Usamos cookies para medir audiência e melhorar sua experiência. Você pode aceitar ou recusar a qualquer momento. Veja sobre o iMasters.
Comprei um servidor de um game, e falaram que o arquivo era limpo e etc, mas quando analisei ele no site virustotal.com olha o que apareceu https://www.virustotal.com/file/0c0ca93ff90e99e12ee761e73bd34d5b4cfaa136ffe7e55cfadf4de7bc196f31/analysis/1329891233/
a empresa que me vendeu este server disse que é porque é arquivo em lotes as DLL faz aparecer esses vírus será que é confiável?
analisem meu pc para que volte a ficar limpo como antes ok?
Bom Dia! maceno
|- O log não mostra entradas ruins.
///°°°///
|- < Link - 2 >
|- < Link - 3 >
|- Atualize o programa!
|- Escolha o escaneamento Completo!
|- Desabilite programas de proteção,ao executar o malwarebytes.
|- Ps: Para determinadas infecções,a ferramenta pedirá reboot. <-- Confirme!
|- Ao concluir,clique em "Remover itens".
|- Poste,o relatório: mbam-log-2012-xx-xx (00-00-00).txt
Abraços!
Opa obrigado a atenção, abaixo o log do malwarebytes
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org
Versão da Base de Dados: v2012.02.23.02
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Documentos :: DOCUMENTOS-PC [administrador]
23/02/2012 17:53:10
mbam-log-2012-02-23 (17-53-10).txt
Tipo de Verificação: Verificação Completa
Opções de verificações ativadas: Memória | Inicialização | Registro | Sistema de arquivos | Heurística/Extra | Heurística/Shuriken | PUP | PUM
Opções de verificação desativadas: P2P
Objetos escaneados: 458949
Tempo decorrido: 39 minuto(s), 40 segundo(s)
Processos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
Módulos de Memória Detectados: 0
(Não foram detectados ítens maliciosos)
Chaves de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Valores de Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Itens de Dados no Registro Detectadas: 0
(Não foram detectados ítens maliciosos)
Pastas Detectadas: 0
(Não foram detectados ítens maliciosos)
Arquivos Detectados: 0
(Não foram detectados ítens maliciosos)
(fim)
Bom Dia! maceno
##############
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
##############
|- Pelo visto,já utilizastes ferramenta(s) francesas!
|- Qual dela(s) foi executada em sua máquina?
|- Ps: Você,ainda,tem seu(s) relatórios?
///°°°///
|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://billy-oneal.com/Canned%2520Speeches/speechimages/OTL/otlDesktopIcon.png&key=1894e5d356219721410c3360cbf9af74877ae24ccc81ed88026fc2d95dd96a07" alt="otlDesktopIcon.png" /> > ( ...by OldTimer Tools )
|- Clique em Salvar! < /applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/0e5c629f14858f5bf77e61d46c160e317c6d8c5d3ee101e311e440e99d7fd7b06g.jpg&key=3b5f68b982954852820a7b1c44c7d4ba5f9d81d9cc9adb16f3359408e8cb0d2c" alt="0e5c629f14858f5bf77e61d46c160e317c6d8c5d3ee101e311e440e99d7fd7b06g.jpg" /> >
|- Salve-o no desktop! < /applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/98c0f1ab3823c58ea05c695fd153839feac6fb6b44aaa3f7f5a2cd4a87354c946g.jpg&key=fdd081d7d566e9ee7a4326a3039dd79a57a2005ed7e54a981d560e259f22d658" alt="98c0f1ab3823c58ea05c695fd153839feac6fb6b44aaa3f7f5a2cd4a87354c946g.jpg" /> >
|- Duplo clique em OTL.exe --> Executar: /applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/c19ede0bf8817fba1b9a9c0e9dae6ede3b8983c41017d8926efac3638b95aee16g.jpg&key=422d6e6777df6b11458399b7f42d7cf2ca878f8e09b61a66ff681dacba971926" alt="c19ede0bf8817fba1b9a9c0e9dae6ede3b8983c41017d8926efac3638b95aee16g.jpg" />
|- Execute o OTL,em seu rápido escaneamento. ( Verificação rápida )
|- Ps: Para Windows 7,clique direito e execute-o como "Administrador".
|- Copie e poste o relatório. ( C:\_OTM\MovedFiles\xxxx2012_xxxxxx.log )
|- Poste,também,o relatório "Extras".
Abraços!
