Social bookmarking
Conservar e compartilhar o endereço de PC Seguro em seu site de social bookmarking
Conservar e compartilhar o endereço de Fórum PC Brasil em seu site de social bookmarking
Estatísticas
Temos 14810 usuários registradosO último membro registrado é Josevinil
Os nossos membros postaram um total de 36047 mensagens em 3685 assuntos
Quem está conectado?
Há 23 usuários online :: 0 registrados, 0 invisíveis e 23 visitantes Nenhum
O recorde de usuários online foi de 301 em Ter 26 Out 2021, 15:28
Procurar
Top dos mais postadores
Power Max | ||||
joram | ||||
Wings [In Memoriam] | ||||
caedurodrigues | ||||
Amigo Brasileiro | ||||
luizvilarinho | ||||
Danii | ||||
Admin | ||||
Danilo Marsaro | ||||
Andreata |
sweet page.com
2 participantes
Página 3 de 4
Página 3 de 4 • 1, 2, 3, 4
Re: sweet page.com
É porque o FARBAR cria dois relatórios: FRST64.txt e Addition.txt. Mas você postou só o Addition.txt
Está faltando o FRST64.txt
Está faltando o FRST64.txt
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
sweet page
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-03-2014 01
Ran by anacleto silva (administrator) on ANACLETO-PC on 08-03-2014 17:00:20
Running from C:\Users\anacleto silva\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZSD1YX3H
Windows 8 Single Language (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\accelerometerST.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-21] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BtTray] - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [363520 2012-08-02] (IVT Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3567800 2013-10-27] (AVAST Software)
HKLM-x32\...\Run: [fst_br_55] - [X]
HKLM-x32\...\Run: [fst_br_27] - [X]
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
Winlogon\Notify\ GbPluginUni-x32: C:\Program Files (x86)\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)
HKU\S-1-5-21-874636910-2500813232-2263662910-1002\...\Run: [AccelerometerSysTrayApplet] - C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe [74144 2012-08-23] (Hewlett-Packard Company)
HKU\S-1-5-21-874636910-2500813232-2263662910-1002\...\Run: [uTorrent] - C:\Users\anacleto silva\AppData\Roaming\uTorrent\uTorrent.exe [905296 2014-01-29] (BitTorrent Inc.)
Startup: C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 3050 J610 series.lnk
ShortcutTarget: Monitorar alertas de tinta - HP Deskjet 3050 J610 series.lnk -> C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCEF727212823CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - {5a15c091-f3c2-4c8f-8964-e3434a2a4a95} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1513528 2013-11-22] (Banco Itaú Unibanco)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
==================== Services (Whitelisted) =================
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-08] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-27] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1544192 2012-08-02] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-07-10] (IVT Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [519720 2014-02-21] (GAS Tecnologia)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-03-03] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\ANACLE~1\AppData\Local\Temp\7zS312E\hpslpsvc64.dll [X]
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-27] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-18] (Advanced Micro Devices)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg;
U4 BthHFEnum;
U4 bthhfhid;
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-08] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 fcusbser; C:\Windows\system32\DRIVERS\fcusbser.sys [119552 2010-06-03] (BM)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]
S3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X]
S3 BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [X]
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 SmbDrv; \SystemRoot\System32\drivers\Smb_driver_AMDASF.sys [X]
S3 SmbDrvI; \SystemRoot\System32\drivers\Smb_driver_Intel.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-08 16:40 - 2014-03-08 17:00 - 00000000 ___DC () C:\FRST
2014-03-08 16:14 - 2014-03-08 16:14 - 00001985 _____ () C:\Users\anacleto silva\Desktop\JRT.txt
2014-03-08 15:50 - 2014-03-08 14:50 - 00018260 ____C () C:\zoek-results2014-03-08-175051.log
2014-03-08 15:49 - 2014-03-08 15:49 - 00000000 ____D () C:\Users\anacleto silva\Downloads\zoek
2014-03-08 15:48 - 2014-03-08 15:49 - 04093477 _____ () C:\Users\anacleto silva\Downloads\zoek.zip
2014-03-08 15:47 - 2014-03-08 15:50 - 00000570 ____C () C:\runcheck.txt
2014-03-08 15:10 - 2014-03-08 15:10 - 00000000 ____D () C:\Windows\ERUNT
2014-03-08 14:23 - 2014-03-08 15:50 - 00000463 ____C () C:\zoek-results.log
2014-03-08 14:19 - 2014-03-08 14:44 - 00000000 ___DC () C:\zoek_backup
2014-03-08 13:25 - 2014-03-08 13:25 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-03-08 13:24 - 2014-03-08 13:24 - 00262144 _____ () C:\Windows\Minidump\030814-39296-01.dmp
2014-03-07 17:40 - 2014-03-07 17:40 - 00007681 _____ () C:\Users\anacleto silva\Desktop\ZHPFixReport.txt
2014-03-06 21:50 - 2014-03-06 21:50 - 00035566 _____ () C:\Users\anacleto silva\Desktop\ZHPDiag.txt
2014-03-06 21:46 - 2014-03-06 21:47 - 00000040 _____ () C:\Users\anacleto
2014-03-06 21:44 - 2014-03-08 16:18 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-03-06 21:44 - 2014-03-07 17:40 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\ZHP
2014-03-06 21:44 - 2014-03-06 21:44 - 00001947 _____ () C:\Users\anacleto silva\Desktop\ZHPFix.lnk
2014-03-06 21:44 - 2014-03-06 21:44 - 00001820 _____ () C:\Users\anacleto silva\Desktop\ZHPDiag.lnk
2014-03-03 21:49 - 2014-03-03 21:49 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-03 21:49 - 2014-03-03 21:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-03 21:49 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-03 20:38 - 2014-03-03 20:45 - 00000000 ___DC () C:\AdwCleaner
2014-03-03 17:30 - 2014-03-03 17:30 - 00280688 _____ () C:\Windows\Minidump\030314-41355-01.dmp
2014-03-03 15:22 - 2014-03-03 15:22 - 00000000 ____C () C:\autoexec.bat
2014-03-03 15:21 - 2014-03-03 16:25 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-03-03 15:21 - 2014-03-03 15:21 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-03 00:18 - 2014-03-03 00:27 - 00000000 ____D () C:\Users\Todos os Usuários\IObit
2014-03-03 00:18 - 2014-03-03 00:27 - 00000000 ____D () C:\ProgramData\IObit
2014-03-03 00:18 - 2014-03-03 00:18 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\ProductData
2014-03-03 00:18 - 2014-03-03 00:18 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\IObit
2014-03-03 00:17 - 2014-03-03 00:17 - 00000000 ____D () C:\Users\Todos os Usuários\Real
2014-03-03 00:17 - 2014-03-03 00:17 - 00000000 ____D () C:\ProgramData\Real
2014-03-03 00:17 - 2014-03-03 00:17 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-03-01 18:56 - 2014-03-01 18:56 - 00000000 ____D () C:\Users\Todos os Usuários\Log
2014-03-01 18:56 - 2014-03-01 18:56 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-03-01 18:56 - 2014-03-01 18:56 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\Malwarebytes
2014-03-01 18:56 - 2014-03-01 18:56 - 00000000 ____D () C:\ProgramData\Log
2014-03-01 18:55 - 2014-03-01 18:55 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-03-01 18:55 - 2014-03-01 18:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-01 17:58 - 2013-12-07 03:36 - 19751936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-01 17:58 - 2013-12-07 02:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-01 16:21 - 2014-03-01 16:22 - 00000702 _____ () C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Você não está conectado a uma rede.website
2014-03-01 16:17 - 2014-03-01 18:57 - 00000765 _____ () C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Como remover Sweet-page.com vírus - malwarerid.com.br.website
2014-03-01 15:32 - 2014-03-01 15:32 - 00000000 ___DC () C:\$WINDOWS.~BT
2014-03-01 14:31 - 2014-03-01 14:31 - 00000000 ___DC () C:\des
2014-03-01 14:31 - 2011-04-13 20:02 - 00000000 ___DC () C:\sources
2014-03-01 14:27 - 2014-03-01 14:27 - 00451199 _____ () C:\Users\anacleto silva\Desktop\Inst_W7_descomplicado.net.exe
2014-03-01 14:04 - 2014-03-01 15:32 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-03-01 14:04 - 2014-03-01 15:32 - 00001908 _____ () C:\Windows\diagerr.xml
2014-02-21 00:31 - 2014-02-21 00:32 - 00000000 ____D () C:\Users\anacleto silva\Downloads\Whitney Houston - Greatest Hits
2014-02-20 23:49 - 2014-02-21 00:05 - 00000000 ____D () C:\Users\anacleto silva\Downloads\DJ Ant-Lo - The Best Of Monica-2011-MIXFIEND
