000000 ___HD () C:\$AVG
2014-03-08 17:50 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-03-08 04:02 - 2013-07-14 01:43 - 00000000 ____D () C:\Users\DefaultAppPool
2014-03-08 02:46 - 2014-03-08 02:46 - 00001200 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-03-08 02:46 - 2014-03-08 02:46 - 00000000 ____D () C:\Program Files\Panda Security
2014-03-08 02:46 - 2014-03-08 02:42 - 27969272 _____ (Panda Security ) C:\Users\Lu\Downloads\PandaCloudCleaner.exe
2014-03-07 22:34 - 2014-03-07 20:11 - 938475520 _____ () C:\Users\Lu\Downloads\ubuntu-13.10-desktop-i386.iso
2014-03-07 19:21 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\spool
2014-03-07 19:19 - 2014-03-01 17:32 - 00000000 ____D () C:\Program Files\Common Files\G Data
2014-03-07 19:19 - 2014-03-01 17:31 - 00000000 ____D () C:\Users\Todos os Usuários\G Data
2014-03-07 19:19 - 2014-03-01 17:31 - 00000000 ____D () C:\ProgramData\G Data
2014-03-07 19:19 - 2009-07-13 23:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-03-07 19:19 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\winevt
2014-03-07 19:19 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\SMI
2014-03-07 19:19 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\MUI
2014-03-07 19:19 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\com
2014-03-07 19:18 - 2014-03-07 19:18 - 00000000 _____ () C:\Windows\system32\Drivers\GDWFPCD32.SYS
2014-03-07 19:08 - 2014-03-07 19:08 - 00016048 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2014-03-07 02:37 - 2014-03-07 02:37 - 00000000 ____D () C:\Users\Lu\AppData\Local\COMODO
2014-03-07 02:29 - 2013-06-05 21:07 - 00000000 ____D () C:\Program Files\77zip
2014-03-07 02:28 - 2009-12-09 23:01 - 00000000 ____D () C:\Mundo da Criança
2014-03-07 02:09 - 2010-05-26 16:02 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\dvdcss
2014-03-07 01:38 - 2013-12-18 22:39 - 00000116 _____ () C:\Windows\NeroDigital.ini
2014-03-07 00:53 - 2010-06-22 21:18 - 00000000 ____D () C:\Users\Lu\AppData\Local\Google
2014-03-07 00:23 - 2013-06-05 21:07 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-06 22:55 - 2014-03-06 22:10 - 00000000 ____D () C:\Windows\system32\%LOCALAPPDATA%
2014-03-06 22:41 - 2014-03-06 21:27 - 00000000 ____D () C:\Users\Todos os Usuários\Comodo
2014-03-06 22:41 - 2014-03-06 21:27 - 00000000 ____D () C:\ProgramData\Comodo
2014-03-06 22:07 - 2014-03-06 22:07 - 00000000 ___HD () C:\VritualRoot
2014-03-06 21:28 - 2014-03-06 21:27 - 00000000 ____D () C:\Program Files\COMODO
2014-03-06 21:27 - 2014-03-06 21:27 - 01700352 _____ (Microsoft Corporation) C:\Windows\system32\gdiplus.dll
2014-03-06 21:27 - 2014-03-06 21:27 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\mfc71.dll
2014-03-06 21:27 - 2014-03-06 21:27 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2014-03-06 21:27 - 2014-03-06 21:22 - 00000000 ____D () C:\Users\Todos os Usuários\Comodo Downloader
2014-03-06 21:27 - 2014-03-06 21:22 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-03-06 21:21 - 2014-03-06 21:20 - 03862856 _____ (COMODO) C:\Users\Lu\Desktop\cav_installer(1).exe
2014-03-06 21:20 - 2014-03-06 21:19 - 03862856 _____ (COMODO) C:\Users\Lu\Desktop\cav_installer.exe
2014-03-06 02:37 - 2014-03-06 02:37 - 01071000 _____ (Solid State Networks) C:\Users\Lu\Downloads\install_flashplayer12x32_mssa_aaa_aih.exe
2014-03-06 01:59 - 2014-03-06 01:59 - 00001065 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-06 01:59 - 2014-03-06 01:59 - 00000000 ____D () C:\Users\Todos os Usuários\Mozilla
2014-03-06 01:59 - 2014-03-06 01:59 - 00000000 ____D () C:\Users\Lu\AppData\Local\Mozilla
2014-03-06 01:59 - 2014-03-06 01:59 - 00000000 ____D () C:\ProgramData\Mozilla
2014-03-06 01:59 - 2014-03-06 01:59 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-06 01:59 - 2013-06-05 21:07 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\Mozilla
2014-03-06 01:54 - 2014-03-06 01:54 - 00283016 _____ (Mozilla) C:\Users\Lu\Downloads\Firefox Setup Stub 27.0.1.exe
2014-03-06 01:46 - 2014-03-06 01:46 - 00009994 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-06 00:42 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\pt-BR
2014-03-05 22:06 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\registration
2014-03-05 04:57 - 2013-11-19 21:04 - 00022085 _____ () C:\Windows\IE11_main.log
2014-03-05 04:27 - 2010-06-25 20:50 - 00015872 _____ () C:\Users\Lu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-05 02:42 - 2014-03-05 01:47 - 00000000 ____D () C:\Users\Lu\AppData\Local\Avg2014
2014-03-05 02:01 - 2014-03-05 02:01 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\AVG2014
2014-03-05 01:58 - 2014-03-05 01:58 - 00000000 ____D () C:\Windows\system32\%systemroot%
2014-03-05 01:58 - 2014-03-05 01:58 - 00000000 ____D () C:\Program Files\AVG
2014-03-05 01:17 - 2014-03-05 01:17 - 00000000 _____ () C:\Windows\system32\Drivers\utm0nziw.sys
2014-03-05 01:04 - 2014-03-03 15:51 - 00000000 ____D () C:\Users\Todos os Usuários\Kaspersky Lab
2014-03-05 01:04 - 2014-03-03 15:51 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-05 00:30 - 2014-03-02 14:41 - 00001912 _____ () C:\Windows\epplauncher.mif
2014-03-04 20:05 - 2014-03-04 20:01 - 00000000 ____D () C:\Program Files\Oasis Games Limited
2014-03-04 20:02 - 2014-02-27 21:04 - 00000000 ____D () C:\Users\Todos os Usuários\Log
2014-03-04 20:02 - 2014-02-27 21:04 - 00000000 ____D () C:\ProgramData\Log
2014-03-04 19:54 - 2014-03-03 20:13 - 00000000 ____D () C:\Program Files\MiPony
2014-03-04 19:54 - 2013-12-05 15:47 - 00000000 ____D () C:\Program Files\FlvPlayer
2014-03-03 21:21 - 2014-03-03 19:55 - 00000000 ____D () C:\Program Files\Xvid
2014-03-03 21:13 - 2010-01-09 09:50 - 00000000 ____D () C:\Users\Lu\AppData\Local\CrashDumps
2014-03-03 21:12 - 2014-03-03 15:27 - 00000000 ____D () C:\Program Files\Common Files\DivX Shared
2014-03-03 21:12 - 2014-03-03 15:05 - 00000000 ____D () C:\Users\Todos os Usuários\DivX
