[Arquivado] &nbspIE 7 com problemas

Olá!

Seja bem vindo à seção de Remoção de Malwares da IMasters Fóruns!

Por favor, siga as instruções abaixo:

Faça o Download do DDS e salve no Desktop (Área de trabalho).

• Temporariamente desative os seus programas de proteção.
• Duplo clique em dds.scr.
• Irá surgir uma tela preta com algumas informações. Não clique em nada, apenas aguarde!
• Quando terminar, duas janelas abrirão: DDS.txt e Attach.txt.
• Salve o resultado e cole-o no seu tópico.

OBS: Caso o link disponibilizado não funcione, tente baixar o DDS por ESTE link.

Abraços :D

Boa noite,

Não abriu nenhum dos dois links para download do DDS.

Olá!

Baixe do link abaixo, extraia o .zip e execute o SSS.scr (seguindo as instruções acima).

Use um proxy, como o http://www.myninjaproxy.info/ ou o http://hidemyass.com para baixar, caso não estiver conseguindo.

Poste o log gerado.

Abraços :D

seguem logs,

DDS (Ver_10-12-12.02) - NTFSx86

Run by user at 22:53:41,75 on 17/01/2011

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.2038.982 [GMT -2:00]

AV: avast! Antivirus Disabled/Updated {C37D8F93-0602-E43C-40AA-47DAD597F308}

SP: avast! Antivirus Disabled/Updated {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}

SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\PROGRA~1\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\System32\AsusService.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\igfxtray.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\EeePC\HotkeyService\HotkeyService.exe

C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe

C:\Program Files\DAP\DAP.exe

C:\Program Files\Ares\Ares.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe

c:\program files\windows defender\MpCmdRun.exe

C:\Windows\system32\DllHost.exe

C:\Users\user\Desktop\dds.scr

C:\Windows\system32\conhost.exe

C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com.br/

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540000} - c:\program files\gbplugin\gbieh.dll

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540003} - c:\program files\gbplugin\gbiehCef.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Download Accelerator Plus Integration: {ff6c3cf0-4b15-11d1-abed-709549c10000} - c:\progra~1\dap\DAPIEL~1.DLL

uRun: [DownloadAccelerator] "c:\program files\dap\DAP.EXE" /STARTUP

uRun: [ares] "c:\program files\ares\Ares.exe" -h

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [Google Update] "c:\users\user\appdata\local\google\update\GoogleUpdate.exe" /c

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [igfxExt] c:\windows\system32\IgfxExt.exe /RegServer

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui

mRun: [HotkeyMon] AsusSender.exe c:\program files\eeepc\hotkeyservice\HotKeyMon.exe

mRun: [HotkeyService] AsusSender.exe c:\program files\eeepc\hotkeyservice\HotkeyService.exe

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [synAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\recort~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &Clean Traces - c:\program files\dap\privacy package\dapcleanerie.htm

IE: &Download with &DAP - c:\program files\dap\dapextie.htm

IE: Download &all with DAP - c:\program files\dap\dapextie2.htm

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

Trusted Zone: bancobrasil.com.br\www

Trusted Zone: bancobrasil.com.br\www14

Trusted Zone: bancobrasil.com.br\www2

Trusted Zone: bb.com.br\www

Trusted Zone: caixa.gov.br

Trusted Zone: caixa.gov.br\imagem

Trusted Zone: caixa.gov.br\internetbanking

DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\dap\dapie.dll

Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\dap\dapie.dll

Notify: GbPluginBb - c:\program files\gbplugin\gbieh.dll

Notify: GbPluginCef - c:\program files\gbplugin\gbiehCef.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399f83} - c:\program files\gbplugin\gbieh.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399003} - c:\program files\gbplugin\gbiehcef.dll

============= SERVICES / DRIVERS ===============

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2010-11-8 46600]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-21 165584]

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]

R2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2010-10-21 219136]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-10-21 17744]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-10-21 50768]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-21 40384]

R2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2011-1-13 54664]

R3 igd;igd;c:\windows\system32\drivers\igdkmd32.sys [2009-8-27 635168]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2009-6-10 50688]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]

S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-21 40384]

S3 avast! Web Scanner;avast! Web Scanner;c:\program files\alwil software\avast5\AvastSvc.exe [2010-10-21 40384]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-11-2 1343400]

=============== Created Last 30 ================

2011-01-17 21:49:25 -------- d-----w- c:\users\user\appdata\local\ElevatedDiagnostics

2011-01-14 10:36:30 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{ae94e34c-5a1b-462b-8adc-a2b5d582d557}\mpengine.dll

2011-01-13 22:21:00 -------- d-----w- c:\users\user\appdata\local\Google

2011-01-13 22:19:50 -------- d-----w- c:\users\user\appdata\local\Apps

2011-01-13 22:19:49 -------- d-----w- c:\users\user\appdata\local\Deployment

2011-01-13 11:56:48 987136 ----a-w- c:\program files\common files\system\ado\msado15.dll

2011-01-13 11:56:48 573440 ----a-w- c:\windows\system32\odbc32.dll

2011-01-13 11:56:48 208896 ----a-w- c:\program files\common files\system\msadc\msadco.dll

2011-01-13 11:56:47 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll

2011-01-13 11:56:47 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll

2011-01-13 11:55:01 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2011-01-13 11:55:01 107520 ----a-w- c:\windows\system32\cdd.dll

2011-01-13 11:55:00 218624 ----a-w- c:\windows\system32\d3d10_1core.dll

2011-01-13 11:55:00 161792 ----a-w- c:\windows\system32\d3d10_1.dll

2011-01-13 11:54:59 739840 ----a-w- c:\windows\system32\d2d1.dll

2011-01-13 11:54:57 211968 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2011-01-13 11:54:57 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll

2011-01-13 11:54:56 135168 ----a-w- c:\windows\system32\XpsRasterService.dll

2011-01-13 11:54:56 1170944 ----a-w- c:\windows\system32\d3d10warp.dll

2011-01-13 11:54:55 801792 ----a-w- c:\windows\system32\FntCache.dll

2011-01-13 11:54:55 442880 ----a-w- c:\windows\system32\XpsPrint.dll

2011-01-13 11:54:55 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2011-01-13 11:54:55 1074176 ----a-w- c:\windows\system32\DWrite.dll

2011-01-10 13:48:17 -------- d-----w- c:\program files\Atlas do Desenvolvimento Humano no Brasil

2011-01-07 15:56:38 -------- d-----w- c:\windows\system32\appmgmt

2011-01-07 15:10:18 -------- d-----w- C:\Epi_Info

==================== Find3M ====================

2010-11-12 20:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll

2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll

2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec

2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll

2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe

2010-10-27 04:32:36 2048 ----a-w- c:\windows\system32\tzres.dll

2010-10-21 20:55:19 172032 ----a-w- c:\windows\system32\AniGIF.ocx

2010-10-20 04:54:18 34304 ----a-w- c:\windows\system32\atmlib.dll

2010-10-20 03:00:24 2327552 ----a-w- c:\windows\system32\win32k.sys

2010-10-20 02:58:41 294400 ----a-w- c:\windows\system32\atmfd.dll

============= FINISH: 22:55:10,43 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 21/10/2010 15:50:14

System Uptime: 17/01/2011 20:28:41 (2 hours ago)

Motherboard: ASUSTeK Computer INC. | | 1201HA

Processor: Intel® Atom CPU Z520 @ 1.33GHz | CPU 1 | 1333/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 233 GiB total, 208,433 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP31: 01/12/2010 16:59:17 - Windows Update

RP32: 03/12/2010 13:29:51 - Windows Update

RP33: 09/12/2010 15:06:11 - Windows Update

RP34: 16/12/2010 15:54:58 - Windows Update

RP35: 16/12/2010 16:13:48 - Windows Update

RP36: 17/12/2010 09:04:34 - Windows Update

RP37: 20/12/2010 13:26:16 - Windows Update

RP38: 21/12/2010 16:41:24 - Windows Update

RP39: 22/12/2010 13:33:08 - Windows Update

RP40: 22/12/2010 14:11:05 - Installed Java 6 Update 23

RP41: 07/01/2011 09:24:45 - Windows Update

RP42: 07/01/2011 13:09:18 - Installed Epi Info

RP43: 07/01/2011 13:54:34 - Removed Epi Info

RP44: 07/01/2011 13:57:40 - Installed Epi Info

RP45: 09/01/2011 17:14:42 - Removed Epi Info

RP46: 11/01/2011 09:10:29 - Windows Update

RP47: 11/01/2011 16:50:32 - Windows Update

RP48: 13/01/2011 09:38:47 - Operação de restauração

RP49: 13/01/2011 09:52:10 - Windows Update

RP50: 13/01/2011 10:01:00 - Windows Update

RP51: 14/01/2011 08:35:34 - Windows Update

RP52: 17/01/2011 21:18:45 - Windows Update

==== Installed Programs ======================

Adobe Flash Player 10 ActiveX

Ares 2.1.7

Arquivo do WinRAR

Atualização do produto Microsoft Office Excel 2007 Help (KB963678)

Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)

Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)

Atualização do produto Microsoft Office Word 2007 Help (KB963665)

avast! Free Antivirus

D3DX10

Download Accelerator Plus (DAP)

Foxit Reader

Google Chrome

Hotkey Service

Java Auto Updater

Java 6 Update 23

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Silverlight

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

MSVCRT

OGA Notifier 2.0.0048.0

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2289158)

Security Update for 2007 Microsoft Office System (KB2344875)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2345035)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office PowerPoint Viewer (KB2413381)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Synaptics Pointing Device Driver

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office Outlook 2007 (KB2412171)

Update for Outlook 2007 Junk Email Filter (KB2483110)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Messenger

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

==== End Of File ===========================

Olá!

Por favor, siga as instruções abaixo:

Execute o BankerFix e poste o log gerado.

Tutorial do BankerFix

Abraços :D

O banker fix não detectou nada.

Segue log,

BankerFix 3.1 VALKYRIE - Removedor de Bankers

Linha Defensiva | http://www.linhadefensiva.org

http://www.linhadefensiva.org/bankerfix/

-------------------------------------------------------

Data: 2011-01-18 - 11:24

-------------------------------------------------------

Lista de Definição: 2010-12-25-1 | CORE: 2010-12-28-6

=======================================================

----- Fim -------------------------

Olá!

Acesse a página abaixo e diga se está infectado pelo Conficker:

http://www.confickerworkinggroup.org/infection_test/cfeyechart-es.html

Abraços :D

Bom dia,

não está infectado...

Olá!

Por favor, desinstale o DAP e veja se o problema se resolve.

Após desinstalá-lo, poste um novo log do DDS.

Abraços :D

Boa tarde,

desinstalei o DAP,

seguem logs DDS

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 21/10/2010 15:50:14

System Uptime: 19/01/2011 17:48:04 (0 hours ago)

Motherboard: ASUSTeK Computer INC. | | 1201HA

Processor: Intel® Atom CPU Z520 @ 1.33GHz | CPU 1 | 1333/133mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 233 GiB total, 208,365 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP32: 03/12/2010 13:29:51 - Windows Update

RP33: 09/12/2010 15:06:11 - Windows Update

RP34: 16/12/2010 15:54:58 - Windows Update

RP35: 16/12/2010 16:13:48 - Windows Update

RP36: 17/12/2010 09:04:34 - Windows Update

RP37: 20/12/2010 13:26:16 - Windows Update

RP38: 21/12/2010 16:41:24 - Windows Update

RP39: 22/12/2010 13:33:08 - Windows Update

RP40: 22/12/2010 14:11:05 - Installed Java 6 Update 23

RP41: 07/01/2011 09:24:45 - Windows Update

RP42: 07/01/2011 13:09:18 - Installed Epi Info

RP43: 07/01/2011 13:54:34 - Removed Epi Info

RP44: 07/01/2011 13:57:40 - Installed Epi Info

RP45: 09/01/2011 17:14:42 - Removed Epi Info

RP46: 11/01/2011 09:10:29 - Windows Update

RP47: 11/01/2011 16:50:32 - Windows Update

RP48: 13/01/2011 09:38:47 - Operação de restauração

RP49: 13/01/2011 09:52:10 - Windows Update

RP50: 13/01/2011 10:01:00 - Windows Update

RP51: 14/01/2011 08:35:34 - Windows Update

RP52: 17/01/2011 21:18:45 - Windows Update

RP53: 19/01/2011 09:16:42 - Windows Update

==== Installed Programs ======================

Adobe Flash Player 10 ActiveX

Ares 2.1.7

Arquivo do WinRAR

Atualização do produto Microsoft Office Excel 2007 Help (KB963678)

Atualização do produto Microsoft Office Outlook 2007 Help (KB963677)

Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669)

Atualização do produto Microsoft Office Word 2007 Help (KB963665)

avast! Free Antivirus

D3DX10

Foxit Reader

Google Chrome

Hotkey Service

Java Auto Updater

Java 6 Update 23

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 2 (SP2)

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Silverlight

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

MSVCRT

OGA Notifier 2.0.0048.0

Security Update for 2007 Microsoft Office System (KB2288621)

Security Update for 2007 Microsoft Office System (KB2288931)

Security Update for 2007 Microsoft Office System (KB2289158)

Security Update for 2007 Microsoft Office System (KB2344875)

Security Update for 2007 Microsoft Office System (KB2345043)

Security Update for 2007 Microsoft Office System (KB969559)

Security Update for 2007 Microsoft Office System (KB976321)

Security Update for Microsoft Office Access 2007 (KB979440)

Security Update for Microsoft Office Excel 2007 (KB2345035)

Security Update for Microsoft Office InfoPath 2007 (KB979441)

Security Update for Microsoft Office PowerPoint 2007 (KB982158)

Security Update for Microsoft Office PowerPoint Viewer (KB2413381)

Security Update for Microsoft Office Publisher 2007 (KB2284697)

Security Update for Microsoft Office system 2007 (972581)

Security Update for Microsoft Office system 2007 (KB974234)

Security Update for Microsoft Office Visio Viewer 2007 (KB973709)

Security Update for Microsoft Office Word 2007 (KB2344993)

Synaptics Pointing Device Driver

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft Office OneNote 2007 (KB980729)

Update for Microsoft Office Outlook 2007 (KB2412171)

Update for Outlook 2007 Junk Email Filter (KB2483110)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Messenger

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

==== End Of File ===========================

DDS (Ver_10-12-12.02) - NTFSx86

Run by user at 17:55:35,58 on 19/01/2011

Internet Explorer: 8.0.7600.16385

Microsoft Windows 7 Ultimate 6.1.7600.0.1252.55.1046.18.2038.1214 [GMT -2:00]

AV: avast! Antivirus Disabled/Updated {C37D8F93-0602-E43C-40AA-47DAD597F308}

SP: avast! Antivirus Disabled/Updated {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}

SP: Windows Defender Enabled/Updated {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

============== Running Processes ===============

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\PROGRA~1\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Ares\Ares.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Windows\System32\AsusService.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\EeePC\HotkeyService\HotKeyMon.exe

C:\Program Files\EeePC\HotkeyService\HotkeyService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10k_ActiveX.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\ctfmon.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Users\user\Desktop\dds.scr

C:\Windows\system32\conhost.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com.br/

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540000} - c:\program files\gbplugin\gbieh.dll

BHO: GbIehObj Class: {c41a1c0e-ea6c-11d4-b1b8-444553540003} - c:\program files\gbplugin\gbiehCef.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

uRun: [ares] "c:\program files\ares\Ares.exe" -h

uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

uRun: [Google Update] "c:\users\user\appdata\local\google\update\GoogleUpdate.exe" /c

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [igfxExt] c:\windows\system32\IgfxExt.exe /RegServer

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui

mRun: [HotkeyMon] AsusSender.exe c:\program files\eeepc\hotkeyservice\HotKeyMon.exe

mRun: [HotkeyService] AsusSender.exe c:\program files\eeepc\hotkeyservice\HotkeyService.exe

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [synAsusAcpi] %ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

StartupFolder: c:\users\user\appdata\roaming\micros~1\windows\startm~1\programs\startup\recort~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

Trusted Zone: bancobrasil.com.br\www

Trusted Zone: bancobrasil.com.br\www14

Trusted Zone: bancobrasil.com.br\www2

Trusted Zone: bb.com.br\www

Trusted Zone: caixa.gov.br

Trusted Zone: caixa.gov.br\imagem

Trusted Zone: caixa.gov.br\internetbanking

DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} - hxxps://oas.support.microsoft.com/ActiveX/MSDcode.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll

Notify: GbPluginBb - c:\program files\gbplugin\gbieh.dll

Notify: GbPluginCef - c:\program files\gbplugin\gbiehCef.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399f83} - c:\program files\gbplugin\gbieh.dll

SEH: GbPluginObj Class: {e37cb5f0-51f5-4395-a808-5fa49e399003} - c:\program files\gbplugin\gbiehcef.dll

============= SERVICES / DRIVERS ===============

R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2010-11-8 46600]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-10-21 294608]

R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]

R2 AsusService;Asus Launcher Service;c:\windows\system32\AsusService.exe [2010-10-21 219136]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-10-21 17744]

R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-10-21 51280]

R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-1-19 40384]

R2 GbpSv;Gbp Service;c:\progra~1\gbplugin\GbpSv.exe [2011-1-13 54664]

R3 igd;igd;c:\windows\system32\drivers\igdkmd32.sys [2009-8-27 635168]

R3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\drivers\L1C62x86.sys [2009-6-10 50688]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-13 14336]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]

S3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\wat\WatAdminSvc.exe [2010-11-2 1343400]

=============== Created Last 30 ================

2011-01-19 19:47:21 2560 ----a-w- c:\windows\_MSRSTRT.EXE

2011-01-19 11:17:26 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{e0e82370-7ab2-495b-912e-92ad14fd479f}\mpengine.dll

2011-01-18 13:24:15 -------- d-----w- C:\LinhaDefensiva

2011-01-17 21:49:25 -------- d-----w- c:\users\user\appdata\local\ElevatedDiagnostics

2011-01-13 22:21:00 -------- d-----w- c:\users\user\appdata\local\Google

2011-01-13 22:19:50 -------- d-----w- c:\users\user\appdata\local\Apps

2011-01-13 22:19:49 -------- d-----w- c:\users\user\appdata\local\Deployment

2011-01-13 11:56:48 987136 ----a-w- c:\program files\common files\system\ado\msado15.dll

2011-01-13 11:56:48 573440 ----a-w- c:\windows\system32\odbc32.dll

2011-01-13 11:56:48 208896 ----a-w- c:\program files\common files\system\msadc\msadco.dll

2011-01-13 11:56:47 372736 ----a-w- c:\program files\common files\system\ado\msadox.dll

2011-01-13 11:56:47 352256 ----a-w- c:\program files\common files\system\ado\msadomd.dll

2011-01-13 11:55:01 728448 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys

2011-01-13 11:55:01 107520 ----a-w- c:\windows\system32\cdd.dll

2011-01-13 11:55:00 218624 ----a-w- c:\windows\system32\d3d10_1core.dll

2011-01-13 11:55:00 161792 ----a-w- c:\windows\system32\d3d10_1.dll

2011-01-13 11:54:59 739840 ----a-w- c:\windows\system32\d2d1.dll

2011-01-13 11:54:57 211968 ----a-w- c:\windows\system32\drivers\dxgmms1.sys

2011-01-13 11:54:57 1495040 ----a-w- c:\windows\system32\ExplorerFrame.dll

2011-01-13 11:54:56 135168 ----a-w- c:\windows\system32\XpsRasterService.dll

2011-01-13 11:54:56 1170944 ----a-w- c:\windows\system32\d3d10warp.dll

2011-01-13 11:54:55 801792 ----a-w- c:\windows\system32\FntCache.dll

2011-01-13 11:54:55 442880 ----a-w- c:\windows\system32\XpsPrint.dll

2011-01-13 11:54:55 283648 ----a-w- c:\windows\system32\XpsGdiConverter.dll

2011-01-13 11:54:55 1074176 ----a-w- c:\windows\system32\DWrite.dll

2011-01-10 13:48:17 -------- d-----w- c:\program files\Atlas do Desenvolvimento Humano no Brasil

2011-01-07 15:56:38 -------- d-----w- c:\windows\system32\appmgmt

2011-01-07 15:10:18 -------- d-----w- C:\Epi_Info

==================== Find3M ====================

2011-01-13 08:47:35 38848 ----a-w- c:\windows\avastSS.scr

2010-11-12 20:53:06 472808 ----a-w- c:\windows\system32\deployJava1.dll

2010-11-04 05:52:17 978944 ----a-w- c:\windows\system32\wininet.dll

2010-11-04 05:48:36 44544 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-04 04:41:26 386048 ----a-w- c:\windows\system32\html.iec

2010-11-04 04:08:54 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2010-11-02 04:41:12 351232 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-02 04:40:36 496128 ----a-w- c:\windows\system32\taskschd.dll

2010-11-02 04:40:36 305152 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-02 04:39:32 749056 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-02 04:34:44 192000 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 04:34:33 179712 ----a-w- c:\windows\system32\schtasks.exe

2010-10-27 04:32:36 2048 ----a-w- c:\windows\system32\tzres.dll

============= FINISH: 17:57:27,27 ===============

Olá!

Por favor, siga as instruções abaixo:

*Baixe o OTL e salve-o no desktop

*Execute o OTL e selecione as opções abaixo:

[X] Verificar All UsersExame Extra do Registro: [X] Nenhum

[X] Ignorar Arquivos Microsoft

[X] Usar WhiteList para Nomes de Companhias

[X] Verificar Lop

[X] Verificar Purity

*Clique [Verificar] e aguarde o término

*Cole o relatório (OTL.txt) apresentado

Abraços :D

Segue log,

OTL logfile created on: 21/01/2011 11:18:02 - Run 1

OTL by OldTimer - Version 3.2.20.3 Folder = C:\Users\user\Desktop

Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 51,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 73,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 232,79 Gb Total Space | 207,77 Gb Free Space | 89,25% Space Free | Partition Type: NTFS

Computer Name: USER-PC | User Name: user | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: Off | File Age = 360 Days

========== Processes (SafeList) ==========

PRC - [2011/01/21 11:04:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe

PRC - [2011/01/13 06:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\Alwil Software\Avast5\AvastUI.exe

PRC - [2011/01/13 06:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\Alwil Software\Avast5\AvastSvc.exe

PRC - [2010/12/28 10:43:18 | 000,054,664 | ---- | M] ( ) -- C:\Arquivos de Programas\GbPlugin\gbpsv.exe

PRC - [2010/11/04 03:54:54 | 000,673,040 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Internet Explorer\iexplore.exe

PRC - [2010/10/27 07:00:02 | 001,015,808 | ---- | M] (Ares Development Group) -- C:\Arquivos de Programas\Ares\Ares.exe

PRC - [2010/10/21 16:12:55 | 000,232,912 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe

PRC - [2010/09/23 00:47:30 | 004,240,760 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Windows Live\Messenger\msnmsgr.exe

PRC - [2010/09/21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

PRC - [2010/09/21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

PRC - [2009/10/31 03:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/10/16 21:43:28 | 001,021,424 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Arquivos de Programas\EeePC\HotkeyService\HotkeyService.exe

PRC - [2009/09/11 11:41:02 | 000,100,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Arquivos de Programas\EeePC\HotkeyService\HotKeyMon.exe

PRC - [2009/08/18 17:35:56 | 000,219,136 | ---- | M] () -- C:\Windows\System32\AsusService.exe

PRC - [2009/07/13 23:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Windows Media Player\wmpnetwk.exe

PRC - [2009/07/13 23:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2009/02/26 15:24:50 | 000,097,680 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Microsoft Office\Office12\ONENOTEM.EXE

PRC - [2008/10/25 11:44:34 | 000,031,072 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Microsoft Office\Office12\GrooveMonitor.exe

========== Modules (SafeList) ==========

MOD - [2011/01/21 11:04:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe

MOD - [2011/01/13 06:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\Alwil Software\Avast5\snxhk.dll

MOD - [2010/08/21 03:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll

MOD - [2009/07/13 23:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll

MOD - [2009/07/13 23:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll

MOD - [2009/07/13 23:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll

MOD - [2009/07/13 23:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll

MOD - [2009/07/13 23:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll

MOD - [2009/07/13 23:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll

MOD - [2009/07/13 23:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll

MOD - [2009/07/13 23:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll

MOD - [2009/07/13 23:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll

MOD - [2009/07/13 23:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/01/13 06:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2010/12/28 10:43:18 | 000,054,664 | ---- | M] ( ) [unknown | Running] -- C:\Arquivos de Programas\GbPlugin\gbpsv.exe -- (GbpSv)