2014-02-19 18:53 - 2014-02-19 18:53 - 00000044 _____ () C:\Users\anacleto silva\AppData\Roaming\WB.CFG
2014-02-12 12:13 - 2014-02-01 06:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 12:13 - 2014-02-01 06:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 12:13 - 2014-02-01 06:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 12:13 - 2014-02-01 06:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-12 12:13 - 2014-02-01 06:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 12:13 - 2014-02-01 04:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 12:13 - 2014-02-01 04:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 12:13 - 2014-02-01 04:58 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-12 12:13 - 2014-02-01 04:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 12:13 - 2014-02-01 04:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 12:13 - 2014-02-01 04:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 12:13 - 2014-02-01 04:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-12 12:13 - 2014-02-01 04:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 12:13 - 2014-02-01 04:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 12:13 - 2014-02-01 04:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 12:13 - 2014-02-01 04:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 12:13 - 2014-02-01 04:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 12:13 - 2014-02-01 02:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-02-12 12:13 - 2013-12-08 21:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 12:13 - 2013-12-08 20:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 12:13 - 2013-12-04 20:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 12:13 - 2013-12-04 20:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 12:13 - 2013-12-04 20:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 12:13 - 2013-12-04 20:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 12:13 - 2013-11-26 21:19 - 00385614 _____ () C:\Windows\system32\ApnDatabase.xml
2014-02-12 12:13 - 2013-11-25 20:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-02-12 12:13 - 2013-11-01 02:53 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-12 12:12 - 2014-02-01 06:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 12:12 - 2014-02-01 06:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 12:12 - 2014-02-01 04:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 12:12 - 2014-02-01 04:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 12:12 - 2014-02-01 04:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 12:12 - 2014-02-01 04:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-12 12:10 - 2014-01-12 20:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 12:10 - 2014-01-12 20:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 12:10 - 2013-11-19 21:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 12:10 - 2013-11-19 20:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 12:01 - 2014-02-12 12:01 - 00002145 _____ () C:\Users\Public\Desktop\HP Support Assistant.lnk
2014-02-12 12:00 - 2014-02-12 12:00 - 00000000 ____D () C:\Users\Usuário Padrão\AppData\Roaming\hpqLog
2014-02-12 12:00 - 2014-02-12 12:00 - 00000000 ____D () C:\Users\Default\AppData\Roaming\hpqLog
2014-02-12 12:00 - 2014-02-12 12:00 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\hpqLog
2014-02-07 00:24 - 2014-02-07 00:24 - 00000000 ____D () C:\Users\anacleto silva\Downloads\Shakira Discography 1991 - 2010 [MP3 320 - Stepherd]
2014-02-06 23:46 - 2014-02-06 23:46 - 00000000 ____D () C:\Users\anacleto silva\Downloads\Alicia Keys-Greatest Hits
2014-02-06 18:46 - 2014-02-06 18:48 - 00000000 ____D () C:\Users\anacleto silva\Downloads\CELINE DION-THE GREATEST HITS
==================== One Month Modified Files and Folders =======
2014-03-08 17:00 - 2014-03-08 16:40 - 00000000 ___DC () C:\FRST
2014-03-08 17:00 - 2012-07-26 05:12 - 00000000 ____D () C:\Windows\system32\sru
2014-03-08 16:32 - 2012-07-26 05:12 - 00000000 ____D () C:\Windows\tracing
2014-03-08 16:18 - 2014-03-06 21:44 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-03-08 16:14 - 2014-03-08 16:14 - 00001985 _____ () C:\Users\anacleto silva\Desktop\JRT.txt
2014-03-08 16:12 - 2013-03-16 18:30 - 01099298 _____ () C:\Windows\WindowsUpdate.log
2014-03-08 16:04 - 2013-10-27 11:08 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-08 15:56 - 2012-09-26 02:50 - 00792452 _____ () C:\Windows\system32\prfh0416.dat
2014-03-08 15:56 - 2012-09-26 02:50 - 00166504 _____ () C:\Windows\system32\prfc0416.dat
2014-03-08 15:56 - 2012-07-26 04:28 - 01900858 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-08 15:55 - 2012-08-10 17:45 - 00000821 _____ () C:\Windows\SysWOW64\bscs.ini
2014-03-08 15:52 - 2013-07-09 00:03 - 00000440 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-03-08 15:52 - 2013-03-16 17:26 - 00004524 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI
2014-03-08 15:52 - 2013-03-16 17:26 - 00000043 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI
2014-03-08 15:51 - 2013-07-06 20:03 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-03-08 15:51 - 2013-04-22 11:16 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\SysWOW64\Drivers\gbpndisrd.sys
2014-03-08 15:51 - 2013-04-22 11:16 - 00010266 _____ () C:\Windows\SysWOW64\Drivers\ndisrd.cat
2014-03-08 15:51 - 2013-04-22 11:16 - 00001402 _____ () C:\Windows\SysWOW64\Drivers\gas.cer
2014-03-08 15:51 - 2012-08-03 19:23 - 00589778 _____ () C:\Windows\PFRO.log
2014-03-08 15:51 - 2012-07-26 04:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-08 15:50 - 2014-03-08 15:47 - 00000570 ____C () C:\runcheck.txt
2014-03-08 15:50 - 2014-03-08 14:23 - 00000463 ____C () C:\zoek-results.log
2014-03-08 15:49 - 2014-03-08 15:49 - 00000000 ____D () C:\Users\anacleto silva\Downloads\zoek
2014-03-08 15:49 - 2014-03-08 15:48 - 04093477 _____ () C:\Users\anacleto silva\Downloads\zoek.zip
2014-03-08 15:10 - 2014-03-08 15:10 - 00000000 ____D () C:\Windows\ERUNT
2014-03-08 14:50 - 2014-03-08 15:50 - 00018260 ____C () C:\zoek-results2014-03-08-175051.log
2014-03-08 14:49 - 2013-03-23 13:19 - 00000000 ____D () C:\Users\Todos os Usuários\GbPlugin
2014-03-08 14:49 - 2013-03-23 13:19 - 00000000 ____D () C:\ProgramData\GbPlugin
2014-03-08 14:48 - 2012-07-26 02:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-03-08 14:44 - 2014-03-08 14:19 - 00000000 ___DC () C:\zoek_backup
2014-03-08 14:43 - 2013-03-16 18:31 - 00000000 ____D () C:\Users\anacleto silva
2014-03-08 13:32 - 2014-01-24 12:35 - 00003990 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{31D54692-D9EB-40B5-8642-4BD457C0AA4E}
2014-03-08 13:25 - 2014-03-08 13:25 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-03-08 13:24 - 2014-03-08 13:24 - 00262144 _____ () C:\Windows\Minidump\030814-39296-01.dmp
2014-03-08 13:24 - 2013-06-20 19:13 - 420841265 _____ () C:\Windows\MEMORY.DMP
2014-03-08 13:24 - 2013-06-20 19:13 - 00000000 ____D () C:\Windows\Minidump
2014-03-08 02:21 - 2013-03-16 17:31 - 00000000 ____D () C:\Users\Todos os Usuários\CyberLink
2014-03-08 02:21 - 2013-03-16 17:31 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-08 02:08 - 2013-03-23 01:18 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-08 02:07 - 2013-05-25 22:29 - 00000000 ____D () C:\Users\anacleto silva\Documents\CyberLink
2014-03-08 02:07 - 2013-03-18 01:56 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\CyberLink
2014-03-07 20:41 - 2013-03-16 18:38 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-874636910-2500813232-2263662910-1002
2014-03-07 17:40 - 2014-03-07 17:40 - 00007681 _____ () C:\Users\anacleto silva\Desktop\ZHPFixReport.txt
2014-03-07 17:40 - 2014-03-06 21:44 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\ZHP
2014-03-06 21:50 - 2014-03-06 21:50 - 00035566 _____ () C:\Users\anacleto silva\Desktop\ZHPDiag.txt
2014-03-06 21:47 - 2014-03-06 21:46 - 00000040 _____ () C:\Users\anacleto
2014-03-06 21:44 - 2014-03-06 21:44 - 00001947 _____ () C:\Users\anacleto silva\Desktop\ZHPFix.lnk
2014-03-06 21:44 - 2014-03-06 21:44 - 00001820 _____ () C:\Users\anacleto silva\Desktop\ZHPDiag.lnk
2014-03-06 19:31 - 2012-07-26 05:12 - 00000000 ____D () C:\Windows\rescache
2014-03-03 23:28 - 2012-07-26 05:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-03-03 21:49 - 2014-03-03 21:49 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-03 21:49 - 2014-03-03 21:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-03 20:45 - 2014-03-03 20:38 - 00000000 ___DC () C:\AdwCleaner
2014-03-03 20:45 - 2013-03-16 18:32 - 00000983 _____ () C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-03 18:43 - 2013-03-21 21:38 - 00000000 ____D () C:\Users\anacleto silva\AppData\Local\Facebook