Sobre usar ferramentas francesas não sei te falar, pode ser porque quando comprei o pc a página inicial do internet explorer era o site msn la da frança.
LOGS
OTL:
OTL logfile created on: 24/02/2012 08:50:04 - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Documentos\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
3,98 Gb Total Physical Memory | 2,29 Gb Available Physical Memory | 57,44% Memory free
7,96 Gb Paging File | 6,06 Gb Available in Paging File | 76,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 92,67 Gb Total Space | 43,97 Gb Free Space | 47,45% Space Free | Partition Type: NTFS
Drive D: | 838,74 Gb Total Space | 579,41 Gb Free Space | 69,08% Space Free | Partition Type: NTFS
Computer Name: DOCUMENTOS-PC | User Name: Documentos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/02/24 08:49:23 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Documentos\Desktop\OTL.exe
PRC - [2012/01/23 12:33:56 | 003,025,112 | ---- | M] (Emsi Software GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2012/01/11 20:13:26 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2012/01/11 20:13:16 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011/12/29 22:29:04 | 000,497,496 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
PRC - [2011/11/28 15:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 15:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/10/15 05:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011/10/14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011/03/15 17:59:32 | 000,312,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
========== Modules (No Company Name) ==========
MOD - [2012/02/15 02:03:36 | 000,429,040 | ---- | M] () -- C:\Users\Documentos\AppData\Local\Google\Chrome\Application\17.0.963.56\ppgooglenaclpluginchrome.dll
MOD - [2012/02/15 02:03:34 | 003,772,912 | ---- | M] () -- C:\Users\Documentos\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
MOD - [2012/02/15 02:02:21 | 000,527,344 | ---- | M] () -- C:\Users\Documentos\AppData\Local\Google\Chrome\Application\17.0.963.56\libglesv2.dll
MOD - [2012/02/15 02:02:19 | 000,114,672 | ---- | M] () -- C:\Users\Documentos\AppData\Local\Google\Chrome\Application\17.0.963.56\libegl.dll
MOD - [2012/02/15 02:02:10 | 000,122,880 | ---- | M] () -- C:\Users\Documentos\AppData\Local\Google\Chrome\Application\17.0.963.56\avutil-51.dll
MOD - [2012/02/15 02:02:08 | 000,220,672 | ---- | M] () -- C:\Users\Documentos\AppData\Local\Google\Chrome\Application\17.0.963.56\avformat-53.dll
MOD - [2012/02/15 02:02:07 | 001,747,456 | ---- | M] () -- C:\Users\Documentos\AppData\Local\Google\Chrome\Application\17.0.963.56\avcodec-53.dll
MOD - [2012/02/14 23:00:24 | 008,593,568 | ---- | M] () -- C:\Users\Documentos\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/11/28 15:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011/09/08 16:48:36 | 006,583,160 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2011/09/08 16:48:36 | 000,528,760 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:64bit: - [2009/09/14 02:00:00 | 000,166,400 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE -- (EPSON_EB_RPCV4_04)
SRV:64bit: - [2009/09/14 02:00:00 | 000,128,512 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE -- (EPSON_PM_RPCV4_04)
SRV:64bit: - [2009/07/13 22:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 22:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/01/23 12:33:56 | 003,025,112 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012/01/11 20:13:26 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012/01/11 20:13:16 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012/01/09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011/12/29 22:29:04 | 000,497,496 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe -- (AdvancedSystemCareService5)
SRV - [2011/10/15 05:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/10/14 23:54:40 | 000,381,248 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/08/23 03:43:40 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Users\Documentos\AppData\Local\Temp\7zS417D\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011/11/28 14:54:06 | 000,591,192 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2011/11/28 14:53:58 | 000,304,472 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2011/11/28 14:52:22 | 000,042,328 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr.sys -- (aswRdr)
DRV:64bit: - [2011/11/28 14:52:20 | 000,058,712 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2011/11/28 14:52:11 | 000,066,904 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2011/11/28 14:51:53 | 000,024,408 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2011/11/02 12:57:07 | 000,503,352 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2011/09/08 16:49:36 | 000,013,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2011/06/20 22:47:26 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010/12/28 16:45:54 | 000,412,776 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/01/26 23:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2009/09/21 20:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2009/07/13 22:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 22:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 22:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007/02/16 16:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2012/01/05 18:07:14 | 000,021,384 | ---- | M] (IObit) [File_System | Disabled | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2011/11/02 09:13:26 | 000,041,728 | ---- | M] (Emsi Software GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver)