SRV - [2010/11/02 08:47:01 | 001,343,400 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2010/11/02 02:36:16 | 000,801,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/08/18 17:35:56 | 000,219,136 | ---- | M] () [Auto | Running] -- C:\Windows\System32\AsusService.exe -- (AsusService)

SRV - [2009/07/13 23:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)

SRV - [2009/07/13 23:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)

SRV - [2009/07/13 23:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)

SRV - [2009/07/13 23:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)

SRV - [2009/07/13 23:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)

SRV - [2009/07/13 23:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)

SRV - [2009/07/13 23:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/13 23:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

SRV - [2009/07/13 23:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)

SRV - [2009/07/13 23:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)

SRV - [2009/07/13 23:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)

SRV - [2009/07/13 23:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)

SRV - [2009/07/13 23:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de Programas\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2009/07/13 23:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)

SRV - [2009/07/13 23:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)

SRV - [2009/07/13 23:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)

SRV - [2009/07/13 23:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)

SRV - [2009/07/13 23:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalador do ActiveX (AxInstSV)

SRV - [2009/07/13 23:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)

SRV - [2009/07/13 23:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)

========== Driver Services (SafeList) ==========

DRV - [2011/01/13 06:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2011/01/13 06:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2011/01/13 06:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2011/01/13 06:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV - [2011/01/13 06:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2010/12/28 10:46:30 | 000,046,600 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\gbpkm.sys -- (GbpKm)

DRV - [2009/12/11 05:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)

DRV - [2009/11/19 21:45:08 | 000,230,448 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)

DRV - [2009/10/05 16:31:50 | 001,221,632 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)

DRV - [2009/08/27 15:36:42 | 000,635,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igd)

DRV - [2009/07/13 23:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)

DRV - [2009/07/13 23:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)

DRV - [2009/07/13 23:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)

DRV - [2009/07/13 23:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)

DRV - [2009/07/13 23:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)

DRV - [2009/07/13 23:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)

DRV - [2009/07/13 23:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)

DRV - [2009/07/13 23:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)

DRV - [2009/07/13 23:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)

DRV - [2009/07/13 23:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)

DRV - [2009/07/13 23:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)

DRV - [2009/07/13 23:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)

DRV - [2009/07/13 23:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)

DRV - [2009/07/13 23:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)

DRV - [2009/07/13 23:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)

DRV - [2009/07/13 23:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)

DRV - [2009/07/13 23:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2009/07/13 23:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)

DRV - [2009/07/13 23:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)

DRV - [2009/07/13 23:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)

DRV - [2009/07/13 23:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)

DRV - [2009/07/13 23:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)

DRV - [2009/07/13 23:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)

DRV - [2009/07/13 23:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)

DRV - [2009/07/13 23:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)

DRV - [2009/07/13 23:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)

DRV - [2009/07/13 23:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)

DRV - [2009/07/13 23:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)

DRV - [2009/07/13 23:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)

DRV - [2009/07/13 23:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)

DRV - [2009/07/13 23:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)

DRV - [2009/07/13 23:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)

DRV - [2009/07/13 23:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)

DRV - [2009/07/13 23:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)

DRV - [2009/07/13 23:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)

DRV - [2009/07/13 23:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)

DRV - [2009/07/13 23:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)

DRV - [2009/07/13 23:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)

DRV - [2009/07/13 23:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)

DRV - [2009/07/13 23:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)

DRV - [2009/07/13 23:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)

DRV - [2009/07/13 23:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)

DRV - [2009/07/13 22:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2009/07/13 22:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)

DRV - [2009/07/13 22:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)

DRV - [2009/07/13 21:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)

DRV - [2009/07/13 21:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)

DRV - [2009/07/13 21:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)

DRV - [2009/07/13 21:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)

DRV - [2009/07/13 21:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)

DRV - [2009/07/13 21:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)

DRV - [2009/07/13 21:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)

DRV - [2009/07/13 21:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)

DRV - [2009/07/13 21:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)

DRV - [2009/07/13 21:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)

DRV - [2009/07/13 21:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)

DRV - [2009/07/13 21:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)

DRV - [2009/07/13 21:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)

DRV - [2009/07/13 21:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)

DRV - [2009/07/13 21:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)

DRV - [2009/07/13 21:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)

DRV - [2009/07/13 21:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)

DRV - [2009/07/13 21:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)

DRV - [2009/07/13 20:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2009/07/13 20:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)

DRV - [2009/07/13 20:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)

DRV - [2009/07/13 20:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)

DRV - [2009/07/13 20:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)

DRV - [2009/07/13 20:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)

DRV - [2009/07/13 20:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)

DRV - [2009/07/13 20:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)

DRV - [2009/07/13 20:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)

DRV - [2009/07/13 20:02:47 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-882110567-3725966301-2789595868-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/

IE - HKU\S-1-5-21-882110567-3725966301-2789595868-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-882110567-3725966301-2789595868-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br

IE - HKU\S-1-5-21-882110567-3725966301-2789595868-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 2B 88 0C A3 5C 71 CB 01 [binary data]

IE - HKU\S-1-5-21-882110567-3725966301-2789595868-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

O1 HOSTS File: ([2011/01/18 11:29:23 | 000,000,822 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de Programas\GbPlugin\gbieh.dll (Banco do Brasil)

O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de Programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [HotkeyMon] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)

O4 - HKLM..\Run: [HotkeyService] C:\Windows\System32\AsusSender.exe (ASUSTek Computer Inc.)

O4 - HKLM..\Run: [igfxExt] C:\Windows\System32\IgfxExt.exe (Intel Corporation)

O4 - HKLM..\Run: [synAsusAcpi] C:\Arquivos de Programas\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)

O4 - HKU\S-1-5-21-882110567-3725966301-2789595868-1000..\Run: [ares] C:\Program Files\Ares\Ares.exe (Ares Development Group)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-882110567-3725966301-2789595868-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10k_ActiveX.exe (Adobe Systems, Inc.)

O4 - Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de Programas\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de Programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de Programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O13 - gopher Prefix: missing

O15 - HKU\S-1-5-21-882110567-3725966301-2789595868-1000\..Trusted Domains: bancobrasil.com.br ([www] * in Sites confiáveis)

O15 - HKU\S-1-5-21-882110567-3725966301-2789595868-1000\..Trusted Domains: bancobrasil.com.br ([www14] * in Sites confiáveis)

O15 - HKU\S-1-5-21-882110567-3725966301-2789595868-1000\..Trusted Domains: bancobrasil.com.br ([www2] * in Sites confiáveis)

O15 - HKU\S-1-5-21-882110567-3725966301-2789595868-1000\..Trusted Domains: bb.com.br ([www] * in Sites confiáveis)

O15 - HKU\S-1-5-21-882110567-3725966301-2789595868-1000\..Trusted Domains: caixa.gov.br ([]https in Sites confiáveis)

O15 - HKU\S-1-5-21-882110567-3725966301-2789595868-1000\..Trusted Domains: caixa.gov.br ([imagem] https in Sites confiáveis)

O15 - HKU\S-1-5-21-882110567-3725966301-2789595868-1000\..Trusted Domains: caixa.gov.br ([internetbanking] https in Sites confiáveis)

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} https://oas.support.microsoft.com/ActiveX/MSDcode.cab (Microsoft Data Collection Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab) (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab) (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab) (Java Plug-in 1.6.0_23)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 187.85.144.226 187.85.144.228

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de Programas\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKU\S-1-5-21-882110567-3725966301-2789595868-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\ GbPluginBb: DllName - C:\Program Files\GbPlugin\gbieh.dll - C:\Arquivos de Programas\GbPlugin\gbieh.dll (Banco do Brasil)

O20 - Winlogon\Notify\ GbPluginCef: DllName - C:\Program Files\GbPlugin\gbiehCef.dll - C:\Arquivos de Programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Arquivos de Programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)

O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Arquivos de Programas\GbPlugin\gbieh.dll (Banco do Brasil)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 19:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 360 Days ==========

[2011/01/21 11:04:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe

[2011/01/18 11:24:15 | 000,000,000 | ---D | C] -- C:\LinhaDefensiva

[2011/01/18 11:02:43 | 000,178,597 | ---- | C] (Igor Pavlov) -- C:\Users\user\Desktop\51942_bankerfix_30.exe

[2011/01/17 19:49:25 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\ElevatedDiagnostics

[2011/01/15 16:55:26 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\para imprimir