2014-03-03 17:33 - 2013-03-17 13:52 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-03 17:30 - 2014-03-03 17:30 - 00280688 _____ () C:\Windows\Minidump\030314-41355-01.dmp
2014-03-03 16:25 - 2014-03-03 15:21 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-03-03 15:22 - 2014-03-03 15:22 - 00000000 ____C () C:\autoexec.bat
2014-03-03 15:21 - 2014-03-03 15:21 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-03 00:31 - 2013-09-30 22:48 - 00000000 ____D () C:\Program Files (x86)\Free Easy CD DVD Burner
2014-03-03 00:27 - 2014-03-03 00:18 - 00000000 ____D () C:\Users\Todos os Usuários\IObit
2014-03-03 00:27 - 2014-03-03 00:18 - 00000000 ____D () C:\ProgramData\IObit
2014-03-03 00:19 - 2013-10-29 00:47 - 00000029 _____ () C:\Windows\SysWOW64\config.ini
2014-03-03 00:18 - 2014-03-03 00:18 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\ProductData
2014-03-03 00:18 - 2014-03-03 00:18 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\IObit
2014-03-03 00:17 - 2014-03-03 00:17 - 00000000 ____D () C:\Users\Todos os Usuários\Real
2014-03-03 00:17 - 2014-03-03 00:17 - 00000000 ____D () C:\ProgramData\Real
2014-03-03 00:17 - 2014-03-03 00:17 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-03-01 18:57 - 2014-03-01 16:17 - 00000765 _____ () C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Como remover Sweet-page.com vírus - malwarerid.com.br.website
2014-03-01 18:56 - 2014-03-01 18:56 - 00000000 ____D () C:\Users\Todos os Usuários\Log
2014-03-01 18:56 - 2014-03-01 18:56 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-03-01 18:56 - 2014-03-01 18:56 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\Malwarebytes
2014-03-01 18:56 - 2014-03-01 18:56 - 00000000 ____D () C:\ProgramData\Log
2014-03-01 18:55 - 2014-03-01 18:55 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-03-01 18:55 - 2014-03-01 18:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-01 18:06 - 2013-03-16 18:32 - 00000000 ___RD () C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-01 18:06 - 2013-03-16 18:32 - 00000000 ___RD () C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-01 18:01 - 2012-07-26 05:12 - 00000000 ___RD () C:\Windows\ToastData
2014-03-01 17:59 - 2013-03-16 17:20 - 00004250 _____ () C:\Windows\system32\RaCoInst.log
2014-03-01 17:59 - 2012-07-26 04:21 - 00001518 _____ () C:\Windows\setupact.log
2014-03-01 17:31 - 2013-03-16 17:28 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
2014-03-01 16:23 - 2013-05-13 22:51 - 00000471 _____ () C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2014-03-01 16:22 - 2014-03-01 16:21 - 00000702 _____ () C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Você não está conectado a uma rede.website
2014-03-01 16:21 - 2012-07-26 05:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-01 15:53 - 2013-03-17 20:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-01 15:53 - 2013-03-17 14:00 - 00000000 ____D () C:\Users\anacleto silva\AppData\Local\Google
2014-03-01 15:40 - 2013-04-12 18:01 - 00000000 ____D () C:\Users\anacleto silva\AppData\Local\Deployment
2014-03-01 15:32 - 2014-03-01 15:32 - 00000000 ___DC () C:\$WINDOWS.~BT
2014-03-01 15:32 - 2014-03-01 14:04 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-03-01 15:32 - 2014-03-01 14:04 - 00001908 _____ () C:\Windows\diagerr.xml
2014-03-01 15:31 - 2012-07-26 04:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-01 14:31 - 2014-03-01 14:31 - 00000000 ___DC () C:\des
2014-03-01 14:27 - 2014-03-01 14:27 - 00451199 _____ () C:\Users\anacleto silva\Desktop\Inst_W7_descomplicado.net.exe
2014-03-01 01:28 - 2013-03-18 01:56 - 00000000 ____D () C:\Users\anacleto silva\Documents\Youcam
2014-02-28 23:41 - 2013-03-23 13:19 - 00000000 ____D () C:\Program Files (x86)\GbPlugin
2014-02-24 03:21 - 2013-09-30 22:49 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\FreeBurner
2014-02-21 01:38 - 2013-04-19 22:11 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\uTorrent
2014-02-21 00:32 - 2014-02-21 00:31 - 00000000 ____D () C:\Users\anacleto silva\Downloads\Whitney Houston - Greatest Hits
2014-02-21 00:05 - 2014-02-20 23:49 - 00000000 ____D () C:\Users\anacleto silva\Downloads\DJ Ant-Lo - The Best Of Monica-2011-MIXFIEND
2014-02-19 18:53 - 2014-02-19 18:53 - 00000044 _____ () C:\Users\anacleto silva\AppData\Roaming\WB.CFG
2014-02-17 19:03 - 2013-11-13 16:21 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 19:03 - 2013-11-13 16:21 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-15 23:49 - 2013-07-24 18:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-15 23:44 - 2013-03-18 15:22 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-12 12:01 - 2014-02-12 12:01 - 00002145 _____ () C:\Users\Public\Desktop\HP Support Assistant.lnk
2014-02-12 12:00 - 2014-02-12 12:00 - 00000000 ____D () C:\Users\Usuário Padrão\AppData\Roaming\hpqLog
2014-02-12 12:00 - 2014-02-12 12:00 - 00000000 ____D () C:\Users\Default\AppData\Roaming\hpqLog
2014-02-12 12:00 - 2014-02-12 12:00 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\hpqLog
2014-02-11 21:06 - 2013-03-16 17:23 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-02-11 17:58 - 2013-03-16 17:19 - 00000000 ____D () C:\Users\Todos os Usuários\Hewlett-Packard
2014-02-11 17:58 - 2013-03-16 17:19 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-11 17:57 - 2012-08-03 21:02 - 00000000 ____D () C:\SWSetup
2014-02-10 10:28 - 2013-03-25 15:35 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-10 10:28 - 2013-03-25 15:35 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-07 21:55 - 2013-09-26 16:21 - 00000000 ____D () C:\Users\anacleto silva\Documents\FileSizer
2014-02-07 00:24 - 2014-02-07 00:24 - 00000000 ____D () C:\Users\anacleto silva\Downloads\Shakira Discography 1991 - 2010 [MP3 320 - Stepherd]
2014-02-06 23:46 - 2014-02-06 23:46 - 00000000 ____D () C:\Users\anacleto silva\Downloads\Alicia Keys-Greatest Hits
2014-02-06 18:48 - 2014-02-06 18:46 - 00000000 ____D () C:\Users\anacleto silva\Downloads\CELINE DION-THE GREATEST HITS
2014-02-06 00:16 - 2013-09-26 15:31 - 00000000 ____D () C:\Users\anacleto silva\AppData\Local\Windows Live
2014-02-06 00:14 - 2012-07-26 05:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
Some content of TEMP:
====================
C:\Users\anacleto silva\AppData\Local\Temp\7za.exe
C:\Users\anacleto silva\AppData\Local\Temp\hijackthis.exe
C:\Users\anacleto silva\AppData\Local\Temp\NirCmd.exe
C:\Users\anacleto silva\AppData\Local\Temp\PEVZ.EXE
C:\Users\anacleto silva\AppData\Local\Temp\remove.exe
C:\Users\anacleto silva\AppData\Local\Temp\sed.exe
C:\Users\anacleto silva\AppData\Local\Temp\shortcut.exe
C:\Users\anacleto silva\AppData\Local\Temp\swreg.exe
C:\Users\anacleto silva\AppData\Local\Temp\swxcacls.exe
C:\Users\anacleto silva\AppData\Local\Temp\wget.exe
C:\Users\anacleto silva\AppData\Local\Temp\zoek-delete.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-28 19:07
==================== End Of Log ============================
Ran by anacleto silva (administrator) on ANACLETO-PC on 08-03-2014 17:00:20
Running from C:\Users\anacleto silva\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZSD1YX3H
Windows 8 Single Language (X64) OS Language: Portuguese Brazilian
Internet Explorer Version 10
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link for 64-Bit Version: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
==================== Processes (Whitelisted) =================
(GAS Tecnologia) C:\Program Files (x86)\GbPlugin\gbpsv.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1114.318_x64__8wekyb3d8bbwe\LiveComm.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\accelerometerST.exe
(IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-07-21] (IDT, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BtTray] - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [363520 2012-08-02] (IVT Corporation)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [CLVirtualDrive] - C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3567800 2013-10-27] (AVAST Software)
HKLM-x32\...\Run: [fst_br_55] - [X]
HKLM-x32\...\Run: [fst_br_27] - [X]
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
Winlogon\Notify\ GbPluginBb-x32: C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
Winlogon\Notify\ GbPluginUni-x32: C:\Program Files (x86)\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)
HKU\S-1-5-21-874636910-2500813232-2263662910-1002\...\Run: [AccelerometerSysTrayApplet] - C:\Program Files\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.Exe [74144 2012-08-23] (Hewlett-Packard Company)
HKU\S-1-5-21-874636910-2500813232-2263662910-1002\...\Run: [uTorrent] - C:\Users\anacleto silva\AppData\Roaming\uTorrent\uTorrent.exe [905296 2014-01-29] (BitTorrent Inc.)