2014-03-03 21:12 - 2014-03-03 15:05 - 00000000 ____D () C:\ProgramData\DivX
2014-03-03 21:10 - 2014-03-03 21:00 - 00000000 ____D () C:\Program Files\FineRecovery
2014-03-03 21:08 - 2014-03-03 15:05 - 00000000 ____D () C:\Program Files\DSP-worx
2014-03-03 21:00 - 2014-03-03 21:00 - 00000000 ____D () C:\Users\Lu\AppData\Local\CrashRpt
2014-03-03 20:39 - 2014-03-04 20:14 - 00311312 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\6051418.sys
2014-03-03 20:39 - 2014-03-04 20:14 - 00128016 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\60514181.sys
2014-03-03 20:39 - 2014-03-04 20:14 - 00037392 _____ (Kaspersky Lab) C:\Windows\system32\Drivers\60514182.sys
2014-03-03 20:19 - 2014-03-03 20:19 - 00000000 ____D () C:\Users\Todos os Usuários\Martau
2014-03-03 20:19 - 2014-03-03 20:19 - 00000000 ____D () C:\ProgramData\Martau
2014-03-03 20:19 - 2014-03-03 20:18 - 00000000 ____D () C:\Program Files\Total Uninstall 6
2014-03-03 20:13 - 2014-03-03 20:13 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony
2014-03-03 20:13 - 2014-03-03 20:13 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\1H1Q
2014-03-03 18:40 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-03 16:39 - 2010-01-09 09:22 - 00118080 _____ () C:\Users\Lu\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-03 16:37 - 2009-07-14 01:33 - 00463512 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-03 15:45 - 2014-03-03 15:18 - 135005840 _____ ( ) C:\Users\Lu\Desktop\kaspersky.exe
2014-03-03 15:33 - 2014-03-03 15:31 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\DivX
2014-03-03 15:05 - 2014-03-03 15:05 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\LavFilters
2014-03-03 15:05 - 2014-03-03 15:05 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\CDXReader
2014-03-02 21:16 - 2013-04-03 23:43 - 00000000 ____D () C:\Program Files\FreeTime
2014-03-02 20:01 - 2014-03-02 20:01 - 00000000 _____ () C:\Users\Lu\AppData\Roaming\FileShred.log
2014-03-02 16:02 - 2013-11-14 18:16 - 00000008 _____ () C:\Windows\audaces.ini
2014-03-02 13:59 - 2014-03-02 13:59 - 00029400 _____ (GAS Tecnologia) C:\Windows\system32\Drivers\gbpndisrdn.sys
2014-03-02 13:58 - 2013-06-30 21:34 - 00000000 ____D () C:\Windows\system32\SPReview
2014-03-02 13:58 - 2009-12-09 23:03 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-03-02 13:58 - 2009-12-09 23:03 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER
2014-03-02 13:58 - 2009-12-09 22:54 - 00000000 ____D () C:\Program Files\Faces
2014-03-02 13:58 - 2009-12-09 22:52 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-03-02 13:58 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-03-02 13:58 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-02 13:58 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\rescache
2014-03-02 13:57 - 2014-02-22 12:13 - 00000000 ____D () C:\Segnas
2014-03-02 13:57 - 2013-11-29 10:39 - 00000000 ____D () C:\Program Files\Jap.fm
2014-03-02 13:57 - 2013-11-14 18:26 - 00000000 ____D () C:\Program Files\Apple Software Update
2014-03-02 13:57 - 2013-11-05 02:31 - 00000000 ____D () C:\Program Files\PDF Image Extraction Wizard
2014-03-02 13:57 - 2013-08-23 22:56 - 00000000 ____D () C:\Program Files\Paint.NET
2014-03-02 13:57 - 2013-08-23 22:41 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\PhotoScape
2014-03-02 13:57 - 2013-08-23 22:40 - 00000000 ____D () C:\Program Files\PhotoScape
2014-03-02 13:57 - 2013-07-05 20:14 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-02 13:57 - 2013-06-05 16:55 - 00000000 ____D () C:\Program Files\WinRAR
2014-03-02 13:57 - 2012-11-28 16:12 - 00000000 ____D () C:\Program Files\jFinanças Pessoal 2012
2014-03-02 13:57 - 2010-01-10 14:52 - 00000000 ____D () C:\Program Files\QuickTime
2014-03-02 13:53 - 2010-01-09 09:22 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\Adobe
2014-03-02 13:50 - 2009-12-09 22:53 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-03-02 13:50 - 2009-12-09 22:53 - 00000000 ____D () C:\Program Files\Adobe
2014-03-01 15:32 - 2014-02-27 22:28 - 00000000 ____D () C:\Users\Todos os Usuários\AVAST Software
2014-03-01 15:32 - 2014-02-27 22:28 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-01 15:20 - 2014-02-27 21:10 - 00000000 ____D () C:\Users\Lu\AppData\Local\DoNotTrackPlus
2014-02-28 19:48 - 2014-02-28 19:48 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-02-28 19:48 - 2014-02-28 19:48 - 00000000 ____D () C:\Users\Lu\AppData\Roaming\Malwarebytes
2014-02-28 19:48 - 2014-02-28 19:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-02-27 23:36 - 2014-02-27 23:36 - 00262144 _____ () C:\Windows\system32\config\elam
2014-02-27 20:55 - 2014-02-27 20:55 - 00000000 ____D () C:\Users\Todos os Usuários\CheckPoint
2014-02-27 20:55 - 2014-02-27 20:55 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-02-27 19:30 - 2014-02-27 19:30 - 00000000 ____H () C:\Users\Lu\Documents\Default.rdp
2014-02-25 01:04 - 2014-02-25 01:04 - 00001475 _____ () C:\Users\Lu\Desktop\YouTube.url
2014-02-24 22:45 - 2010-01-09 09:33 - 00000000 ____D () C:\Users\Lu\AppData\Local\Adobe
2014-02-23 23:07 - 2013-08-23 23:20 - 00000000 ____D () C:\Users\Lu\.gimp-2.8
2014-02-23 23:06 - 2014-02-23 23:06 - 00001481 _____ () C:\Users\Lu\AppData\Local\recently-used.xbel
2014-02-23 23:06 - 2013-08-24 00:37 - 00000000 ____D () C:\Users\Lu\.thumbnails
2014-02-23 22:59 - 2013-08-23 22:56 - 00000000 ____D () C:\Users\Lu\AppData\Local\Paint.NET
2014-02-23 22:42 - 2014-01-01 13:32 - 00019456 ____H () C:\Users\Lu\Desktop\photothumb.db
2014-02-22 18:52 - 2013-11-15 13:02 - 00000000 ____D () C:\output
2014-02-22 13:01 - 2014-02-22 12:51 - 00000000 ____D () C:\Users\Lu\AppData\Local\cache
2014-02-22 12:51 - 2014-02-22 12:51 - 00000000 ____D () C:\Users\Lu\.android
2014-02-22 12:44 - 2009-07-13 23:37 - 00000000 ____D () C:\Windows\Resources
2014-02-22 12:15 - 2014-02-22 12:15 - 00000029 _____ () C:\Windows\system32\config.ini