DRV - [2011/11/02 09:13:12 | 000,063,880 | ---- | M] (Emsi Software GmbH) [File_System | On_Demand | Stopped] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2011/09/20 14:27:44 | 000,021,872 | ---- | M] (IObit.com) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2011/09/20 14:27:38 | 000,033,184 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2011/05/19 12:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)
DRV - [2010/05/05 07:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util)
DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006/07/24 15:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search bar = http://search.msn.com/spbasic.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data over 100 bytes]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com.br/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 48 AC C6 BC 45 2F CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {e0301295-ab3e-4af3-979f-3d453c5f9f48} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Documentos\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Documentos\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
[2011/12/20 19:05:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Documentos\AppData\Roaming\Mozilla\Firefox\extensions
[2011/12/20 19:05:36 | 000,000,000 | ---D | M] (uTorrentBar_PT Community Toolbar) -- C:\Users\Documentos\AppData\Roaming\Mozilla\Firefox\extensions\{e0301295-ab3e-4af3-979f-3d453c5f9f48}
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Documentos\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Documentos\AppData\Local\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Documentos\AppData\Local\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Documentos\AppData\Local\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Users\Documentos\AppData\Local\Google\Chrome\Application\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Users\Documentos\AppData\Local\Google\Chrome\Application\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Users\Documentos\AppData\Local\Google\Chrome\Application\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Users\Documentos\AppData\Local\Google\Chrome\Application\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Users\Documentos\AppData\Local\Google\Chrome\Application\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.6 (Enabled) = C:\Users\Documentos\AppData\Local\Google\Chrome\Application\plugins\npqtplugin6.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Documentos\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Complitly plugin for chrome = C:\Users\Documentos\AppData\Local\Google\Chrome\User Data\Default\Extensions\defdhglnppeioeflggkmglipcecffkhk\1.1_0\
CHR - Extension: avast! WebRep = C:\Users\Documentos\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1374_0\
O1 HOSTS File: ([2011/12/21 09:22:57 | 000,001,404 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O2:64bit: - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Documentos\AppData\Roaming\Complitly\64\AutocompletePro64.dll (SimplyGen)
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Documentos\AppData\Roaming\Complitly\AutocompletePro.dll (SimplyGen)
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Messenger Plus Community Toolbar) - {9E7E8B2E-604D-495f-9AF8-EE5C2CB1398D} - C:\Program Files (x86)\msgplscomtb\MsgPlsComDx.dll ()
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Messenger Plus Community Toolbar) - {9E7E8B2E-604D-495f-9AF8-EE5C2CB1398D} - C:\Program Files (x86)\msgplscomtb\MsgPlsComDx.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [iObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Advanced SystemCare 5] C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe (IObit)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DIMBaixando a sua atualização...1300677038363] C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe (Corel Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab) (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab) (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab](http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab) (Java Plug-in 1.6.0_29)O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 200.204.0.10 200.204.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94A6B231-3B37-482D-AAC8-9E5BB8EDD376}: DhcpNameServer = 200.204.0.10 200.204.0.138
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\SysWOW64\Userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/02/24 08:49:26 | 000,583,680 | ---- | C] (OldTimer Tools) -- C:\Users\Documentos\Desktop\OTL.exe
[2012/02/24 06:45:11 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{E2AC6595-0AC1-421E-ACFF-6A28D170CBDE}