Startup: C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitorar alertas de tinta - HP Deskjet 3050 J610 series.lnk
ShortcutTarget: Monitorar alertas de tinta - HP Deskjet 3050 J610 series.lnk -> C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xCEF727212823CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-BR
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM-x32 - {5a15c091-f3c2-4c8f-8964-e3434a2a4a95} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES (X86)\GBPLUGIN\gbieh.dll (Banco do Brasil)
BHO-x32: GbIehObj Class - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll [1582632 2014-02-21] (Banco do Brasil)
ShellExecuteHooks-x32: GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Program Files (x86)\GbPlugin\gbiehuni.dll [1513528 2013-11-22] (Banco Itaú Unibanco)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
==================== Services (Whitelisted) =================
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-08] (Advanced Micro Devices, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-10-27] (AVAST Software)
R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1544192 2012-08-02] (IVT Corporation)
R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2012-07-10] (IVT Corporation)
R2 GbpSv; C:\Program Files (x86)\GbPlugin\gbpsv.exe [519720 2014-02-21] (GAS Tecnologia)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-03-03] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-01] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\ANACLE~1\AppData\Local\Temp\7zS312E\hpslpsvc64.dll [X]
==================== Drivers (Whitelisted) ====================
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-10-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-10-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-10-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-10-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-10-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-10-27] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-18] (Advanced Micro Devices)
R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation)
U4 BthAvrcpTg;
U4 BthHFEnum;
U4 bthhfhid;
R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-25] (Microsoft Corporation)
R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [48736 2012-08-08] (Ralink Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 fcusbser; C:\Windows\system32\DRIVERS\fcusbser.sys [119552 2010-06-03] (BM)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]
S3 BdApiUtil; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdApiUtil64.sys [X]
S3 BdCameraProtect; \??\C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BdCameraProtect64.sys [X]
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [34912 2012-06-15] (Ralink Corporation.)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 SmbDrv; \SystemRoot\System32\drivers\Smb_driver_AMDASF.sys [X]
S3 SmbDrvI; \SystemRoot\System32\drivers\Smb_driver_Intel.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-08 16:40 - 2014-03-08 17:00 - 00000000 ___DC () C:\FRST
2014-03-08 16:14 - 2014-03-08 16:14 - 00001985 _____ () C:\Users\anacleto silva\Desktop\JRT.txt
2014-03-08 15:50 - 2014-03-08 14:50 - 00018260 ____C () C:\zoek-results2014-03-08-175051.log
2014-03-08 15:49 - 2014-03-08 15:49 - 00000000 ____D () C:\Users\anacleto silva\Downloads\zoek
2014-03-08 15:48 - 2014-03-08 15:49 - 04093477 _____ () C:\Users\anacleto silva\Downloads\zoek.zip
2014-03-08 15:47 - 2014-03-08 15:50 - 00000570 ____C () C:\runcheck.txt
2014-03-08 15:10 - 2014-03-08 15:10 - 00000000 ____D () C:\Windows\ERUNT
2014-03-08 14:23 - 2014-03-08 15:50 - 00000463 ____C () C:\zoek-results.log
2014-03-08 14:19 - 2014-03-08 14:44 - 00000000 ___DC () C:\zoek_backup
2014-03-08 13:25 - 2014-03-08 13:25 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-03-08 13:24 - 2014-03-08 13:24 - 00262144 _____ () C:\Windows\Minidump\030814-39296-01.dmp
2014-03-07 17:40 - 2014-03-07 17:40 - 00007681 _____ () C:\Users\anacleto silva\Desktop\ZHPFixReport.txt
2014-03-06 21:50 - 2014-03-06 21:50 - 00035566 _____ () C:\Users\anacleto silva\Desktop\ZHPDiag.txt
2014-03-06 21:46 - 2014-03-06 21:47 - 00000040 _____ () C:\Users\anacleto
2014-03-06 21:44 - 2014-03-08 16:18 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-03-06 21:44 - 2014-03-07 17:40 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\ZHP
2014-03-06 21:44 - 2014-03-06 21:44 - 00001947 _____ () C:\Users\anacleto silva\Desktop\ZHPFix.lnk
2014-03-06 21:44 - 2014-03-06 21:44 - 00001820 _____ () C:\Users\anacleto silva\Desktop\ZHPDiag.lnk
2014-03-03 21:49 - 2014-03-03 21:49 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-03 21:49 - 2014-03-03 21:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-03 21:49 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-03 20:38 - 2014-03-03 20:45 - 00000000 ___DC () C:\AdwCleaner
2014-03-03 17:30 - 2014-03-03 17:30 - 00280688 _____ () C:\Windows\Minidump\030314-41355-01.dmp
2014-03-03 15:22 - 2014-03-03 15:22 - 00000000 ____C () C:\autoexec.bat
2014-03-03 15:21 - 2014-03-03 16:25 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-03-03 15:21 - 2014-03-03 15:21 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-03 00:18 - 2014-03-03 00:27 - 00000000 ____D () C:\Users\Todos os Usuários\IObit
2014-03-03 00:18 - 2014-03-03 00:27 - 00000000 ____D () C:\ProgramData\IObit
2014-03-03 00:18 - 2014-03-03 00:18 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\ProductData
2014-03-03 00:18 - 2014-03-03 00:18 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\IObit
2014-03-03 00:17 - 2014-03-03 00:17 - 00000000 ____D () C:\Users\Todos os Usuários\Real
2014-03-03 00:17 - 2014-03-03 00:17 - 00000000 ____D () C:\ProgramData\Real
2014-03-03 00:17 - 2014-03-03 00:17 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-03-01 18:56 - 2014-03-01 18:56 - 00000000 ____D () C:\Users\Todos os Usuários\Log
2014-03-01 18:56 - 2014-03-01 18:56 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-03-01 18:56 - 2014-03-01 18:56 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\Malwarebytes
2014-03-01 18:56 - 2014-03-01 18:56 - 00000000 ____D () C:\ProgramData\Log
2014-03-01 18:55 - 2014-03-01 18:55 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-03-01 18:55 - 2014-03-01 18:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-01 17:58 - 2013-12-07 03:36 - 19751936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-01 17:58 - 2013-12-07 02:15 - 17560576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-01 16:21 - 2014-03-01 16:22 - 00000702 _____ () C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Você não está conectado a uma rede.website
2014-03-01 16:17 - 2014-03-01 18:57 - 00000765 _____ () C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Como remover Sweet-page.com vírus - malwarerid.com.br.website
2014-03-01 15:32 - 2014-03-01 15:32 - 00000000 ___DC () C:\$WINDOWS.~BT
2014-03-01 14:31 - 2014-03-01 14:31 - 00000000 ___DC () C:\des
2014-03-01 14:31 - 2011-04-13 20:02 - 00000000 ___DC () C:\sources
2014-03-01 14:27 - 2014-03-01 14:27 - 00451199 _____ () C:\Users\anacleto silva\Desktop\Inst_W7_descomplicado.net.exe
2014-03-01 14:04 - 2014-03-01 15:32 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-03-01 14:04 - 2014-03-01 15:32 - 00001908 _____ () C:\Windows\diagerr.xml
2014-02-21 00:31 - 2014-02-21 00:32 - 00000000 ____D () C:\Users\anacleto silva\Downloads\Whitney Houston - Greatest Hits
2014-02-20 23:49 - 2014-02-21 00:05 - 00000000 ____D () C:\Users\anacleto silva\Downloads\DJ Ant-Lo - The Best Of Monica-2011-MIXFIEND
2014-02-19 18:53 - 2014-02-19 18:53 - 00000044 _____ () C:\Users\anacleto silva\AppData\Roaming\WB.CFG
2014-02-12 12:13 - 2014-02-01 06:20 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-12 12:13 - 2014-02-01 06:19 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 12:13 - 2014-02-01 06:19 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 12:13 - 2014-02-01 06:19 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-02-12 12:13 - 2014-02-01 06:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 19274240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 15403520 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 12:13 - 2014-02-01 06:18 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-12 12:13 - 2014-02-01 04:58 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-12 12:13 - 2014-02-01 04:58 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-12 12:13 - 2014-02-01 04:58 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-02-12 12:13 - 2014-02-01 04:57 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-12 12:13 - 2014-02-01 04:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-12 12:13 - 2014-02-01 04:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-12 12:13 - 2014-02-01 04:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-02-12 12:13 - 2014-02-01 04:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-12 12:13 - 2014-02-01 04:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-12 12:13 - 2014-02-01 04:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-12 12:13 - 2014-02-01 04:40 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 12:13 - 2014-02-01 04:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-12 12:13 - 2014-02-01 02:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-02-12 12:13 - 2013-12-08 21:45 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-12 12:13 - 2013-12-08 20:59 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 12:13 - 2013-12-04 20:43 - 01845248 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-12 12:13 - 2013-12-04 20:43 - 00583680 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-12 12:13 - 2013-12-04 20:37 - 01419264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-12 12:13 - 2013-12-04 20:37 - 00451072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-12 12:13 - 2013-11-26 21:19 - 00385614 _____ () C:\Windows\system32\ApnDatabase.xml