[2011/01/13 20:45:50 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2011/01/13 20:21:00 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Google

[2011/01/13 20:19:50 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Apps

[2011/01/13 20:19:49 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Deployment

[2011/01/13 11:08:32 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\materiais

[2011/01/10 11:48:17 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Atlas do Desenvolvimento Humano no Brasil

[2011/01/09 17:12:31 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\monografia 0111

[2011/01/07 13:56:38 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt

[2011/01/07 13:10:18 | 000,000,000 | ---D | C] -- C:\Epi_Info

[2010/12/06 16:56:53 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\provas

[2010/12/01 16:10:00 | 000,000,000 | ---D | C] -- C:\Users\user\Office Genuine Advantage

[2010/11/30 13:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Office Genuine Advantage

[2010/11/28 14:57:54 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Blocos de Anotações do OneNote

[2010/11/08 18:34:42 | 000,046,600 | ---- | C] (GAS Tecnologia) -- C:\Windows\System32\drivers\gbpkm.sys

[2010/11/08 18:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\GbPlugin

[2010/11/08 18:34:17 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\GbPlugin

[2010/11/08 13:12:26 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\Meus arquivos recebidos

[2010/11/05 13:58:05 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Diagnostics

[2010/11/02 16:25:36 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\My Shared Folder

[2010/11/02 16:25:33 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Ares

[2010/11/02 16:25:26 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ares

[2010/11/02 16:25:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ares

[2010/11/02 16:25:16 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Ares

[2010/11/02 09:17:48 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat

[2010/10/23 08:35:40 | 000,000,000 | ---D | C] -- C:\Users\user\Documents\manuais pops

[2010/10/22 20:01:24 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Microsoft Games

[2010/10/21 21:40:21 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[2010/10/21 18:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2010/10/21 18:55:28 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedBit

[2010/10/21 18:55:15 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\DAP

[2010/10/21 18:22:43 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Macromedia

[2010/10/21 18:15:08 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Adobe

[2010/10/21 17:47:58 | 000,000,000 | ---D | C] -- C:\Users\user\Desktop\backup

[2010/10/21 17:41:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

[2010/10/21 17:33:46 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft Works

[2010/10/21 17:32:39 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft Visual Studio

[2010/10/21 17:32:39 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\DESIGNER

[2010/10/21 17:31:13 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft.NET

[2010/10/21 17:27:30 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft Visual Studio 8

[2010/10/21 17:25:30 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft Office

[2010/10/21 17:24:32 | 000,000,000 | RH-D | C] -- C:\MSOCache

[2010/10/21 17:23:26 | 000,000,000 | ---D | C] -- C:\Users\user\Tracing

[2010/10/21 17:15:37 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH

[2010/10/21 17:14:41 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Windows Live

[2010/10/21 17:13:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

[2010/10/21 17:09:21 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft Silverlight

[2010/10/21 17:02:44 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Windows Live

[2010/10/21 17:02:41 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Windows Live

[2010/10/21 16:59:08 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Synaptics

[2010/10/21 16:32:00 | 000,161,064 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynTPAPI.dll

[2010/10/21 16:32:00 | 000,120,104 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynTPCo4.dll

[2010/10/21 16:31:59 | 000,230,448 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\drivers\SynTP.sys

[2010/10/21 16:31:52 | 000,206,120 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynCtrl.dll

[2010/10/21 16:31:51 | 000,173,352 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynCOM.dll

[2010/10/21 16:31:01 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Microsoft Help

[2010/10/21 16:30:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help

[2010/10/21 16:22:24 | 000,033,768 | ---- | C] (ASUSTek Computer Inc.) -- C:\Windows\System32\AsusSender.exe

[2010/10/21 16:22:22 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\EeePC

[2010/10/21 16:22:20 | 000,000,000 | -H-D | C] -- C:\Arquivos de Programas\InstallShield Installation Information

[2010/10/21 16:19:38 | 000,017,744 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2010/10/21 16:19:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus

[2010/10/21 16:19:37 | 000,294,608 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys

[2010/10/21 16:19:36 | 000,023,632 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2010/10/21 16:19:34 | 000,047,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2010/10/21 16:19:30 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2010/10/21 16:18:06 | 000,188,216 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

[2010/10/21 16:18:06 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr

[2010/10/21 16:18:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software

[2010/10/21 16:18:00 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Alwil Software

[2010/10/21 16:15:45 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

[2010/10/21 16:15:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

[2010/10/21 16:15:28 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\WinRAR

[2010/10/21 16:15:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2010/10/21 16:15:21 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Java

[2010/10/21 16:14:12 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Java

[2010/10/21 16:13:14 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

[2010/10/21 16:12:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed

[2010/10/21 16:12:43 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Foxit Software

[2010/10/21 16:12:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader

[2010/10/21 16:12:36 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Foxit Software

[2010/10/21 15:51:10 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2010/10/21 15:51:10 | 000,000,000 | R--D | C] -- C:\Users\user\Searches

[2010/10/21 15:51:10 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2010/10/21 15:51:00 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Identities

[2010/10/21 15:50:57 | 000,000,000 | R--D | C] -- C:\Users\user\Contacts

[2010/10/21 15:50:42 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\VirtualStore

[2010/10/21 15:50:36 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\Temporary Internet Files

[2010/10/21 15:50:36 | 000,000,000 | -HSD | C] -- C:\Users\user\SendTo

[2010/10/21 15:50:36 | 000,000,000 | -HSD | C] -- C:\Users\user\Recent

[2010/10/21 15:50:36 | 000,000,000 | -HSD | C] -- C:\Users\user\Modelos

[2010/10/21 15:50:36 | 000,000,000 | -HSD | C] -- C:\Users\user\Documents\Minhas músicas

[2010/10/21 15:50:36 | 000,000,000 | -HSD | C] -- C:\Users\user\Documents\Minhas imagens

[2010/10/21 15:50:36 | 000,000,000 | -HSD | C] -- C:\Users\user\Documents\Meus vídeos

[2010/10/21 15:50:36 | 000,000,000 | -HSD | C] -- C:\Users\user\Meus documentos

[2010/10/21 15:50:36 | 000,000,000 | -HSD | C] -- C:\Users\user\Menu Iniciar

[2010/10/21 15:50:36 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\Histórico

[2010/10/21 15:50:36 | 000,000,000 | -HSD | C] -- C:\Users\user\Dados de aplicativos

[2010/10/21 15:50:36 | 000,000,000 | -HSD | C] -- C:\Users\user\AppData\Local\Dados de aplicativos

[2010/10/21 15:50:36 | 000,000,000 | -HSD | C] -- C:\Users\user\Cookies

[2010/10/21 15:50:36 | 000,000,000 | -HSD | C] -- C:\Users\user\Configurações locais

[2010/10/21 15:50:36 | 000,000,000 | -HSD | C] -- C:\Users\user\Ambiente de rede

[2010/10/21 15:50:36 | 000,000,000 | -HSD | C] -- C:\Users\user\Ambiente de impressão

[2010/10/21 15:50:36 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Temp

[2010/10/21 15:50:36 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Local\Microsoft

[2010/10/21 15:50:36 | 000,000,000 | ---D | C] -- C:\Users\user\AppData\Roaming\Media Center Programs

[2010/10/21 15:50:35 | 000,000,000 | --SD | C] -- C:\Users\user\AppData\Roaming\Microsoft

[2010/10/21 15:50:35 | 000,000,000 | R--D | C] -- C:\Users\user\Videos

[2010/10/21 15:50:35 | 000,000,000 | R--D | C] -- C:\Users\user\Saved Games

[2010/10/21 15:50:35 | 000,000,000 | R--D | C] -- C:\Users\user\Pictures

[2010/10/21 15:50:35 | 000,000,000 | R--D | C] -- C:\Users\user\Music

[2010/10/21 15:50:35 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2010/10/21 15:50:35 | 000,000,000 | R--D | C] -- C:\Users\user\Links

[2010/10/21 15:50:35 | 000,000,000 | R--D | C] -- C:\Users\user\Favorites

[2010/10/21 15:50:35 | 000,000,000 | R--D | C] -- C:\Users\user\Downloads

[2010/10/21 15:50:35 | 000,000,000 | R--D | C] -- C:\Users\user\Documents

[2010/10/21 15:50:35 | 000,000,000 | R--D | C] -- C:\Users\user\Desktop

[2010/10/21 15:50:35 | 000,000,000 | R--D | C] -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2010/10/21 15:50:35 | 000,000,000 | -H-D | C] -- C:\Users\user\AppData