2014-02-20 22:25 - 2013-07-10 22:22 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-20 22:25 - 2013-07-10 22:22 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-12 20:29 - 2013-08-15 02:39 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 20:27 - 2013-06-29 03:25 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-12 10:15 - 2014-02-12 10:15 - 00001014 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2631333086-1251509141-173655686-1000Core1cf27f47b41858d.job
2014-02-10 20:32 - 2014-02-10 20:32 - 01152656 _____ () C:\Windows\system32\MovieMode.48CA2AEFA22D.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-20 00:08
==================== End Of Log ============================
emily00- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 09/03/2014
Re: Virus de Navegador
por emily00 Ter 11 Mar 2014, 06:19
Relatório Addition
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2014
Ran by Lu at 2014-03-11 05:55:38
Running from C:\Users\Lu\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton AntiVirus (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
==================== Installed Programs ======================
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{162B71B8-8464-4680-A086-601D555B331D}) (Version: 2.4.0.27 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_HOMESTUDENTR_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_HOMESTUDENTR_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_HOMESTUDENTR_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
Bonjour (HKLM\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
BrOffice.org 2.4 (HKLM\...\{598565FC-047F-4BBA-AA5F-A95EC039F05B}) (Version: 2.4.9310 - OpenOffice.org)
Caderno de Receitas (HKLM\...\Caderno de Receitas_is1) (Version: - )
Conexao da Família (HKLM\...\{4A191D16-E613-424A-87A7-EC3C76DFBCB4}) (Version: 1.00.0000 - Positivo Informática)
Creditos MDC (HKLM\...\{93A94059-5A3C-416B-B2EA-ADCDE361052A}) (Version: 1.00.0000 - Positivo Informática)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Desinstalar impressora EPSON TX105 Series (HKLM\...\EPSON TX105 Series) (Version: - SEIKO EPSON Corporation)
Direct Video Downloader version 1.1 (HKLM\...\{3D6D3FC2-95F9-495A-B27F-885499842FDE}_is1) (Version: 1.1 - Major Share (MajorShare.com))
Discador Positivo (HKLM\...\{5EB7EC02-AD45-4DB8-9B6A-B7A09ED2925E}) (Version: 1.00.0000 - Positivo Informática)
Emsisoft Anti-Malware (HKLM\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.1 - Emsisoft GmbH)
Epson Easy Photo Print 2 (HKLM\...\{DEDB47A3-C988-4A43-A645-E2CEA571E680}) (Version: 2.0.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
Faces 1.03.8 (HKLM\...\{A828537C-87AF-4E9D-9C54-11D34B8E2FBA}_is1) (Version: - Positivo Informática S.A.)
FlvPlayer (HKLM\...\FlvPlayer) (Version: ${VERSION} - )
Galeria de Fotos (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM\...\{41101F0C-DBD9-321C-A6B1-E0689B495A4E}) (Version: 5.1.4.17398 - Google)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
jFinanças Pessoal 2012 (HKLM\...\jFinanças Pessoal 2012) (Version: 5.0 - Cenize)
Junk Mail filter update (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware versão 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PTB) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (Portuguese (Brazil)) (HKLM\...\{95120000-00AF-0416-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{99BD04BB-275E-4792-BE39-420703BF8392}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 pt-BR) (HKLM\...\Mozilla Firefox 27.0.1 (x86 pt-BR)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
Mundo da Criança - PC da Família (HKLM\...\Mundo da Criança - PC da Família) (Version: - )
Nero Suite (HKLM\...\NeroMultiInstaller!UninstallKey) (Version: - )
Norton AntiVirus (HKLM\...\NAV) (Version: 21.1.0.18 - Symantec Corporation)
Norton Identity Safe (HKLM\...\NST) (Version: 2014.6.0.27 - Symantec Corporation)
Pacote de Compatibilidade para o sistema Office 2007 (HKLM\...\{90120000-0020-0416-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC)
Panda Cloud Cleaner (HKLM\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.87 - Panda Security)
PDF Creator (HKLM\...\PDF Creator) (Version: - )
PDF Image Extraction Wizard 6.11 (HKLM\...\PDF Image Extraction Wizard_is1) (Version: - RL Vision)
Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PhotoScape (HKLM\...\PhotoScape) (Version: - )
QuickTime (HKLM\...\{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}) (Version: 7.60.92.0 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5919 - Realtek Semiconductor Corp.)
Skype
6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)
Software de Cadastro Fiel Torcedor 1.0 (HKLM\...\{4A33ECF3-6AC6-4A9B-932C-4E81625423C7}_is1) (Version: 1.0.0.0 - Positivo Informática)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
TELL ME MORE (HKLM\...\TMM80DEMBRA) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.0.1 (HKLM\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{D7A88CAC-67C3-4435-898E-2B7245F3E4BB}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
ZHPDiag 2014 (HKLM\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)
==================== Restore Points =========================
06-03-2014 08:53:17 Windows Update
07-03-2014 06:00:24 Windows Update
07-03-2014 22:38:02 Windows Update
08-03-2014 04:40:08 Windows Update
08-03-2014 06:00:25 Windows Update
08-03-2014 07:12:00 Windows Update
08-03-2014 20:52:11 Removed AVG 2014
08-03-2014 20:56:24 Removed AVG 2014
09-03-2014 06:00:26 Windows Update
09-03-2014 06:38:26 Windows Update
09-03-2014 19:21:51 Windows Update
10-03-2014 00:21:02 zoek.exe restore point
10-03-2014 02:42:14 Windows Update
10-03-2014 19:57:13 ZHPFix Restore System Point
11-03-2014 00:57:17 Windows Update
==================== Hosts content: ==========================
2009-07-13 23:04 - 2014-03-09 21:21 - 00000840 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {04A9BA31-FB31-493C-8C53-BE7AB6E8DA96} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-05] (Google Inc.)