[2012/02/23 18:44:34 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{8D71DE31-8499-45DA-9EAB-8D14334994EF}
[2012/02/23 18:44:23 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{1CC92921-DE74-4169-A89B-23760D51666E}
[2012/02/23 18:44:12 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{6658B969-EB26-4BE4-96AA-FCEBF6FA50CC}
[2012/02/23 18:43:49 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{9F4E2738-3BA8-4E1B-8F37-FBF0883BBE13}
[2012/02/23 06:43:23 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{9A8B3278-1B8A-4FBA-A1EA-36CE035B0030}
[2012/02/23 06:43:12 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{5F80F67D-60F3-4A13-B207-073A96680CE2}
[2012/02/23 06:43:01 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{DDFDBDAA-FAD9-415F-8D94-07E1D3A5AB07}
[2012/02/22 18:42:26 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{8AA87E56-FCFF-4936-8C49-D3773F088ADA}
[2012/02/22 18:42:04 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{010C6D19-29C0-4686-8069-3108B8CBCA5B}
[2012/02/22 05:47:28 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{63026656-54AB-496F-85C8-F108F0B3AC9E}
[2012/02/22 05:47:06 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{568FB800-1C20-4571-9639-34D09F4F99CC}
[2012/02/22 05:10:57 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Roaming\Tibia
[2012/02/22 05:08:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tibia
[2012/02/22 04:46:29 | 000,023,896 | ---- | C] (IObit) -- C:\Windows\SysNative\RegistryDefragBootTime.exe
[2012/02/22 04:40:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2012/02/22 04:38:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 5
[2012/02/22 04:35:55 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Roaming\IObit
[2012/02/22 04:35:54 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2012/02/22 04:35:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2012/02/22 04:27:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2012/02/22 04:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2012/02/22 04:20:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012/02/22 04:20:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2012/02/22 04:20:35 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012/02/21 17:46:39 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{2AED12F3-BF85-4CB6-A687-965D418F21D2}
[2012/02/21 17:46:16 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{E40F9F04-A7A0-42B4-A1A3-09D06EFAB988}
[2012/02/21 05:45:50 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{FB6BE0E0-D941-4AD7-A84C-F74C67EC61A8}
[2012/02/21 05:45:23 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{038C04C9-C14B-433D-AF55-06791E22BDF3}
[2012/02/20 11:17:17 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{9B6C3A57-869A-4F2D-B1F3-EB6E0EC0E1EC}
[2012/02/20 11:16:55 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{AF2FC8A1-239B-4B71-BFFB-52A0FDD2AA75}
[2012/02/19 23:16:24 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{C623DD40-306E-482D-8231-4E0B9FC425B9}
[2012/02/19 23:15:58 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{6C561698-DC5E-4951-90BA-E073B7BEB80D}
[2012/02/19 02:07:39 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{25E22023-64F6-4972-8F5F-5B753AC979A4}
[2012/02/19 02:07:16 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{6E64D12E-C75B-4EAE-A9D5-B1D93C01DB44}
[2012/02/19 01:08:09 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{1F3B9021-6EA3-45F8-BB5D-307F5FA3FE46}
[2012/02/19 01:07:56 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{5AAD9014-968E-4ED4-8D8B-87C19E21D31D}
[2012/02/18 07:53:01 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{B37B6604-9AA3-4822-90E2-23E4B0909148}
[2012/02/17 19:52:23 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{BE898782-B041-436F-A761-12BE56BBA013}
[2012/02/17 19:51:58 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{E7967E04-ACBA-4FB9-86BF-D9240C36D96B}
[2012/02/17 19:26:06 | 000,000,000 | ---D | C] -- C:\Users\Documentos\Documents\backup
[2012/02/17 17:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asprate
[2012/02/17 07:51:30 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{99694844-14B8-4B15-BA83-A1CDFE80CB2F}
[2012/02/17 07:51:03 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{040924DB-1315-4E90-AF8D-93F9B5D4A7F6}
[2012/02/16 18:53:27 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{EBFB7B75-BB90-4F12-99B6-A5A8C471AEBD}
[2012/02/16 18:53:16 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{095B5A19-F506-4DA8-87A5-48FBEB04ABD4}
[2012/02/16 18:53:05 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{DB54AB08-C8A6-4E90-8CFD-C22D810F9D45}
[2012/02/16 18:52:42 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{3288B700-1F79-4F08-B8AC-B3DB637FF385}
[2012/02/16 06:52:17 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{34E88AD5-5E1D-40BC-9BAA-BF559B9DA08D}
[2012/02/16 06:52:06 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{7DC59341-6D95-4CB0-9E81-F4236986DFFF}
[2012/02/16 06:51:54 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{98C3CE52-171F-42B3-B9B3-3E1B1DBAB7FC}
[2012/02/16 00:26:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
[2012/02/15 22:04:27 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Roaming\Dev-Cpp