2014-02-12 12:13 - 2013-11-25 20:17 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-02-12 12:13 - 2013-11-01 02:53 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-02-12 12:12 - 2014-02-01 06:18 - 03960320 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 12:12 - 2014-02-01 06:18 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 12:12 - 2014-02-01 04:57 - 14359040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-12 12:12 - 2014-02-01 04:57 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-12 12:12 - 2014-02-01 04:57 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-12 12:12 - 2014-02-01 04:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-12 12:10 - 2014-01-12 20:30 - 02238976 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-12 12:10 - 2014-01-12 20:30 - 02032640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-12 12:10 - 2013-11-19 21:15 - 03842560 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-12 12:10 - 2013-11-19 20:57 - 03288576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-12 12:01 - 2014-02-12 12:01 - 00002145 _____ () C:\Users\Public\Desktop\HP Support Assistant.lnk
2014-02-12 12:00 - 2014-02-12 12:00 - 00000000 ____D () C:\Users\Usuário Padrão\AppData\Roaming\hpqLog
2014-02-12 12:00 - 2014-02-12 12:00 - 00000000 ____D () C:\Users\Default\AppData\Roaming\hpqLog
2014-02-12 12:00 - 2014-02-12 12:00 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\hpqLog
2014-02-07 00:24 - 2014-02-07 00:24 - 00000000 ____D () C:\Users\anacleto silva\Downloads\Shakira Discography 1991 - 2010 [MP3 320 - Stepherd]
2014-02-06 23:46 - 2014-02-06 23:46 - 00000000 ____D () C:\Users\anacleto silva\Downloads\Alicia Keys-Greatest Hits
2014-02-06 18:46 - 2014-02-06 18:48 - 00000000 ____D () C:\Users\anacleto silva\Downloads\CELINE DION-THE GREATEST HITS
==================== One Month Modified Files and Folders =======
2014-03-08 17:00 - 2014-03-08 16:40 - 00000000 ___DC () C:\FRST
2014-03-08 17:00 - 2012-07-26 05:12 - 00000000 ____D () C:\Windows\system32\sru
2014-03-08 16:32 - 2012-07-26 05:12 - 00000000 ____D () C:\Windows\tracing
2014-03-08 16:18 - 2014-03-06 21:44 - 00000000 ____D () C:\Program Files (x86)\ZHPDiag
2014-03-08 16:14 - 2014-03-08 16:14 - 00001985 _____ () C:\Users\anacleto silva\Desktop\JRT.txt
2014-03-08 16:12 - 2013-03-16 18:30 - 01099298 _____ () C:\Windows\WindowsUpdate.log
2014-03-08 16:04 - 2013-10-27 11:08 - 00000902 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-08 15:56 - 2012-09-26 02:50 - 00792452 _____ () C:\Windows\system32\prfh0416.dat
2014-03-08 15:56 - 2012-09-26 02:50 - 00166504 _____ () C:\Windows\system32\prfc0416.dat
2014-03-08 15:56 - 2012-07-26 04:28 - 01900858 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-08 15:55 - 2012-08-10 17:45 - 00000821 _____ () C:\Windows\SysWOW64\bscs.ini
2014-03-08 15:52 - 2013-07-09 00:03 - 00000440 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-03-08 15:52 - 2013-03-16 17:26 - 00004524 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI
2014-03-08 15:52 - 2013-03-16 17:26 - 00000043 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI
2014-03-08 15:51 - 2013-07-06 20:03 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-03-08 15:51 - 2013-04-22 11:16 - 00031088 _____ (GbPlugin NDIS Device Driver) C:\Windows\SysWOW64\Drivers\gbpndisrd.sys
2014-03-08 15:51 - 2013-04-22 11:16 - 00010266 _____ () C:\Windows\SysWOW64\Drivers\ndisrd.cat
2014-03-08 15:51 - 2013-04-22 11:16 - 00001402 _____ () C:\Windows\SysWOW64\Drivers\gas.cer
2014-03-08 15:51 - 2012-08-03 19:23 - 00589778 _____ () C:\Windows\PFRO.log
2014-03-08 15:51 - 2012-07-26 04:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-08 15:50 - 2014-03-08 15:47 - 00000570 ____C () C:\runcheck.txt
2014-03-08 15:50 - 2014-03-08 14:23 - 00000463 ____C () C:\zoek-results.log
2014-03-08 15:49 - 2014-03-08 15:49 - 00000000 ____D () C:\Users\anacleto silva\Downloads\zoek
2014-03-08 15:49 - 2014-03-08 15:48 - 04093477 _____ () C:\Users\anacleto silva\Downloads\zoek.zip
2014-03-08 15:10 - 2014-03-08 15:10 - 00000000 ____D () C:\Windows\ERUNT
2014-03-08 14:50 - 2014-03-08 15:50 - 00018260 ____C () C:\zoek-results2014-03-08-175051.log
2014-03-08 14:49 - 2013-03-23 13:19 - 00000000 ____D () C:\Users\Todos os Usuários\GbPlugin
2014-03-08 14:49 - 2013-03-23 13:19 - 00000000 ____D () C:\ProgramData\GbPlugin
2014-03-08 14:48 - 2012-07-26 02:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-03-08 14:44 - 2014-03-08 14:19 - 00000000 ___DC () C:\zoek_backup
2014-03-08 14:43 - 2013-03-16 18:31 - 00000000 ____D () C:\Users\anacleto silva
2014-03-08 13:32 - 2014-01-24 12:35 - 00003990 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{31D54692-D9EB-40B5-8642-4BD457C0AA4E}
2014-03-08 13:25 - 2014-03-08 13:25 - 00000000 ____D () C:\Windows\LastGood.Tmp
2014-03-08 13:24 - 2014-03-08 13:24 - 00262144 _____ () C:\Windows\Minidump\030814-39296-01.dmp
2014-03-08 13:24 - 2013-06-20 19:13 - 420841265 _____ () C:\Windows\MEMORY.DMP
2014-03-08 13:24 - 2013-06-20 19:13 - 00000000 ____D () C:\Windows\Minidump
2014-03-08 02:21 - 2013-03-16 17:31 - 00000000 ____D () C:\Users\Todos os Usuários\CyberLink
2014-03-08 02:21 - 2013-03-16 17:31 - 00000000 ____D () C:\ProgramData\CyberLink
2014-03-08 02:08 - 2013-03-23 01:18 - 00000000 ____D () C:\Users\Public\CyberLink
2014-03-08 02:07 - 2013-05-25 22:29 - 00000000 ____D () C:\Users\anacleto silva\Documents\CyberLink
2014-03-08 02:07 - 2013-03-18 01:56 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\CyberLink
2014-03-07 20:41 - 2013-03-16 18:38 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-874636910-2500813232-2263662910-1002
2014-03-07 17:40 - 2014-03-07 17:40 - 00007681 _____ () C:\Users\anacleto silva\Desktop\ZHPFixReport.txt
2014-03-07 17:40 - 2014-03-06 21:44 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\ZHP
2014-03-06 21:50 - 2014-03-06 21:50 - 00035566 _____ () C:\Users\anacleto silva\Desktop\ZHPDiag.txt
2014-03-06 21:47 - 2014-03-06 21:46 - 00000040 _____ () C:\Users\anacleto
2014-03-06 21:44 - 2014-03-06 21:44 - 00001947 _____ () C:\Users\anacleto silva\Desktop\ZHPFix.lnk
2014-03-06 21:44 - 2014-03-06 21:44 - 00001820 _____ () C:\Users\anacleto silva\Desktop\ZHPDiag.lnk
2014-03-06 19:31 - 2012-07-26 05:12 - 00000000 ____D () C:\Windows\rescache
2014-03-03 23:28 - 2012-07-26 05:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-03-03 21:49 - 2014-03-03 21:49 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-03 21:49 - 2014-03-03 21:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-03 20:45 - 2014-03-03 20:38 - 00000000 ___DC () C:\AdwCleaner
2014-03-03 20:45 - 2013-03-16 18:32 - 00000983 _____ () C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-03 18:43 - 2013-03-21 21:38 - 00000000 ____D () C:\Users\anacleto silva\AppData\Local\Facebook
2014-03-03 17:33 - 2013-03-17 13:52 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-03 17:30 - 2014-03-03 17:30 - 00280688 _____ () C:\Windows\Minidump\030314-41355-01.dmp
2014-03-03 16:25 - 2014-03-03 15:21 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-03-03 15:22 - 2014-03-03 15:22 - 00000000 ____C () C:\autoexec.bat
2014-03-03 15:21 - 2014-03-03 15:21 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-03 00:31 - 2013-09-30 22:48 - 00000000 ____D () C:\Program Files (x86)\Free Easy CD DVD Burner
2014-03-03 00:27 - 2014-03-03 00:18 - 00000000 ____D () C:\Users\Todos os Usuários\IObit
2014-03-03 00:27 - 2014-03-03 00:18 - 00000000 ____D () C:\ProgramData\IObit
2014-03-03 00:19 - 2013-10-29 00:47 - 00000029 _____ () C:\Windows\SysWOW64\config.ini
2014-03-03 00:18 - 2014-03-03 00:18 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\ProductData
2014-03-03 00:18 - 2014-03-03 00:18 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\IObit