Task: {06A0C53B-3EB9-44A5-A592-59270786D229} - System32\Tasks\{85A5A5A4-2CAB-4CCF-B48D-808C52773AEC} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {22356A91-2B5B-4232-AD62-F5B2E14FF4CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
Task: {2DAE8E2F-6EB1-4B20-BE76-F2772921E631} - System32\Tasks\{4DE1C1F4-3F12-46C9-B864-9C56E2880B40} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {3BD56E16-20D3-40F9-A0F1-68A7E550C442} - System32\Tasks\{0EAAEF94-4103-417E-AE94-9516D7A09304} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {3E20EBD8-8477-46F2-8A23-E01813E6061E} - System32\Tasks\{660B4511-2A78-4005-B6DE-560D71F130B2} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {43D36226-ADDF-4A56-A48A-828BE4E6732A} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {589BEBA9-038C-47A3-9C64-083457BE6158} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {6364FDD3-1276-4E34-A25A-4312268A7DC3} - System32\Tasks\{1D550501-5A0F-4623-B2CB-99F95DF7A527} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {6856676E-996F-40E7-9101-11F7D68C930E} - System32\Tasks\{706EDB42-4FBD-455B-ADB8-4EB8DBDE8C96} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {757A8750-0199-460E-B828-0BCEA80B2B05} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {76328E09-9E06-43CC-9450-99539BCCE143} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-05] (Google Inc.)
Task: {76AFBC7E-C7B5-415E-A27B-66F136F92840} - System32\Tasks\{A9AEE16B-0AA5-4B5C-91B6-CF65436094EB} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {7876A3FF-D125-467B-9F71-8EE7142E95FF} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {8C59AB39-07DF-4CE9-93E8-7DFA1B32A3D8} - System32\Tasks\{6F66ECE6-C915-40D4-9495-9CA60F8F7540} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {8CD587F0-E446-4E6E-95E9-560F04054EB7} - System32\Tasks\{056B1CFF-D845-4A4B-9C79-7CA5C89A69A4} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {B0D81219-F8FF-49A4-AE2E-231123DA2AF7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CB159111-FCC4-4B38-B40B-30DA86BD3F8B} - System32\Tasks\{FA20DD97-9058-4B05-96B2-840887162BC0} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {D933C4BF-1531-4450-97E4-80E378E59952} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {EBB64C64-D420-4C02-8A79-B3128752F9E7} - System32\Tasks\{D260B81A-7493-4497-B207-0FA9A74F6DA7} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {EDD3357D-0C8B-461F-AA2B-6F1D4758FC4E} - System32\Tasks\{6243634D-7B2C-498B-96A5-EA39A62BC6A2} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {F8060679-FAC4-4CB0-BBAC-886531C53831} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job => C:\Users\Lu\AppData\Local\Temp\cisC199.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2631333086-1251509141-173655686-1000Core1cf27f47b41858d.job => C:\Users\Lu\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-07-15 21:38 - 2011-10-04 22:42 - 00086016 _____ () C:\Windows\System32\custmon32i.dll
2014-03-11 05:26 - 2014-03-11 05:26 - 00110592 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\0.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00184320 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\1.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00905216 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\2.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00086016 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\4.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00163840 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\5.mdd
2007-12-19 15:04 - 2007-12-19 15:04 - 00828416 _____ () C:\Program Files\BrOffice.org 2.4\program\libxml2.dll
2014-03-11 05:26 - 2014-03-11 05:26 - 00110592 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\0.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00184320 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\1.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00090112 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\2.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00163840 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\3.mdd
2014-03-04 18:47 - 2014-03-01 23:35 - 00051016 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2014-03-04 18:47 - 2014-03-01 23:35 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
2014-03-04 18:47 - 2014-03-01 23:35 - 00100168 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.146\libegl.dll
2014-03-04 18:47 - 2014-03-01 23:35 - 04061000 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-04 18:47 - 2014-03-01 23:35 - 00394568 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-04 18:47 - 2014-03-01 23:35 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
2014-03-04 18:47 - 2014-03-01 23:35 - 13632840 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Windows\System32:324F0CD0_Bb.gbp
AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/11/2014 05:53:25 AM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2014 05:53:24 AM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2014 05:25:58 AM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
Error: (03/10/2014 09:58:42 PM) (Source: MsiInstaller) (User: AUTORIDADE NT)
Description: Product: Skype 6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msi
Error: (03/10/2014 08:11:37 PM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
Error: (03/10/2014 08:11:34 PM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
Error: (03/10/2014 07:00:31 PM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
Error: (03/10/2014 07:00:31 PM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
Error: (03/10/2014 06:54:29 PM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
Error: (03/10/2014 06:51:41 PM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
System errors:
=============
Error: (03/11/2014 05:25:52 AM) (Source: Service Control Manager) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
Bhbase
Error: (03/11/2014 05:25:50 AM) (Source: SNMP) (User: )
Description: O serviço SNMP encontrou um erro ao acessar a chave do Registro SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (03/10/2014 09:58:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070643: Atualização para o Skype para a área de trabalho do Windows 6.11 (KB2876229).
Error: (03/10/2014 06:59:53 PM) (Source: DCOM) (User: Lu-PC)
Description: padrão-computadorLocalAtivação{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Lu-PCLuS-1-5-21-2631333086-1251509141-173655686-1000LocalHost (Usando LRPC)
Error: (03/10/2014 06:58:44 PM) (Source: DCOM) (User: Lu-PC)
Description: padrão-computadorLocalAtivação{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Lu-PCLuS-1-5-21-2631333086-1251509141-173655686-1000LocalHost (Usando LRPC)
Error: (03/10/2014 06:55:27 PM) (Source: Service Control Manager) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
Bhbase
Error: (03/10/2014 06:55:12 PM) (Source: Service Control Manager) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço SysMain.
Error: (03/10/2014 06:55:12 PM) (Source: Service Control Manager) (User: )
Description: Não foi possível iniciar o serviço Windows Live ID Sign-in Assistant devido ao seguinte erro:
%%1053
Error: (03/10/2014 06:55:12 PM) (Source: Service Control Manager) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Windows Live ID Sign-in Assistant.
Error: (03/10/2014 06:54:25 PM) (Source: SNMP) (User: )
Description: O serviço SNMP encontrou um erro ao acessar a chave do Registro SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Microsoft Office Sessions:
=========================
Error: (04/04/2013 00:14:07 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 15 seconds with 0 seconds of active time. This session ended with a crash.
Error: (03/20/2013 10:58:36 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.
Error: (03/09/2013 11:18:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/16/2013 11:06:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2009 seconds with 60 seconds of active time. This session ended with a crash.
Error: (01/01/2013 03:26:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/11/2012 10:17:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/26/2012 05:02:58 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/25/2012 00:46:06 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/18/2012 10:07:47 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 595 seconds with 180 seconds of active time. This session ended with a crash.