[2010/10/21 15:50:07 | 000,000,000 | -HSD | C] -- C:\Arquivos de Programas\Common Files\Sistema

[2010/10/21 15:50:07 | 000,000,000 | -HSD | C] -- C:\Recovery

[2010/10/21 15:50:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelos

[2010/10/21 15:50:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas músicas

[2010/10/21 15:50:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas imagens

[2010/10/21 15:50:07 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Meus vídeos

[2010/10/21 15:50:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Iniciar

[2010/10/21 15:50:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritos

[2010/10/21 15:50:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documentos

[2010/10/21 15:50:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dados de aplicativos

[2010/10/21 15:50:07 | 000,000,000 | -HSD | C] -- C:\Arquivos de Programas

[2010/10/21 15:50:07 | 000,000,000 | -HSD | C] -- C:\Arquivos de Programas\Arquivos Comuns

[2010/10/21 15:44:44 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2010/10/21 15:41:57 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

[2010/10/21 15:41:22 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 360 Days ==========

[2011/01/21 11:25:41 | 001,572,864 | -HS- | M] () -- C:\Users\user\ntuser.dat

[2011/01/21 11:04:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\user\Desktop\OTL.exe

[2011/01/21 10:38:04 | 000,001,050 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-882110567-3725966301-2789595868-1000UA.job

[2011/01/21 10:37:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/01/21 09:51:29 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/01/21 09:51:29 | 000,017,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/01/21 09:44:16 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2011/01/21 09:43:40 | 1602,691,072 | -HS- | M] () -- C:\hiberfil.sys

[2011/01/20 11:35:22 | 001,591,350 | -H-- | M] () -- C:\Users\user\AppData\Local\IconCache.db

[2011/01/20 11:13:51 | 001,522,764 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2011/01/20 11:13:51 | 000,663,804 | ---- | M] () -- C:\Windows\System32\prfh0416.dat

[2011/01/20 11:13:51 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/01/20 11:13:51 | 000,128,094 | ---- | M] () -- C:\Windows\System32\prfc0416.dat

[2011/01/20 11:13:51 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/01/19 17:47:23 | 000,002,560 | ---- | M] () -- C:\Windows\_MSRSTRT.EXE

[2011/01/19 09:37:32 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

[2011/01/18 11:29:23 | 000,000,822 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2011/01/18 11:02:46 | 000,178,597 | ---- | M] (Igor Pavlov) -- C:\Users\user\Desktop\51942_bankerfix_30.exe

[2011/01/17 22:44:53 | 000,624,128 | ---- | M] () -- C:\Users\user\Desktop\dds.scr

[2011/01/17 20:26:01 | 000,000,998 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-882110567-3725966301-2789595868-1000Core.job

[2011/01/16 18:38:38 | 000,565,248 | ---- | M] () -- C:\Users\user\Desktop\MONOGRAFIA1.doc

[2011/01/14 10:18:57 | 000,293,152 | ---- | M] () -- C:\Users\user\Desktop\SoftonicDownloader_para_hijackthis.exe

[2011/01/13 21:53:55 | 000,524,288 | -HS- | M] () -- C:\Users\user\ntuser.dat{c3f2fd42-1f02-11e0-8603-1c4bd6037440}.TMContainer00000000000000000002.regtrans-ms

[2011/01/13 21:53:55 | 000,524,288 | -HS- | M] () -- C:\Users\user\ntuser.dat{c3f2fd42-1f02-11e0-8603-1c4bd6037440}.TMContainer00000000000000000001.regtrans-ms

[2011/01/13 21:53:55 | 000,065,536 | -HS- | M] () -- C:\Users\user\ntuser.dat{c3f2fd42-1f02-11e0-8603-1c4bd6037440}.TM.blf

[2011/01/13 20:45:54 | 000,002,269 | ---- | M] () -- C:\Users\user\Desktop\Google Chrome.lnk

[2011/01/13 15:53:10 | 000,054,452 | ---- | M] () -- C:\Users\user\Desktop\10.pdf.dap

[2011/01/13 15:40:49 | 000,050,211 | ---- | M] () -- C:\Users\user\Desktop\a29v13s0.pdf

[2011/01/13 12:14:39 | 000,108,824 | ---- | M] () -- C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT

[2011/01/13 09:48:43 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

[2011/01/13 09:02:31 | 000,161,792 | ---- | M] () -- C:\Users\user\Desktop\res357.doc

[2011/01/13 06:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

[2011/01/13 06:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

[2011/01/13 06:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys

[2011/01/13 06:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2011/01/13 06:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2011/01/13 06:37:19 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2011/01/13 06:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2011/01/11 18:02:48 | 000,192,751 | ---- | M] () -- C:\Users\user\Desktop\pag_97a103_INDICADORES.pdf

[2011/01/11 15:37:03 | 000,550,912 | ---- | M] () -- C:\Users\user\Desktop\projeto 25 de junho.doc

[2011/01/11 09:29:20 | 000,199,788 | ---- | M] () -- C:\Users\user\Desktop\0511121_07_postextual.pdf

[2011/01/10 13:17:17 | 000,603,648 | ---- | M] () -- C:\Users\user\Desktop\SC_Vargem_Bonita_Geral.xls

[2011/01/10 11:48:50 | 000,000,955 | ---- | M] () -- C:\ads_err.dbf

[2011/01/10 09:49:35 | 000,065,024 | ---- | M] () -- C:\Users\user\Desktop\ESTRUTURA DA MONOGRAFIA.doc

[2011/01/10 09:45:38 | 000,035,840 | ---- | M] () -- C:\Users\user\Desktop\complemento referencia out 2010.doc

[2011/01/07 09:29:36 | 000,094,372 | ---- | M] () -- C:\Users\user\Desktop\Portaria_MS_4217_28_12_2010.pdf

[2010/12/28 10:46:30 | 000,046,600 | ---- | M] (GAS Tecnologia) -- C:\Windows\System32\drivers\gbpkm.sys

[2010/12/16 19:38:28 | 000,410,656 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010/11/28 14:57:53 | 000,001,278 | ---- | M] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de tela e Iniciador do OneNote 2007.lnk

[2010/11/28 09:14:09 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini

[2010/11/25 16:32:31 | 000,001,230 | ---- | M] () -- C:\Users\user\Desktop\Calculator.lnk

[2010/11/24 16:38:16 | 000,202,240 | ---- | M] () -- C:\Users\user\Desktop\Licitação 2011a.doc

[2010/11/05 18:26:09 | 001,044,682 | ---- | M] () -- C:\Users\user\Desktop\Contratacao farmaceutico judicial.PDF

[2010/11/04 16:38:31 | 000,014,145 | ---- | M] () -- C:\Users\user\Desktop\quest.docx

[2010/11/04 16:29:56 | 000,143,225 | ---- | M] () -- C:\Users\user\Desktop\apresentacao monografia.pptx

[2010/11/02 16:25:27 | 000,000,909 | ---- | M] () -- C:\Users\user\Desktop\Ares.lnk

[2010/11/02 09:13:31 | 000,146,432 | ---- | M] () -- C:\Users\user\Desktop\PG_AF-modelo_apres.ppt

[2010/10/23 09:43:17 | 000,069,632 | ---- | M] () -- C:\Users\user\Desktop\trabalho Ana Paula2.doc

[2010/10/22 20:23:55 | 000,054,272 | ---- | M] () -- C:\Users\user\Documents\ASMA.doc

[2010/10/22 20:23:55 | 000,054,272 | ---- | M] () -- C:\Users\user\Desktop\ASMA.doc

[2010/10/21 19:09:21 | 000,002,432 | ---- | M] () -- C:\Users\user\Desktop\Windows Live Messenger.lnk

[2010/10/21 17:42:31 | 000,002,699 | ---- | M] () -- C:\Users\user\Desktop\Microsoft Office Word 2007.lnk

[2010/10/21 17:42:27 | 000,002,669 | ---- | M] () -- C:\Users\user\Desktop\Microsoft Office PowerPoint 2007.lnk

[2010/10/21 17:42:21 | 000,002,635 | ---- | M] () -- C:\Users\user\Desktop\Microsoft Office Excel 2007.lnk

[2010/10/21 16:59:20 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf

[2010/10/21 16:12:37 | 000,001,188 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk

[2010/10/21 16:11:38 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2010/10/21 15:58:44 | 000,524,288 | -HS- | M] () -- C:\Users\user\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms

[2010/10/21 15:58:44 | 000,524,288 | -HS- | M] () -- C:\Users\user\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms

[2010/10/21 15:58:44 | 000,065,536 | -HS- | M] () -- C:\Users\user\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf

[2010/10/21 15:50:36 | 000,000,020 | -HS- | M] () -- C:\Users\user\ntuser.ini

[2010/10/21 15:46:49 | 000,051,953 | ---- | M] () -- C:\Windows\System32\license.rtf

========== Files Created - No Company Name ==========

[2011/01/19 17:47:21 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE

[2011/01/17 22:44:12 | 000,624,128 | ---- | C] () -- C:\Users\user\Desktop\dds.scr

[2011/01/14 10:19:11 | 000,293,152 | ---- | C] () -- C:\Users\user\Desktop\SoftonicDownloader_para_hijackthis.exe

[2011/01/13 20:45:54 | 000,002,269 | ---- | C] () -- C:\Users\user\Desktop\Google Chrome.lnk

[2011/01/13 20:21:05 | 000,001,050 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-882110567-3725966301-2789595868-1000UA.job

[2011/01/13 20:21:03 | 000,000,998 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-882110567-3725966301-2789595868-1000Core.job

[2011/01/13 15:53:09 | 000,054,452 | ---- | C] () -- C:\Users\user\Desktop\10.pdf.dap

[2011/01/13 15:41:01 | 000,050,211 | ---- | C] () -- C:\Users\user\Desktop\a29v13s0.pdf

[2011/01/13 09:46:33 | 000,524,288 | -HS- | C] () -- C:\Users\user\ntuser.dat{c3f2fd42-1f02-11e0-8603-1c4bd6037440}.TMContainer00000000000000000002.regtrans-ms

[2011/01/13 09:46:33 | 000,524,288 | -HS- | C] () -- C:\Users\user\ntuser.dat{c3f2fd42-1f02-11e0-8603-1c4bd6037440}.TMContainer00000000000000000001.regtrans-ms

[2011/01/13 09:46:33 | 000,065,536 | -HS- | C] () -- C:\Users\user\ntuser.dat{c3f2fd42-1f02-11e0-8603-1c4bd6037440}.TM.blf

[2011/01/13 09:02:17 | 000,161,792 | ---- | C] () -- C:\Users\user\Desktop\res357.doc

[2011/01/11 18:02:46 | 000,192,751 | ---- | C] () -- C:\Users\user\Desktop\pag_97a103_INDICADORES.pdf

[2011/01/11 15:39:22 | 000,565,248 | ---- | C] () -- C:\Users\user\Desktop\MONOGRAFIA1.doc

[2011/01/11 09:29:17 | 000,199,788 | ---- | C] () -- C:\Users\user\Desktop\0511121_07_postextual.pdf

[2011/01/10 13:17:13 | 000,603,648 | ---- | C] () -- C:\Users\user\Desktop\SC_Vargem_Bonita_Geral.xls

[2011/01/10 11:48:50 | 000,000,955 | ---- | C] () -- C:\ads_err.dbf

[2011/01/10 09:49:33 | 000,065,024 | ---- | C] () -- C:\Users\user\Desktop\ESTRUTURA DA MONOGRAFIA.doc

[2011/01/09 17:24:43 | 000,035,840 | ---- | C] () -- C:\Users\user\Desktop\complemento referencia out 2010.doc

[2011/01/09 17:18:24 | 000,054,272 | ---- | C] () -- C:\Users\user\Documents\ASMA.doc

[2011/01/07 09:32:18 | 000,094,372 | ---- | C] () -- C:\Users\user\Desktop\Portaria_MS_4217_28_12_2010.pdf

[2010/11/28 14:57:53 | 000,001,278 | ---- | C] () -- C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Recorte de tela e Iniciador do OneNote 2007.lnk

[2010/11/25 16:32:31 | 000,001,230 | ---- | C] () -- C:\Users\user\Desktop\Calculator.lnk

[2010/11/23 15:56:24 | 000,202,240 | ---- | C] () -- C:\Users\user\Desktop\Licitação 2011a.doc

[2010/11/05 18:31:12 | 001,044,682 | ---- | C] () -- C:\Users\user\Desktop\Contratacao farmaceutico judicial.PDF

[2010/11/04 13:25:37 | 000,014,145 | ---- | C] () -- C:\Users\user\Desktop\quest.docx

[2010/11/02 16:25:27 | 000,000,909 | ---- | C] () -- C:\Users\user\Desktop\Ares.lnk

[2010/11/02 10:45:00 | 000,550,912 | ---- | C] () -- C:\Users\user\Desktop\projeto 25 de junho.doc

[2010/11/02 10:14:47 | 000,143,225 | ---- | C] () -- C:\Users\user\Desktop\apresentacao monografia.pptx

[2010/11/02 09:13:37 | 000,146,432 | ---- | C] () -- C:\Users\user\Desktop\PG_AF-modelo_apres.ppt

[2010/10/22 17:31:10 | 000,069,632 | ---- | C] () -- C:\Users\user\Desktop\trabalho Ana Paula2.doc

[2010/10/22 15:41:39 | 000,054,272 | ---- | C] () -- C:\Users\user\Desktop\ASMA.doc

[2010/10/21 19:09:21 | 000,002,432 | ---- | C] () -- C:\Users\user\Desktop\Windows Live Messenger.lnk

[2010/10/21 17:42:31 | 000,002,699 | ---- | C] () -- C:\Users\user\Desktop\Microsoft Office Word 2007.lnk

[2010/10/21 17:42:27 | 000,002,669 | ---- | C] () -- C:\Users\user\Desktop\Microsoft Office PowerPoint 2007.lnk

[2010/10/21 17:42:21 | 000,002,635 | ---- | C] () -- C:\Users\user\Desktop\Microsoft Office Excel 2007.lnk

[2010/10/21 17:02:19 | 000,108,824 | ---- | C] () -- C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT

[2010/10/21 16:59:20 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf

[2010/10/21 16:22:24 | 000,219,136 | ---- | C] () -- C:\Windows\System32\AsusService.exe

[2010/10/21 16:22:24 | 000,021,864 | ---- | C] () -- C:\Windows\AsAcpiSvrLang.ini

[2010/10/21 16:19:38 | 000,001,933 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

[2010/10/21 16:12:37 | 000,001,188 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk

[2010/10/21 16:11:38 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2010/10/21 15:58:42 | 001,591,350 | -H-- | C] () -- C:\Users\user\AppData\Local\IconCache.db

[2010/10/21 15:56:56 | 001,522,764 | ---- | C] () -- C:\Windows\System32\PerfStringBackup.INI

[2010/10/21 15:50:36 | 000,524,288 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms

[2010/10/21 15:50:36 | 000,524,288 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms

[2010/10/21 15:50:36 | 000,262,144 | -HS- | C] () -- C:\Users\user\ntuser.dat.LOG1

[2010/10/21 15:50:36 | 000,065,536 | -HS- | C] () -- C:\Users\user\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf

[2010/10/21 15:50:36 | 000,000,020 | -HS- | C] () -- C:\Users\user\ntuser.ini

[2010/10/21 15:50:36 | 000,000,000 | -HS- | C] () -- C:\Users\user\ntuser.dat.LOG2

[2010/10/21 15:50:35 | 001,572,864 | -HS- | C] () -- C:\Users\user\ntuser.dat

[2010/10/21 15:41:22 | 1602,691,072 | -HS- | C] () -- C:\hiberfil.sys

[2009/08/03 15:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll

[2009/07/14 02:41:57 | 000,000,174 | -HS- | C] () -- C:\Arquivos de Programas\desktop.ini

[2009/07/14 00:04:57 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini

[2009/07/14 00:04:23 | 000,000,478 | ---- | C] () -- C:\Windows\win.ini

[2009/07/14 00:04:23 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini

[2009/07/13 21:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/13 21:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2009/07/13 19:40:44 | 000,027,097 | ---- | C] () -- C:\Windows\System32\country.sys

[2009/07/13 19:40:43 | 000,042,809 | ---- | C] () -- C:\Windows\System32\KEY01.SYS

[2009/07/13 19:40:43 | 000,042,537 | ---- | C] () -- C:\Windows\System32\KEYBOARD.SYS