2014-03-03 00:17 - 2014-03-03 00:17 - 00000000 ____D () C:\Users\Todos os Usuários\Real
2014-03-03 00:17 - 2014-03-03 00:17 - 00000000 ____D () C:\ProgramData\Real
2014-03-03 00:17 - 2014-03-03 00:17 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-03-01 18:57 - 2014-03-01 16:17 - 00000765 _____ () C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Como remover Sweet-page.com vírus - malwarerid.com.br.website
2014-03-01 18:56 - 2014-03-01 18:56 - 00000000 ____D () C:\Users\Todos os Usuários\Log
2014-03-01 18:56 - 2014-03-01 18:56 - 00000000 ____D () C:\Users\Public\Documents\Baidu Security
2014-03-01 18:56 - 2014-03-01 18:56 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\Malwarebytes
2014-03-01 18:56 - 2014-03-01 18:56 - 00000000 ____D () C:\ProgramData\Log
2014-03-01 18:55 - 2014-03-01 18:55 - 00000000 ____D () C:\Users\Todos os Usuários\Malwarebytes
2014-03-01 18:55 - 2014-03-01 18:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-01 18:06 - 2013-03-16 18:32 - 00000000 ___RD () C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-01 18:06 - 2013-03-16 18:32 - 00000000 ___RD () C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-01 18:01 - 2012-07-26 05:12 - 00000000 ___RD () C:\Windows\ToastData
2014-03-01 17:59 - 2013-03-16 17:20 - 00004250 _____ () C:\Windows\system32\RaCoInst.log
2014-03-01 17:59 - 2012-07-26 04:21 - 00001518 _____ () C:\Windows\setupact.log
2014-03-01 17:31 - 2013-03-16 17:28 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
2014-03-01 16:23 - 2013-05-13 22:51 - 00000471 _____ () C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Google.website
2014-03-01 16:22 - 2014-03-01 16:21 - 00000702 _____ () C:\Users\anacleto silva\AppData\Roaming\Microsoft\Windows\Start Menu\Você não está conectado a uma rede.website
2014-03-01 16:21 - 2012-07-26 05:12 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-01 15:53 - 2013-03-17 20:45 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-01 15:53 - 2013-03-17 14:00 - 00000000 ____D () C:\Users\anacleto silva\AppData\Local\Google
2014-03-01 15:40 - 2013-04-12 18:01 - 00000000 ____D () C:\Users\anacleto silva\AppData\Local\Deployment
2014-03-01 15:32 - 2014-03-01 15:32 - 00000000 ___DC () C:\$WINDOWS.~BT
2014-03-01 15:32 - 2014-03-01 14:04 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-03-01 15:32 - 2014-03-01 14:04 - 00001908 _____ () C:\Windows\diagerr.xml
2014-03-01 15:31 - 2012-07-26 04:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-01 14:31 - 2014-03-01 14:31 - 00000000 ___DC () C:\des
2014-03-01 14:27 - 2014-03-01 14:27 - 00451199 _____ () C:\Users\anacleto silva\Desktop\Inst_W7_descomplicado.net.exe
2014-03-01 01:28 - 2013-03-18 01:56 - 00000000 ____D () C:\Users\anacleto silva\Documents\Youcam
2014-02-28 23:41 - 2013-03-23 13:19 - 00000000 ____D () C:\Program Files (x86)\GbPlugin
2014-02-24 03:21 - 2013-09-30 22:49 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\FreeBurner
2014-02-21 01:38 - 2013-04-19 22:11 - 00000000 ____D () C:\Users\anacleto silva\AppData\Roaming\uTorrent
2014-02-21 00:32 - 2014-02-21 00:31 - 00000000 ____D () C:\Users\anacleto silva\Downloads\Whitney Houston - Greatest Hits
2014-02-21 00:05 - 2014-02-20 23:49 - 00000000 ____D () C:\Users\anacleto silva\Downloads\DJ Ant-Lo - The Best Of Monica-2011-MIXFIEND
2014-02-19 18:53 - 2014-02-19 18:53 - 00000044 _____ () C:\Users\anacleto silva\AppData\Roaming\WB.CFG
2014-02-17 19:03 - 2013-11-13 16:21 - 00694240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-17 19:03 - 2013-11-13 16:21 - 00078304 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-15 23:49 - 2013-07-24 18:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-15 23:44 - 2013-03-18 15:22 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-12 12:01 - 2014-02-12 12:01 - 00002145 _____ () C:\Users\Public\Desktop\HP Support Assistant.lnk
2014-02-12 12:00 - 2014-02-12 12:00 - 00000000 ____D () C:\Users\Usuário Padrão\AppData\Roaming\hpqLog
2014-02-12 12:00 - 2014-02-12 12:00 - 00000000 ____D () C:\Users\Default\AppData\Roaming\hpqLog
2014-02-12 12:00 - 2014-02-12 12:00 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\hpqLog
2014-02-11 21:06 - 2013-03-16 17:23 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-02-11 17:58 - 2013-03-16 17:19 - 00000000 ____D () C:\Users\Todos os Usuários\Hewlett-Packard
2014-02-11 17:58 - 2013-03-16 17:19 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-02-11 17:57 - 2012-08-03 21:02 - 00000000 ____D () C:\SWSetup
2014-02-10 10:28 - 2013-03-25 15:35 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-10 10:28 - 2013-03-25 15:35 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-07 21:55 - 2013-09-26 16:21 - 00000000 ____D () C:\Users\anacleto silva\Documents\FileSizer
2014-02-07 00:24 - 2014-02-07 00:24 - 00000000 ____D () C:\Users\anacleto silva\Downloads\Shakira Discography 1991 - 2010 [MP3 320 - Stepherd]
2014-02-06 23:46 - 2014-02-06 23:46 - 00000000 ____D () C:\Users\anacleto silva\Downloads\Alicia Keys-Greatest Hits
2014-02-06 18:48 - 2014-02-06 18:46 - 00000000 ____D () C:\Users\anacleto silva\Downloads\CELINE DION-THE GREATEST HITS
2014-02-06 00:16 - 2013-09-26 15:31 - 00000000 ____D () C:\Users\anacleto silva\AppData\Local\Windows Live
2014-02-06 00:14 - 2012-07-26 05:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
Some content of TEMP:
====================
C:\Users\anacleto silva\AppData\Local\Temp\7za.exe
C:\Users\anacleto silva\AppData\Local\Temp\hijackthis.exe
C:\Users\anacleto silva\AppData\Local\Temp\NirCmd.exe
C:\Users\anacleto silva\AppData\Local\Temp\PEVZ.EXE
C:\Users\anacleto silva\AppData\Local\Temp\remove.exe
C:\Users\anacleto silva\AppData\Local\Temp\sed.exe
C:\Users\anacleto silva\AppData\Local\Temp\shortcut.exe
C:\Users\anacleto silva\AppData\Local\Temp\swreg.exe
C:\Users\anacleto silva\AppData\Local\Temp\swxcacls.exe
C:\Users\anacleto silva\AppData\Local\Temp\wget.exe
C:\Users\anacleto silva\AppData\Local\Temp\zoek-delete.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-28 19:07
==================== End Of Log ============================
anacleto silva- Membro
- Mensagens : 73
Reputação : 0
Data de inscrição : 28/02/2014
Idade : 46
Re: sweet page.com
Estou fazendo a análise do seu relatório. Enquanto isto lhe pergunto: está constando no seu relatório o programa spyhunter, que é meio problemático. Você quer removê-lo ou podemos deixar ele no seu PC?
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
aweet page
nem sei q programa é esse kkkkkkkkkkkkkkk
anacleto silva- Membro
- Mensagens : 73
Reputação : 0
Data de inscrição : 28/02/2014
Idade : 46
sweet page
pode remover essa meleca nem sei o que é isso
anacleto silva- Membro
- Mensagens : 73
Reputação : 0
Data de inscrição : 28/02/2014
Idade : 46
Re: sweet page.com
Está constando que o Farbar (FRST) está em uma pasta temporária. Salve ele no desktop (área de trabalho).Running from C:\Users\anacleto silva\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZSD1YX3H
Depois de salvar ele na área de trabalho, baixe este arquivo anexado nesta minha postagem e salve-o também na área de trabalho (Desktop).
Execute o FRST64. Clique no botão Fix.
Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.
Selecione, copie e cole o conteúdo deste log em sua próxima resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
swee page
nao entend nadaaaaaaaaaaaa minha cabeça agora deu nó
anacleto silva- Membro
- Mensagens : 73
Reputação : 0
Data de inscrição : 28/02/2014
Idade : 46
Re: sweet page.com
Então vamos por partes:
Está constando que você salvou o Farbar em uma pasta temporária que é esta:
C:\Users\anacleto silva\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZSD1YX3H
Salve ele no desktop (área de trabalho).
Quando você tiver salvado ele no desktop você me avisa.
Está constando que você salvou o Farbar em uma pasta temporária que é esta:
C:\Users\anacleto silva\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZSD1YX3H
Salve ele no desktop (área de trabalho).
Quando você tiver salvado ele no desktop você me avisa.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
sweet page
já salvei
anacleto silva- Membro
- Mensagens : 73
Reputação : 0
Data de inscrição : 28/02/2014
Idade : 46
sweet page
não tem nenhum FRST 64penas FRST
anacleto silva- Membro
- Mensagens : 73
Reputação : 0
Data de inscrição : 28/02/2014
Idade : 46
Re: sweet page.com
Sim, é isto mesmo.não tem nenhum FRST 64penas FRST
_____________________________________________________________________________________________
Agora baixe o arquivo fixlist anexado nesta minha resposta e salve ele também na área de trabalho (desktop).
_______________________________________________________________________________________________
Execute o FRST. Clique no botão Fix.
Aguarde e ao final, o log Fixlog.txt será salvo no seu desktop.