Error: (10/26/2012 07:56:17 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 50 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-02-27 21:39:50.213
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-02-27 21:39:50.148
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 57%
Total physical RAM: 2038.24 MB
Available physical RAM: 859.91 MB
Total Pagefile: 4076.48 MB
Available Pagefile: 2522.69 MB
Total Virtual: 2047.88 MB
Available Virtual: 1906.04 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:288.32 GB) (Free:236.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 298 GB) (Disk ID: 51FECCFE)
Partition 1: (Active) - (Size=10 GB) - (Type=27)
Partition 2: (Not Active) - (Size=288 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-03-2014
Ran by Lu at 2014-03-11 05:55:38
Running from C:\Users\Lu\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton AntiVirus (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton AntiVirus (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
==================== Installed Programs ======================
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Português (HKLM\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Apple Mobile Device Support (HKLM\...\{162B71B8-8464-4680-A086-601D555B331D}) (Version: 2.4.0.27 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atualização do produto Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0416-0000-0000000FF1CE}_HOMESTUDENTR_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}) (Version: - Microsoft)
Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0416-0000-0000000FF1CE}_HOMESTUDENTR_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}) (Version: - Microsoft)
Atualização do produto Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0416-0000-0000000FF1CE}_HOMESTUDENTR_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}) (Version: - Microsoft)
Bonjour (HKLM\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
BrOffice.org 2.4 (HKLM\...\{598565FC-047F-4BBA-AA5F-A95EC039F05B}) (Version: 2.4.9310 - OpenOffice.org)
Caderno de Receitas (HKLM\...\Caderno de Receitas_is1) (Version: - )
Conexao da Família (HKLM\...\{4A191D16-E613-424A-87A7-EC3C76DFBCB4}) (Version: 1.00.0000 - Positivo Informática)
Creditos MDC (HKLM\...\{93A94059-5A3C-416B-B2EA-ADCDE361052A}) (Version: 1.00.0000 - Positivo Informática)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Desinstalar impressora EPSON TX105 Series (HKLM\...\EPSON TX105 Series) (Version: - SEIKO EPSON Corporation)
Direct Video Downloader version 1.1 (HKLM\...\{3D6D3FC2-95F9-495A-B27F-885499842FDE}_is1) (Version: 1.1 - Major Share (MajorShare.com))
Discador Positivo (HKLM\...\{5EB7EC02-AD45-4DB8-9B6A-B7A09ED2925E}) (Version: 1.00.0000 - Positivo Informática)
Emsisoft Anti-Malware (HKLM\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.1 - Emsisoft GmbH)
Epson Easy Photo Print 2 (HKLM\...\{DEDB47A3-C988-4A43-A645-E2CEA571E680}) (Version: 2.0.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
Faces 1.03.8 (HKLM\...\{A828537C-87AF-4E9D-9C54-11D34B8E2FBA}_is1) (Version: - Positivo Informática S.A.)
FlvPlayer (HKLM\...\FlvPlayer) (Version: ${VERSION} - )
Galeria de Fotos (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM\...\{41101F0C-DBD9-321C-A6B1-E0689B495A4E}) (Version: 5.1.4.17398 - Google)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
jFinanças Pessoal 2012 (HKLM\...\jFinanças Pessoal 2012) (Version: 5.0 - Cenize)
Junk Mail filter update (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware versão 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Português do Brasil) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1046) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (PTB) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (Portuguese (Brazil)) (HKLM\...\{95120000-00AF-0416-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Portuguese (Brazil)) 2007 (Version: 12.0.4518.1019 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Portuguese (Brazil)) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{99BD04BB-275E-4792-BE39-420703BF8392}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 pt-BR) (HKLM\...\Mozilla Firefox 27.0.1 (x86 pt-BR)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
Mundo da Criança - PC da Família (HKLM\...\Mundo da Criança - PC da Família) (Version: - )
Nero Suite (HKLM\...\NeroMultiInstaller!UninstallKey) (Version: - )
Norton AntiVirus (HKLM\...\NAV) (Version: 21.1.0.18 - Symantec Corporation)
Norton Identity Safe (HKLM\...\NST) (Version: 2014.6.0.27 - Symantec Corporation)
Pacote de Compatibilidade para o sistema Office 2007 (HKLM\...\{90120000-0020-0416-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC)
Panda Cloud Cleaner (HKLM\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.87 - Panda Security)
PDF Creator (HKLM\...\PDF Creator) (Version: - )
PDF Image Extraction Wizard 6.11 (HKLM\...\PDF Image Extraction Wizard_is1) (Version: - RL Vision)
Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PhotoScape (HKLM\...\PhotoScape) (Version: - )
QuickTime (HKLM\...\{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}) (Version: 7.60.92.0 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5919 - Realtek Semiconductor Corp.)
Skype
6.3 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.105 - Skype Technologies S.A.)Software de Cadastro Fiel Torcedor 1.0 (HKLM\...\{4A33ECF3-6AC6-4A9B-932C-4E81625423C7}_is1) (Version: 1.0.0.0 - Positivo Informática)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
TELL ME MORE (HKLM\...\TMM80DEMBRA) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 1.0.1 (HKLM\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Windows Live Communications Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{D7A88CAC-67C3-4435-898E-2B7245F3E4BB}) (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live UX Platform (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
ZHPDiag 2014 (HKLM\...\ZHPDiag_is1) (Version: 2014 - Nicolas Coolman)
==================== Restore Points =========================
06-03-2014 08:53:17 Windows Update
07-03-2014 06:00:24 Windows Update
07-03-2014 22:38:02 Windows Update
08-03-2014 04:40:08 Windows Update
08-03-2014 06:00:25 Windows Update
08-03-2014 07:12:00 Windows Update
08-03-2014 20:52:11 Removed AVG 2014
08-03-2014 20:56:24 Removed AVG 2014
09-03-2014 06:00:26 Windows Update
09-03-2014 06:38:26 Windows Update
09-03-2014 19:21:51 Windows Update
10-03-2014 00:21:02 zoek.exe restore point
10-03-2014 02:42:14 Windows Update
10-03-2014 19:57:13 ZHPFix Restore System Point
11-03-2014 00:57:17 Windows Update
==================== Hosts content: ==========================
2009-07-13 23:04 - 2014-03-09 21:21 - 00000840 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {04A9BA31-FB31-493C-8C53-BE7AB6E8DA96} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-05] (Google Inc.)