[2009/07/13 19:40:41 | 000,009,029 | ---- | C] () -- C:\Windows\System32\ANSI.SYS

[2009/07/13 19:40:40 | 000,004,768 | ---- | C] () -- C:\Windows\System32\HIMEM.SYS

[2009/07/13 19:40:39 | 000,029,274 | ---- | C] () -- C:\Windows\System32\NTDOS412.SYS

[2009/07/13 19:40:35 | 000,029,370 | ---- | C] () -- C:\Windows\System32\NTDOS411.SYS

[2009/07/13 19:40:31 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS404.SYS

[2009/07/13 19:40:27 | 000,029,146 | ---- | C] () -- C:\Windows\System32\NTDOS804.SYS

[2009/07/13 19:40:23 | 000,027,866 | ---- | C] () -- C:\Windows\System32\NTDOS.SYS

[2009/07/13 19:40:19 | 000,035,536 | ---- | C] () -- C:\Windows\System32\NTIO412.SYS

[2009/07/13 19:40:17 | 000,035,776 | ---- | C] () -- C:\Windows\System32\NTIO411.SYS

[2009/07/13 19:40:15 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO404.SYS

[2009/07/13 19:40:13 | 000,034,672 | ---- | C] () -- C:\Windows\System32\NTIO804.SYS

[2009/07/13 19:40:11 | 000,033,952 | ---- | C] () -- C:\Windows\System32\NTIO.SYS

[2009/07/13 19:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\System32\msjetoledb40.dll

[2009/07/13 18:29:46 | 000,013,312 | ---- | C] () -- C:\Windows\System32\win87em.dll

[2009/06/10 19:39:59 | 000,060,124 | ---- | C] () -- C:\Windows\System32\tcpmon.ini

========== LOP Check ==========

[2010/10/21 16:12:43 | 000,000,000 | ---D | M] -- C:\Users\user\AppData\Roaming\Foxit Software

[2009/07/14 02:53:46 | 000,025,314 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Files - Unicode (All) ==========

[2011/01/11 09:09:01 | 000,513,897 | ---- | C] ()(C:\Users\user\Documents\Assist?ncia_farmac?utica_na_aten??o_?_sa?de_-_FUNED_Corrigido.pdf) -- C:\Users\user\Documents\Assist￪ncia_farmac￪utica_na_aten￧￣o_￠_sade_-_FUNED_Corrigido.pdf

[2011/01/10 20:07:08 | 000,513,897 | ---- | M] ()(C:\Users\user\Documents\Assist?ncia_farmac?utica_na_aten??o_?_sa?de_-_FUNED_Corrigido.pdf) -- C:\Users\user\Documents\Assist￪ncia_farmac￪utica_na_aten￧￣o_￠_sade_-_FUNED_Corrigido.pdf

========== Alternate Data Streams ==========

@Alternate Data Stream - 304 bytes -> C:\Windows\System32\drivers:GbpKmAp.lst

@Alternate Data Stream - 2 bytes -> C:\Windows\System32:BC3BD2D8_Cef.gbp

@Alternate Data Stream - 2 bytes -> C:\Windows\System32:BC3BD2D8_Bb.gbp

@Alternate Data Stream - 117 bytes -> C:\ProgramData\TEMP:2B11E0DF

< End of report >

Olá!

Desculpe-me pela demora para responder...

Por favor, siga as instruções abaixo e poste os logs dos programas gerados (com o ad-remover, utilize a opção Clean):

Tutorial do Ad-Remover

Tutorial do Malwarebyte's Anti-Malware

Tutorial do Kaspersky Virus Removal Tool

Abraços :D

Boa tarde,

O malwarebytes não detectou nada, segue abaixo log do ADR,

não estou conseguindo baixar o kasperski, estou sem acelerador de

download e está muito demorado, qual acelerador poderia usar?

======= REPORT FROM AD-REMOVER 2.0.0.2,D | ONLY XP/VISTA/7 =======

Updated by TeamXscript on 20/01/11 at 19:00

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

website: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 19:01:00 on 30/01/2011, Normal boot

Microsoft Windows 7 Ultimate (X86)

user@USER-PC (ASUSTeK Computer INC. 1201HA)

============== ACTION(S) ==============

(!) -- Temporary files deleted.

============== ADDITIONNAL SCAN ==============

Internet Explorer Version [8.0.7600.16385]

[HKCU\Software\Microsoft\Internet Explorer\Main]

Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Do404Search: 0x01000000

Enable Browser Extensions: yes

Local Page: C:\Windows\system32\blank.htm

Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896

Show_ToolBar: yes

Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\Main]

AutoHide: yes

Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896

Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Delete_Temp_Files_On_Exit: yes

Local Page: C:\Windows\System32\blank.htm

Search bar: hxxp://search.msn.com/spbasic.htm

Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

Start Page: hxxp://fr.msn.com/

[HKLM\Software\Microsoft\Internet Explorer\ABOUTURLS]

Tabs: res://ieframe.dll/tabswelcome.htm

Blank: res://mshtml.dll/blank.htm

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 File(s)

C:\Program Files\Ad-Remover\Backup: 14 File(s)

C:\Ad-Report-CLEAN[1].txt - 30/01/2011 (1732 Byte(s))

End at: 19:05:22, 30/01/2011

============== E.O.F ==============

Olá!

Será que não dava para você deixar baixando? Tente em um dos links abaixo:

http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/

http://www.softpedia.com/get/Antivirus/Kaspersky-Virus-Removal-Tool.shtml

Abraços :D

Boa tarde,

sempre que tento baixar o kaspersky, mesmo renomeando

o arquivo como o tutorial indica, no momento de

executar sempre resulta em arquivo corrompido...

tentei o download dos sites que indicou e também

direto do kaspersky...

O que pode estar acontecendo?

Olá!

Seu IE ainda está com problemas?

Talvez seja o caso de desativar complementos que estejam dando problema, pois não consigo detectar nada no seu PC.

Abraços :D

Boa tarde,

ainda continuo tendo problemas com downloads,

baixei o kaspersky removal em outro pc e

o mesmo não detectou nada.

Quais complementos poderiam interferir?

Você poderia listá-los?

Olá!

Por favor, siga as instruções abaixo ATENTAMENTE:

PS: Não se esqueça de marcar as entradas em vermelho (se existirem) com vermelho:

Faça o Download do GMER e salve no seu Desktop.

• Extraia/tire do zip o arquivo para uma pasta própria.
• Feito isso, desligue o PC da Internet e feche todos os programas.

-
Existe uma pequena hipótese desta aplicação desligar o seu PC. Por isso, salve qualquer trabalho que tenha aberto.

• Clique duas vezes em /applications/core/interface/imageproxy/imageproxy.php?img=http://farm3.static.flickr.com/2421/3869050764_8a76e542bd_o.gif&key=282cf48f96f3d1684a830d41924624893167eaf454561f7cd1b841182f0d1a09" alt="3869050764_8a76e542bd_o.gif" />
• Se lhe for perguntado, permita que o driver gmer.sys seja rodado.
• Se receber um aviso acerca de atividade de rootkit e se quer fazer um scan clique em NO.
• Clique nas setas ao lado de Rootkit/Malware
• No lado direito (debaixo de file, desmarque todos os drives exceto os seus discos, usualmente o C:\).
• Certifique-se que todas as outras caixas, do lado direito do ecrã estejam marcadas, EXCETO para Show All
• Clique em Scan e aguarde que o scan seja efetuado.

-
Nota: Antes do scan, certifique-se que todos os outros programas estejam fechados. Também não use o computador durante o scan.

• Quando terminar, clique no botão Copiar e depois clique com o botão direito no seu Desktop, escolha Novo e depois -> Documento de Texto.
• Ao ter criado o arquivo, abra-o e novamente botão direito do mouse clique Colar ou Ctrl+V.
• Não se esqueça de colorir as linhas que aparecerem em vermelho com a tag [ color=red]linha que apareceu em vermelho[/color] (sem o espaço entre [ e color).
• Salve o arquivo como gmer.txt e poste o conteúdo em sua próxima resposta.

-
*Nota: Caso tenha problemas, tente executar o GMER em** Modo Seguro (apertando F8, ou F5 em alguns computadores enquanto o computador liga)*

• Importante! Por favor não marque a caixa "Show all" durante o scan.

Depois, poste um novo log do DDS.

Abraços :D

Tópico Arquivado

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.