Selecione, copie e cole o conteúdo deste log em sua próxima resposta.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
SWEET Page
pois é ai é q tá, quando eu clico nele já abre com tudo dentro.ja esta nele
anacleto silva- Membro
- Mensagens : 73
Reputação : 0
Data de inscrição : 28/02/2014
Idade : 46
Re: sweet page.com
Como assim? é só você fazer o download do fixlist e salvar ele no desktop, você fez deste jeito?anacleto silva escreveu:pois é ai é q tá, quando eu clico nele já abre com tudo dentro.ja esta nele
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
sweet page
não tem nada la apenas um ícone tipo uma folha de caderno e não tem nenhum botão flix ou coisa do tipo
anacleto silva- Membro
- Mensagens : 73
Reputação : 0
Data de inscrição : 28/02/2014
Idade : 46
sweet page
clico na folha e aparece um janela vazia
anacleto silva- Membro
- Mensagens : 73
Reputação : 0
Data de inscrição : 28/02/2014
Idade : 46
Re: sweet page.com
Sim, este ícone da folha de caderno é o arquivo fixlist.anacleto silva escreveu:não tem nada la apenas um ícone tipo uma folha de caderno e não tem nenhum botão flix ou coisa do tipo
Agora você tem que abrir é o FRST e clicar no botão Fix.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
sweet page
ai em cima tem outra folha igual mas escrito flix cliquei nela e abriu uma janela com isso aqui ó;
Rapport de ZHPFix 2014.2.16.5 par Nicolas Coolman, Update du 16/02/2014
Fichier d'export Registre :
Run by anacleto silva at 07/03/2014 17:40:12
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit (Build 9200)
Reciclagem vazia (00mn 05s)
Reparação de atalhos do navegador
========== Processo memória ==========
ELIMINÉ: Memory Process: C:\Users\anacleto silva\AppData\Local\Temp\uninst1.exe
========== Modulos memória ==========
ELIMINÉ: Memory Module: C:\ProgramData\FileSplitUpLoad.dll
ELIMINÉ: Memory Module: C:\Users\anacleto silva\AppData\Local\Temp\tbBitt.dll
ELIMINÉ: Memory Module: C:\Users\anacleto silva\AppData\Local\Temp\tbFree.dll
========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\Baidu
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\VBMZ
ELIMINÉ: HKLM\Software\Wow6432Node\baidu
ELIMINÉ CLSID MPSK: {20608a6b-a53a-11e2-be83-f4b7e2d2f488}
ELIMINÉ CLSID MPSK: {46152177-bf18-11e2-be93-38eaa7d272a9}
ELIMINÉ CLSID MPSK: {a035bad7-b717-11e2-be8d-38eaa7d272a9}
ELIMINÉ CLSID MPSK: {a035bb13-b717-11e2-be8d-38eaa7d272a9}
ELIMINÉ CLSID MPSK: {a035bb6c-b717-11e2-be8d-38eaa7d272a9}
ELIMINÉ CLSID MPSK: {a035bcd0-b717-11e2-be8d-38eaa7d272a9}
ELIMINÉ CLSID MPSK: {a035bd04-b717-11e2-be8d-38eaa7d272a9}
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ:* HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus
========== Valores do Registo ==========
ELIMINÉ RunValue: SynTPEnh
ELIMINÉ RunValue: msnmsgr
ELIMINÉ RunValue: ares
ELIMINÉ: TCP Query User{1A8234A1-5E96-411B-BEDA-56078D7E56BB}C:\program files (x86)\ares\ares.exe
ELIMINÉ: UDP Query User{4CA0E63C-0BD8-4EEC-9D75-17AF39C246F7}C:\program files (x86)\ares\ares.exe
ELIMINÉ: {488DBCFE-FE1C-4B07-9A8E-4E1AB429BEDC}
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Domain) : {808F1451-4108-46FD-ADBB-F17324B5F0BD}
ELIMINÉ: FirewallRaz (Domain) : {E7985E1D-C36F-4787-80A8-6350D07E9266}
ELIMINÉ: FirewallRaz (Domain) : NetPres-In-TCP-NoScope
ELIMINÉ: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
ELIMINÉ: FirewallRaz (Domain) : NetPres-WSD-In-UDP
ELIMINÉ: FirewallRaz (Domain) : NetPres-WSD-Out-UDP
ELIMINÉ: FirewallRaz (Private) : NetPres-In-TCP
ELIMINÉ: FirewallRaz (Private) : NetPres-Out-TCP
ELIMINÉ: FirewallRaz (None) : MCX-Prov-Out-TCP
ELIMINÉ: FirewallRaz (None) : MCX-McrMgr-Out-TCP
ELIMINÉ: FirewallRaz (Public) : {E81F8505-9611-4BC7-A355-A14D487A06BC}
ELIMINÉ: FirewallRaz (Public) : {C600A650-0C9F-4FD4-AF6B-E24D763EDF1A}
ELIMINÉ: FirewallRaz (Public) : TCP Query User{B9B6B1F8-DA0C-4CB4-99B2-DE28629FE447}C:\users\anacleto silva\downloads\bittorrent.exe
ELIMINÉ: FirewallRaz (Public) : UDP Query User{E310FD0C-0EA9-4CB4-A6A8-2AC29A8F606E}C:\users\anacleto silva\downloads\bittorrent.exe
ELIMINÉ: FirewallRaz (Public) : {C2C5ED2F-2D62-49F0-A451-B6CE9C036DD5}
ELIMINÉ: FirewallRaz (Public) : {36CFE0FD-C691-4A16-9E6D-49E92E43C83B}
ELIMINÉ: FirewallRaz (Public) : {B80E7CEE-1637-47BB-90E6-AAB9BBFE47F1}
ELIMINÉ: FirewallRaz (Public) : {F13FAA44-250C-46CC-A6C1-3BC600528B78}
ELIMINÉ: FirewallRaz (None) : {20D57A9A-BEF1-47FF-846B-D642B5A511C9}
ELIMINÉ: FirewallRaz (None) : {01F7E6CC-1B02-4E0C-9DF5-8ED295EC832A}
ELIMINÉ: FirewallRaz (None) : {0A55AB86-E466-47E2-A049-E01B39C95F95}
ELIMINÉ: FirewallRaz (None) : {B234DE11-7ABB-423D-B88A-F008F02E6A65}
ELIMINÉ: FirewallRaz (None) : {47E3794A-AB21-4154-8659-234F8D0E1FDB}
ELIMINÉ: FirewallRaz (None) : {6DCC4666-70BE-49EA-9E1F-CE835130B91E}
ELIMINÉ: FirewallRaz (Public) : TCP Query User{84D10555-2364-4E73-90E9-1531ADCCAC73}C:\users\paulo\appdata\roaming\bittorrent\bittorrent.exe
ELIMINÉ: FirewallRaz (Public) : UDP Query User{4BC10BE6-0162-4495-8DD5-7858BD3A7197}C:\users\paulo\appdata\roaming\bittorrent\bittorrent.exe
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
ELIMINÉ: R0 - Main,Start Page = KCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\users\anacleto silva\appdata\roaming\microsoft\windows\start menu\programs\free easy cd dvd burner.lnk
ELIMINÉ: c:\programdata\microsoft\windows\start menu\programs\startup\startupmodem.lnk
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ: C:\Users\anacleto silva\AppData\Local\Temp\GoogleToolbarInstaller1.log
ELIMINÉ: C:\Users\anacleto silva\AppData\Local\Temp\GoogleToolbarInstaller2.log
ELIMINÉ Temporários windows (2991) (4.081.790.775 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: 4776
ELIMINÉ: {C0FB3474-F395-41BB-B30D-5E1A4C2599F0}
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
1 : Processo memória
3 : Modulos memória
33 : Chaves do Registo
40 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
9 : Ficheiros
2 : Tarefa planificada
1 : Restauração Sistema
End of clean in 01mn 40s
========== Caminho do ficheiro do relatório ==========
C:\Users\anacleto silva\AppData\Roaming\ZHP\ZHPFix[R1].txt - 07/03/2014 17:40:18 [7592]
Rapport de ZHPFix 2014.2.16.5 par Nicolas Coolman, Update du 16/02/2014
Fichier d'export Registre :
Run by anacleto silva at 07/03/2014 17:40:12
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit (Build 9200)
Reciclagem vazia (00mn 05s)
Reparação de atalhos do navegador
========== Processo memória ==========
ELIMINÉ: Memory Process: C:\Users\anacleto silva\AppData\Local\Temp\uninst1.exe
========== Modulos memória ==========
ELIMINÉ: Memory Module: C:\ProgramData\FileSplitUpLoad.dll
ELIMINÉ: Memory Module: C:\Users\anacleto silva\AppData\Local\Temp\tbBitt.dll
ELIMINÉ: Memory Module: C:\Users\anacleto silva\AppData\Local\Temp\tbFree.dll
========== Chaves do Registo ==========
ELIMINÉ Driver Key: Bfilter
ELIMINÉ Driver Key: Bfmon
ELIMINÉ Driver Key: Bprotect
ELIMINÉ: HKCU\Software\Baidu Security
ELIMINÉ: HKCU\Software\Baidu
ELIMINÉ: HKLM\Software\Wow6432Node\360Safe
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu Security
ELIMINÉ: HKLM\Software\Wow6432Node\Baidu_Drp_pos
ELIMINÉ: HKLM\Software\Wow6432Node\VBMZ
ELIMINÉ: HKLM\Software\Wow6432Node\baidu
ELIMINÉ CLSID MPSK: {20608a6b-a53a-11e2-be83-f4b7e2d2f488}
ELIMINÉ CLSID MPSK: {46152177-bf18-11e2-be93-38eaa7d272a9}
ELIMINÉ CLSID MPSK: {a035bad7-b717-11e2-be8d-38eaa7d272a9}