Task: {06A0C53B-3EB9-44A5-A592-59270786D229} - System32\Tasks\{85A5A5A4-2CAB-4CCF-B48D-808C52773AEC} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {22356A91-2B5B-4232-AD62-F5B2E14FF4CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
Task: {2DAE8E2F-6EB1-4B20-BE76-F2772921E631} - System32\Tasks\{4DE1C1F4-3F12-46C9-B864-9C56E2880B40} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {3BD56E16-20D3-40F9-A0F1-68A7E550C442} - System32\Tasks\{0EAAEF94-4103-417E-AE94-9516D7A09304} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {3E20EBD8-8477-46F2-8A23-E01813E6061E} - System32\Tasks\{660B4511-2A78-4005-B6DE-560D71F130B2} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {43D36226-ADDF-4A56-A48A-828BE4E6732A} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {589BEBA9-038C-47A3-9C64-083457BE6158} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {6364FDD3-1276-4E34-A25A-4312268A7DC3} - System32\Tasks\{1D550501-5A0F-4623-B2CB-99F95DF7A527} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {6856676E-996F-40E7-9101-11F7D68C930E} - System32\Tasks\{706EDB42-4FBD-455B-ADB8-4EB8DBDE8C96} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {757A8750-0199-460E-B828-0BCEA80B2B05} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files\Norton AntiVirus\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {76328E09-9E06-43CC-9450-99539BCCE143} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-06-05] (Google Inc.)
Task: {76AFBC7E-C7B5-415E-A27B-66F136F92840} - System32\Tasks\{A9AEE16B-0AA5-4B5C-91B6-CF65436094EB} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {7876A3FF-D125-467B-9F71-8EE7142E95FF} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: {8C59AB39-07DF-4CE9-93E8-7DFA1B32A3D8} - System32\Tasks\{6F66ECE6-C915-40D4-9495-9CA60F8F7540} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {8CD587F0-E446-4E6E-95E9-560F04054EB7} - System32\Tasks\{056B1CFF-D845-4A4B-9C79-7CA5C89A69A4} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {B0D81219-F8FF-49A4-AE2E-231123DA2AF7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CB159111-FCC4-4B38-B40B-30DA86BD3F8B} - System32\Tasks\{FA20DD97-9058-4B05-96B2-840887162BC0} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {D933C4BF-1531-4450-97E4-80E378E59952} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
Task: {EBB64C64-D420-4C02-8A79-B3128752F9E7} - System32\Tasks\{D260B81A-7493-4497-B207-0FA9A74F6DA7} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {EDD3357D-0C8B-461F-AA2B-6F1D4758FC4E} - System32\Tasks\{6243634D-7B2C-498B-96A5-EA39A62BC6A2} => Iexplore.exe [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Task: {F8060679-FAC4-4CB0-BBAC-886531C53831} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files\Norton Identity Safe\Engine\2014.6.0.27\SymErr.exe [2013-06-03] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CIS_{81EFDD93-DBBE-415B-BE6E-49B9664E3E82}.job => C:\Users\Lu\AppData\Local\Temp\cisC199.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2631333086-1251509141-173655686-1000Core1cf27f47b41858d.job => C:\Users\Lu\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-07-15 21:38 - 2011-10-04 22:42 - 00086016 _____ () C:\Windows\System32\custmon32i.dll
2014-03-11 05:26 - 2014-03-11 05:26 - 00110592 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\0.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00184320 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\1.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00905216 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\2.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00086016 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\4.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00163840 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\5.mdd
2007-12-19 15:04 - 2007-12-19 15:04 - 00828416 _____ () C:\Program Files\BrOffice.org 2.4\program\libxml2.dll
2014-03-11 05:26 - 2014-03-11 05:26 - 00110592 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\0.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00184320 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\1.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00090112 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\2.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00163840 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\3.mdd
2014-03-04 18:47 - 2014-03-01 23:35 - 00051016 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2014-03-04 18:47 - 2014-03-01 23:35 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
2014-03-04 18:47 - 2014-03-01 23:35 - 00100168 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.146\libegl.dll
2014-03-04 18:47 - 2014-03-01 23:35 - 04061000 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-04 18:47 - 2014-03-01 23:35 - 00394568 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-04 18:47 - 2014-03-01 23:35 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll
2014-03-04 18:47 - 2014-03-01 23:35 - 13632840 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Windows\System32:324F0CD0_Bb.gbp
AlternateDataStreams: C:\Windows\system32\drivers:GbpKmAp.lst
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/11/2014 05:53:25 AM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2014 05:53:24 AM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
Error: (03/11/2014 05:25:58 AM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
Error: (03/10/2014 09:58:42 PM) (Source: MsiInstaller) (User: AUTORIDADE NT)
Description: Product: Skype
6.11 -- Error 1316. A network error occurred while attempting to read from the file: C:\ProgramData\Skype\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeSetup_6.3.0.105.msiError: (03/10/2014 08:11:37 PM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
Error: (03/10/2014 08:11:34 PM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
Error: (03/10/2014 07:00:31 PM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
Error: (03/10/2014 07:00:31 PM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
Error: (03/10/2014 06:54:29 PM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
Error: (03/10/2014 06:51:41 PM) (Source: Microsoft-Windows-User Profiles Service) (User: AUTORIDADE NT)
Description: O Windows não pode carregar o arquivo de Registro de classes.
DETALHE - O sistema não pode encontrar o arquivo especificado.
System errors:
=============
Error: (03/11/2014 05:25:52 AM) (Source: Service Control Manager) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
Bhbase
Error: (03/11/2014 05:25:50 AM) (Source: SNMP) (User: )
Description: O serviço SNMP encontrou um erro ao acessar a chave do Registro SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (03/10/2014 09:58:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: AUTORIDADE NT)
Description: Falha na Instalação: o Windows não pôde instalar a seguinte atualização com o erro 0x80070643: Atualização para o Skype para a área de trabalho do Windows 6.11 (KB2876229).
Error: (03/10/2014 06:59:53 PM) (Source: DCOM) (User: Lu-PC)
Description: padrão-computadorLocalAtivação{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Lu-PCLuS-1-5-21-2631333086-1251509141-173655686-1000LocalHost (Usando LRPC)
Error: (03/10/2014 06:58:44 PM) (Source: DCOM) (User: Lu-PC)
Description: padrão-computadorLocalAtivação{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Lu-PCLuS-1-5-21-2631333086-1251509141-173655686-1000LocalHost (Usando LRPC)
Error: (03/10/2014 06:55:27 PM) (Source: Service Control Manager) (User: )
Description: Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização:
Bhbase
Error: (03/10/2014 06:55:12 PM) (Source: Service Control Manager) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a resposta de uma transação do serviço SysMain.
Error: (03/10/2014 06:55:12 PM) (Source: Service Control Manager) (User: )
Description: Não foi possível iniciar o serviço Windows Live ID Sign-in Assistant devido ao seguinte erro:
%%1053
Error: (03/10/2014 06:55:12 PM) (Source: Service Control Manager) (User: )
Description: Tempo limite esgotado (30000 milissegundos) ao aguardar a conexão do serviço Windows Live ID Sign-in Assistant.
Error: (03/10/2014 06:54:25 PM) (Source: SNMP) (User: )
Description: O serviço SNMP encontrou um erro ao acessar a chave do Registro SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Microsoft Office Sessions:
=========================
Error: (04/04/2013 00:14:07 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 15 seconds with 0 seconds of active time. This session ended with a crash.
Error: (03/20/2013 10:58:36 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.
Error: (03/09/2013 11:18:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/16/2013 11:06:44 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2009 seconds with 60 seconds of active time. This session ended with a crash.
Error: (01/01/2013 03:26:59 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 9 seconds with 0 seconds of active time. This session ended with a crash.
Error: (12/11/2012 10:17:34 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 10 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/26/2012 05:02:58 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 23 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/25/2012 00:46:06 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 17 seconds with 0 seconds of active time. This session ended with a crash.
Error: (11/18/2012 10:07:47 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 595 seconds with 180 seconds of active time. This session ended with a crash.
Error: (10/26/2012 07:56:17 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 50 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2014-02-27 21:39:50.213
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-02-27 21:39:50.148
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\CheckPoint\ZoneAlarm\avsys\install\instdrivers\kl1\x86\win8\klelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 57%
Total physical RAM: 2038.24 MB
Available physical RAM: 859.91 MB
Total Pagefile: 4076.48 MB
Available Pagefile: 2522.69 MB
Total Virtual: 2047.88 MB
Available Virtual: 1906.04 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:288.32 GB) (Free:236.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or
(Size: 298 GB) (Disk ID: 51FECCFE)Partition 1: (Active) - (Size=10 GB) - (Type=27)
Partition 2: (Not Active) - (Size=288 GB) - (Type=07 NTFS)
==================== End Of Log ============================
emily00- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 09/03/2014
Re: Virus de Navegador
por Power Max Ter 11 Mar 2014, 11:59
Acesse o site e envie este arquivo destacado em negrito para ser analisado:C:\Windows\system32\Drivers\utm0nziw.sys
Se o site informar que ele já foi analisado, peça para analisar novamente. Assim que a verificação acabar, copie o link que aparecerá na barra de endereços de seu navegador e poste este link na próxima resposta juntamente com o outro relatório pedido abaixo.
______________________________________________________________________________________________
Baixe o arquivo fixlist que está anexado nesta postagem e deixe-o neste local abaixo:C:\Users\Lu\Downloads
Execute o FRST. Clique no botão Fix.
Aguarde e ao final, o log Fixlog.txt será salvo.
Selecione, copie e cole o conteúdo deste log em sua próxima resposta juntamente com o link da análise do arquivo no site Virus Total.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Virus de Navegador
por emily00 Qua 12 Mar 2014, 02:00
Bom dia!
Segue o relatório do utm0nziw.sys
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Relatório fixlist:
start
HKU\S-1-5-19\...\Winlogon: [Shell] Explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] Explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION
IFEO\bpsvc.exe: [Debugger] tasklist.exe
SearchScopes: HKLM - DefaultScope value is missing
CHR Extension: (Foxtab Speed Dial (Beta)) - C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcendgajlhoaiiccpijilcpmgphfflnj [2013-08-21]
CHR HKLM\...\Chrome\Extension: [kcendgajlhoaiiccpijilcpmgphfflnj] - C:\Users\Lu\AppData\Local\newhb.crx [2013-08-01]
S3 BdApiUtil; \??\C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.sys [X]
S0 Bhbase; System32\drivers\Bhbase.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [X]
2014-03-10 17:28 - 2010-01-10 14:53 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-10 16:58 - 2013-06-13 23:56 - 00000000 ____D () C:\Program Files\Baidu Security
Bonjour (HKLM\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Task: {D933C4BF-1531-4450-97E4-80E378E59952} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
2014-03-11 05:26 - 2014-03-11 05:26 - 00110592 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\0.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00184320 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\1.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00905216 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\2.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00086016 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\4.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00163840 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\5.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00110592 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\0.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00184320 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\1.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00090112 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\2.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00163840 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\3.mdd
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
end
emily00- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 09/03/2014
Re: Virus de Navegador
por Power Max Qua 12 Mar 2014, 11:07
O procedimento que preciso que você faça com o fixlist é este:
Baixe o arquivo fixlist que está anexado nesta postagem e deixe-o neste local abaixo:
C:\Users\Lu\Downloads
Execute o FRST. Clique no botão Fix.
Aguarde e ao final, o relatório Fixlog.txt será salvo. E aí é só você abrir este arquivo Fixlog.txt, copiar todo o conteúdo dele e postar aqui no seu tópico.
Baixe o arquivo fixlist que está anexado nesta postagem e deixe-o neste local abaixo:
C:\Users\Lu\Downloads
Execute o FRST. Clique no botão Fix.
Aguarde e ao final, o relatório Fixlog.txt será salvo. E aí é só você abrir este arquivo Fixlog.txt, copiar todo o conteúdo dele e postar aqui no seu tópico.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Virus de Navegador
por emily00 Qua 12 Mar 2014, 18:16
Para executar o FRST devo baixar o Farbar Recovery Scan Tool?
emily00- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 09/03/2014
Re: Virus de Navegador
por Power Max Qua 12 Mar 2014, 18:31
sim, o Frst é o próprio Farbar. Você já tinha baixado ele antes. Mas se tiver excluído, é só baixar de novo naquele link que te passei e deixe o Frst na mesma pasta que o fixlistemily00 escreveu:
Para executar o FRST devo baixar o Farbar Recovery Scan Tool?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Virus de Navegador
por emily00 Qua 12 Mar 2014, 19:09
Fixlog.txt:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-03-2014
Ran by Lu at 2014-03-12 19:01:10 Run:1
Running from C:\Users\Lu\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
HKU\S-1-5-19\...\Winlogon: [Shell] Explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] Explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION
IFEO\bpsvc.exe: [Debugger] tasklist.exe
SearchScopes: HKLM - DefaultScope value is missing
CHR Extension: (Foxtab Speed Dial (Beta)) - C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcendgajlhoaiiccpijilcpmgphfflnj [2013-08-21]
CHR HKLM\...\Chrome\Extension: [kcendgajlhoaiiccpijilcpmgphfflnj] - C:\Users\Lu\AppData\Local\newhb.crx [2013-08-01]
S3 BdApiUtil; \??\C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.sys [X]
S0 Bhbase; System32\drivers\Bhbase.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [X]
2014-03-10 17:28 - 2010-01-10 14:53 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-10 16:58 - 2013-06-13 23:56 - 00000000 ____D () C:\Program Files\Baidu Security
Bonjour (HKLM\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Task: {D933C4BF-1531-4450-97E4-80E378E59952} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
2014-03-11 05:26 - 2014-03-11 05:26 - 00110592 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\0.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00184320 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\1.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00905216 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\2.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00086016 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\4.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00163840 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\5.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00110592 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\0.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00184320 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\1.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00090112 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\2.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00163840 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\3.mdd
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
end
*****************
HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcendgajlhoaiiccpijilcpmgphfflnj => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\kcendgajlhoaiiccpijilcpmgphfflnj => Key deleted successfully.