ELIMINÉ CLSID MPSK: {a035bb13-b717-11e2-be8d-38eaa7d272a9}
ELIMINÉ CLSID MPSK: {a035bb6c-b717-11e2-be8d-38eaa7d272a9}
ELIMINÉ CLSID MPSK: {a035bcd0-b717-11e2-be8d-38eaa7d272a9}
ELIMINÉ CLSID MPSK: {a035bd04-b717-11e2-be8d-38eaa7d272a9}
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
ELIMINÉ:* HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply
ELIMINÉ:* HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Baidu Antivirus
========== Valores do Registo ==========
ELIMINÉ RunValue: SynTPEnh
ELIMINÉ RunValue: msnmsgr
ELIMINÉ RunValue: ares
ELIMINÉ: TCP Query User{1A8234A1-5E96-411B-BEDA-56078D7E56BB}C:\program files (x86)\ares\ares.exe
ELIMINÉ: UDP Query User{4CA0E63C-0BD8-4EEC-9D75-17AF39C246F7}C:\program files (x86)\ares\ares.exe
ELIMINÉ: {488DBCFE-FE1C-4B07-9A8E-4E1AB429BEDC}
Ausente Valor Perfil Padrão: FirewallRaz :
Ausente Valor Perfil Domínio FirewallRaz :
ELIMINÉ: FirewallRaz (Domain) : {808F1451-4108-46FD-ADBB-F17324B5F0BD}
ELIMINÉ: FirewallRaz (Domain) : {E7985E1D-C36F-4787-80A8-6350D07E9266}
ELIMINÉ: FirewallRaz (Domain) : NetPres-In-TCP-NoScope
ELIMINÉ: FirewallRaz (Domain) : NetPres-Out-TCP-NoScope
ELIMINÉ: FirewallRaz (Domain) : NetPres-WSD-In-UDP
ELIMINÉ: FirewallRaz (Domain) : NetPres-WSD-Out-UDP
ELIMINÉ: FirewallRaz (Private) : NetPres-In-TCP
ELIMINÉ: FirewallRaz (Private) : NetPres-Out-TCP
ELIMINÉ: FirewallRaz (None) : MCX-Prov-Out-TCP
ELIMINÉ: FirewallRaz (None) : MCX-McrMgr-Out-TCP
ELIMINÉ: FirewallRaz (Public) : {E81F8505-9611-4BC7-A355-A14D487A06BC}
ELIMINÉ: FirewallRaz (Public) : {C600A650-0C9F-4FD4-AF6B-E24D763EDF1A}
ELIMINÉ: FirewallRaz (Public) : TCP Query User{B9B6B1F8-DA0C-4CB4-99B2-DE28629FE447}C:\users\anacleto silva\downloads\bittorrent.exe
ELIMINÉ: FirewallRaz (Public) : UDP Query User{E310FD0C-0EA9-4CB4-A6A8-2AC29A8F606E}C:\users\anacleto silva\downloads\bittorrent.exe
ELIMINÉ: FirewallRaz (Public) : {C2C5ED2F-2D62-49F0-A451-B6CE9C036DD5}
ELIMINÉ: FirewallRaz (Public) : {36CFE0FD-C691-4A16-9E6D-49E92E43C83B}
ELIMINÉ: FirewallRaz (Public) : {B80E7CEE-1637-47BB-90E6-AAB9BBFE47F1}
ELIMINÉ: FirewallRaz (Public) : {F13FAA44-250C-46CC-A6C1-3BC600528B78}
ELIMINÉ: FirewallRaz (None) : {20D57A9A-BEF1-47FF-846B-D642B5A511C9}
ELIMINÉ: FirewallRaz (None) : {01F7E6CC-1B02-4E0C-9DF5-8ED295EC832A}
ELIMINÉ: FirewallRaz (None) : {0A55AB86-E466-47E2-A049-E01B39C95F95}
ELIMINÉ: FirewallRaz (None) : {B234DE11-7ABB-423D-B88A-F008F02E6A65}
ELIMINÉ: FirewallRaz (None) : {47E3794A-AB21-4154-8659-234F8D0E1FDB}
ELIMINÉ: FirewallRaz (None) : {6DCC4666-70BE-49EA-9E1F-CE835130B91E}
ELIMINÉ: FirewallRaz (Public) : TCP Query User{84D10555-2364-4E73-90E9-1531ADCCAC73}C:\users\paulo\appdata\roaming\bittorrent\bittorrent.exe
ELIMINÉ: FirewallRaz (Public) : UDP Query User{4BC10BE6-0162-4495-8DD5-7858BD3A7197}C:\users\paulo\appdata\roaming\bittorrent\bittorrent.exe
ProxyFix : Configuração proxy removida com sucesso
ELIMINÉ ProxyServer Value
ELIMINÉ ProxyEnable Value
ELIMINÉ EnableHttp1_1 Value
ELIMINÉ ProxyHttp1.1 Value
ELIMINÉ ProxyOverride Value
========== Elementos dos dados do Registo ==========
ELIMINÉ: R0 - Main,Start Page = KCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page
========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia
========== Ficheiros ==========
ELIMINÉ: c:\users\anacleto silva\appdata\roaming\microsoft\windows\start menu\programs\free easy cd dvd burner.lnk
ELIMINÉ: c:\programdata\microsoft\windows\start menu\programs\startup\startupmodem.lnk
ELIMINA REINICIAR: c:\windows\system32\drivers\bfilter.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bfmon.sys
ELIMINA REINICIAR: c:\windows\system32\drivers\bprotect.sys
ELIMINÉ: C:\Users\anacleto silva\AppData\Local\Temp\GoogleToolbarInstaller1.log
ELIMINÉ: C:\Users\anacleto silva\AppData\Local\Temp\GoogleToolbarInstaller2.log
ELIMINÉ Temporários windows (2991) (4.081.790.775 octets)
ELIMINÉ Flash Cookies (0) (0 octets)
========== Tarefa planificada ==========
ELIMINÉ: 4776
ELIMINÉ: {C0FB3474-F395-41BB-B30D-5E1A4C2599F0}
========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso
========== Recapitulativo ==========
1 : Processo memória
3 : Modulos memória
33 : Chaves do Registo
40 : Valores do Registo
1 : Elementos dos dados do Registo
1 : Pastas
9 : Ficheiros
2 : Tarefa planificada
1 : Restauração Sistema
End of clean in 01mn 40s
========== Caminho do ficheiro do relatório ==========
C:\Users\anacleto silva\AppData\Roaming\ZHP\ZHPFix[R1].txt - 07/03/2014 17:40:18 [7592]
anacleto silva- Membro
- Mensagens : 73
Reputação : 0
Data de inscrição : 28/02/2014
Idade : 46
Re: sweet page.com
cara, este é o log do ZHPfix.
é só você prestar atenção no que te falei que não tem erro. Leia atentamente o que pedi e faça aquilo, só isso.
é só você prestar atenção no que te falei que não tem erro. Leia atentamente o que pedi e faça aquilo, só isso.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
sweet pAGE
VC QUE NAO ESTA ENTENDENDO EU JA FIZ NOS DOIS E NAO AACOONTECE NADA E NAO TEM BOTAO FLIX NENHUM SÓ APARECE UMA JANELA VAZIA SÓ ISSO,ai desculpe escrevi de maiúscula .tendeu? não tem nenhum botão em nenhum dos dois.
anacleto silva- Membro
- Mensagens : 73
Reputação : 0
Data de inscrição : 28/02/2014
Idade : 46
Re: sweet page.com
Mas quando você postou aqueles dois relatórios, como você fez então?
Ao abrir o Farbar ele mostra esta tela abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Aí então é só clicar neste botão Fix que é mostrado na imagem acima.
Ao abrir o Farbar ele mostra esta tela abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]
Aí então é só clicar neste botão Fix que é mostrado na imagem acima.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
sweet page
sim este mesmo mas quando acabou não ficou nada na área de trabalho só as cartinhas.
anacleto silva- Membro
- Mensagens : 73
Reputação : 0
Data de inscrição : 28/02/2014
Idade : 46
Re: sweet page.com
Então é só você fazer novamente o download do Farbar Recovery Scan Tool e salve-o no Desktop (Área de Trabalho)
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version
e depois que ele estiver na área de trabalho é só abrir ele e clicar em Fix
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
Obs: Ao acessar o link acima, clique no botão Download Now 64-Bit Version
e depois que ele estiver na área de trabalho é só abrir ele e clicar em Fix
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
sweet page
não fica a área de trabalho e o Windows fica bloqueando ai eu executo mesmo assim e não fixa na área de trabalho ele simplesmente some e outra qundo clico no fix da no foound .e mais umas coisinhas lá
anacleto silva- Membro
- Mensagens : 73
Reputação : 0
Data de inscrição : 28/02/2014
Idade : 46
Re: sweet page.com
Em qual lugar ele fica ser impedido? se em algum lugar ele ficar normal, é só você deixar ele neste lugar e coloque no mesmo lugar o arquivo fixlist.
Depois disto abre ele e clique no Fix.
Depois disto abre ele e clique no Fix.
Power Max- Colaborador
- Mensagens : 9086
Reputação : 1499
Data de inscrição : 14/04/2009
sweet page
Sim , mas acontece q onde ele está já vi o pc todo e não o encontro simplesmente sumiu.tendeu?
anacleto silva- Membro
- Mensagens : 73
Reputação : 0
Data de inscrição : 28/02/2014
Idade : 46
Página 3 de 4 • 1, 2, 3, 4
Página 3 de 4
Permissões neste sub-fórum
Não podes responder a tópicos
|
|