C:\Users\Lu\AppData\Local\newhb.crx => Moved successfully.
BdApiUtil => Service deleted successfully.
Bhbase => Service deleted successfully.
BprotectEx => Service deleted successfully.
PCFApiUtil => Service deleted successfully.
C:\Program Files\Bonjour => Moved successfully.
C:\Program Files\Baidu Security => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D933C4BF-1531-4450-97E4-80E378E59952} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D933C4BF-1531-4450-97E4-80E378E59952} => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0 => Key deleted successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\0.mdd => Moved successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\1.mdd => Moved successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\2.mdd => Moved successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\4.mdd => Moved successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\5.mdd => Moved successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\0.mdd => Moved successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\1.mdd => Moved successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\2.mdd => Moved successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\3.mdd => Moved successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\BavSvc => Key deleted successfully.
==== End of Fixlog ====
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-03-2014
Ran by Lu at 2014-03-12 19:01:10 Run:1
Running from C:\Users\Lu\Downloads
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
start
HKU\S-1-5-19\...\Winlogon: [Shell] Explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION
HKU\S-1-5-20\...\Winlogon: [Shell] Explorer.exe [2616320 2011-02-25] (Microsoft Corporation) <==== ATTENTION
IFEO\bpsvc.exe: [Debugger] tasklist.exe
SearchScopes: HKLM - DefaultScope value is missing
CHR Extension: (Foxtab Speed Dial (Beta)) - C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcendgajlhoaiiccpijilcpmgphfflnj [2013-08-21]
CHR HKLM\...\Chrome\Extension: [kcendgajlhoaiiccpijilcpmgphfflnj] - C:\Users\Lu\AppData\Local\newhb.crx [2013-08-01]
S3 BdApiUtil; \??\C:\Program Files\Baidu Security\Baidu Antivirus\BdApiUtil.sys [X]
S0 Bhbase; System32\drivers\Bhbase.sys [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 PCFApiUtil; \??\C:\Program Files\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil.sys [X]
2014-03-10 17:28 - 2010-01-10 14:53 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-10 16:58 - 2013-06-13 23:56 - 00000000 ____D () C:\Program Files\Baidu Security
Bonjour (HKLM\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
Task: {D933C4BF-1531-4450-97E4-80E378E59952} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION
2014-03-11 05:26 - 2014-03-11 05:26 - 00110592 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\0.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00184320 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\1.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00905216 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\2.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00086016 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\4.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00163840 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\5.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00110592 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\0.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00184320 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\1.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00090112 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\2.mdd
2014-03-11 05:26 - 2014-03-11 05:26 - 00163840 _____ () C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\3.mdd
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => "Service"=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BavSvc => "Service"=""
end
*****************
HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => Value deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
C:\Users\Lu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcendgajlhoaiiccpijilcpmgphfflnj => Moved successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\kcendgajlhoaiiccpijilcpmgphfflnj => Key deleted successfully.
C:\Users\Lu\AppData\Local\newhb.crx => Moved successfully.
BdApiUtil => Service deleted successfully.
Bhbase => Service deleted successfully.
BprotectEx => Service deleted successfully.
PCFApiUtil => Service deleted successfully.
C:\Program Files\Bonjour => Moved successfully.
C:\Program Files\Baidu Security => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D933C4BF-1531-4450-97E4-80E378E59952} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D933C4BF-1531-4450-97E4-80E378E59952} => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0 => Key deleted successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\0.mdd => Moved successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\1.mdd => Moved successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\2.mdd => Moved successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\4.mdd => Moved successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10388.~lk\5.mdd => Moved successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\0.mdd => Moved successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\1.mdd => Moved successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\2.mdd => Moved successfully.
C:\Users\Lu\AppData\Local\Temp\wrd10570.~lk\3.mdd => Moved successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\BavSvc => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\SafeBoot\Network\BavSvc => Key deleted successfully.
==== End of Fixlog ====
emily00- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 09/03/2014
Re: Virus de Navegador
por Power Max Qua 12 Mar 2014, 20:47
Como está o computador depois destas limpezas?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Virus de Navegador
por emily00 Qua 12 Mar 2014, 22:48
O navegador voltou ao normal. Só o anúncio da positivo permanece na área de trabalho, eu consigo fechá-lo clicando com o botão direito na barra de tarefas e em fechar, mas quando eu ligo o computador ele reaparece. Ele também estava no menu iniciar com o nome de registro mas eu removi ele da lista. O Windows está demorando um pouquinho mais para iniciar do que costumava demorar.
emily00- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 09/03/2014
Re: Virus de Navegador
por Power Max Qui 13 Mar 2014, 10:55
Há programas desnecessários iniciando junto com o Windows, o que torna o seu PC mais lento. Para corrigir isto, siga as dicas deste tutorial:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
De preferência deixe apenas os programas de segurança (anti-vírus/anti-spywares/firewall) iniciarem junto com o Windows.
Use também o programa Ccleaner, indicado neste tutorial acima, para fazer uma limpeza e otimização do PC agora e de tempos em tempos.
Depois disto nos diga como está o PC.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Virus de Navegador
por emily00 Sex 14 Mar 2014, 15:10
O computador está funcionando bem, voltou ao normal, obrigada por tudo!
emily00- Iniciante
- Mensagens : 20
Reputação : 0
Data de inscrição : 09/03/2014
Re: Virus de Navegador
por Power Max Sex 14 Mar 2014, 15:12
Fico feliz que o problema tenha sido resolvido. Só para finalizar siga este tutorial abaixo, por gentileza:[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
_______________________________________________________________________________________________________________________
Para remover os programas usados na limpeza deste PC e criar um novo ponto de restauração seguro e sem problemas, utilize o DelFix seguindo as dicas [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]._______________________________________________________________________________________________________________________
Foi um prazer ajudar. Conte sempre conosco!
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Re: Virus de Navegador
por Power Max Seg 24 Mar 2014, 13:54
CASO RESOLVIDO
Caso a autora do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Caso a autora do tópico necessite, o mesmo será reaberto, para isso deverá entrar em contato com um dos membros da [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] solicitando o desbloqueio.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
Página 2 de 2 • 1, 2
Página 2 de 2
Permissões neste sub-fórum
Não podes responder a tópicos|
|
|