[2012/02/15 18:51:18 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{083077C7-0C93-471E-A7CC-6F1EE1FC12CF}
[2012/02/15 18:50:58 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{6312B347-8420-49EF-8D1F-82C7D7CB7B64}
[2012/02/15 06:27:43 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{3C038FD8-323B-4C00-A5E0-778E8FF3D192}
[2012/02/15 06:27:32 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{76C454DD-16FC-434B-9C24-423797F0B795}
[2012/02/15 06:27:20 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{F45491CD-E637-402C-8DDA-C2071FC2EBDA}
[2012/02/14 18:26:44 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{8AEF1A5D-553B-439F-B472-0B0E94C3BACB}
[2012/02/14 18:26:26 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{79194A9C-D391-4A96-9E06-54EE08A8402B}
[2012/02/14 04:42:17 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{4BB11F8E-8358-4125-BFBD-939F755D18E7}
[2012/02/14 04:42:05 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{FEF49979-4159-479A-AE24-2315D440B563}
[2012/02/14 04:41:52 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{088CDAAB-C48B-4645-8D54-88A789BA166A}
[2012/02/14 04:41:29 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{72DFFCAF-AA00-44F9-BF49-D30F6866EC93}
[2012/02/13 16:40:50 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{1EE9F5D8-825C-4749-AB7D-10287CC8E953}
[2012/02/13 16:40:26 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{F76101B4-4F54-4DE3-84C9-A3201E262C7F}
[2012/02/12 22:13:12 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{AC6BA421-291E-4A3A-954B-2B5BDDE3E602}
[2012/02/12 22:13:01 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{05A154E5-6683-459A-A244-BC4FA935BDF4}
[2012/02/12 22:12:49 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{1DE68C5F-3038-4DD4-A9D1-436286038B1E}
[2012/02/12 22:12:26 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{1B9BE88B-2836-4534-873E-352EC5981E03}
[2012/02/12 10:12:00 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{B9897534-C0D7-433F-94CA-B03362F537A7}
[2012/02/11 22:11:24 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{A09B4E4B-24AF-4843-8921-1A592EF18054}
[2012/02/11 22:11:13 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{4E1C7FE7-580B-40C1-B3FD-CC67B569ED7F}
[2012/02/11 22:11:02 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{74152C18-2393-4A8C-9355-A74FE67BB02C}
[2012/02/11 22:10:39 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{2AFFC316-0FD6-46CF-A916-8CF4FF092F2A}
[2012/02/11 05:52:20 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{0BDDF31A-51DF-4C86-A826-C0CA4AE11ADF}
[2012/02/11 05:52:08 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{7DD1F28E-D64B-4B16-9D93-93EEE7F3A47D}
[2012/02/11 05:51:55 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{CE818185-93FF-4818-80EE-D1C8CDA19A53}
[2012/02/10 17:51:15 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{9D7590D5-B02D-4498-A366-E811BB31DBBE}
[2012/02/10 17:50:50 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{31BF3562-1CC6-412A-A6C5-51532612A67C}
[2012/02/10 05:50:24 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{A3DBBE34-3860-47A4-B15B-29532C237588}
[2012/02/10 05:50:01 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{BA1C268B-DFD3-426F-8AE7-F3CA6547F563}
[2012/02/09 22:07:30 | 000,000,000 | ---D | C] -- C:\Users\Documentos\Desktop\Desenhar Terra
[2012/02/09 21:19:59 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Roaming\Complitly
[2012/02/09 21:19:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Complitly
[2012/02/09 19:11:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Marcos Velasco Security
[2012/02/09 19:11:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marcos Velasco Security
[2012/02/09 17:49:36 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{9BF05EB8-5232-46F5-9D94-ABA8C7B25467}
[2012/02/09 17:49:25 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{384472C0-73F3-4344-BD2D-FE5DB5E550E8}
[2012/02/09 17:49:14 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{05A161F2-489D-44A6-9299-58E6C7847E83}
[2012/02/09 17:48:50 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{BC55B888-81D8-4AAA-A332-CB76352B175F}
[2012/02/09 05:48:24 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{67359652-22B2-48D9-9A74-9F3C581479CA}
[2012/02/09 05:48:00 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{049471D2-C9AD-4C7E-927A-473D7990A3AB}
[2012/02/08 17:47:31 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{E451EE61-41BD-49FD-9A57-9ACC6491E010}
[2012/02/08 17:47:07 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{235C5E39-5B51-40AD-89FA-8F8341368283}
[2012/02/07 17:20:38 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{53476C83-7402-4541-93ED-204C12B004BC}
[2012/02/07 17:20:11 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{75A97807-5D82-4452-9C15-1A2EEC07CA81}
[2012/02/07 05:19:45 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{064B55FB-2D21-46FE-A150-8C57A23B4D1B}
[2012/02/06 17:19:05 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{C6F2FB5B-F731-40CF-9C05-3ECA4A8F71D0}
[2012/02/06 17:18:36 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{F5D5F073-05B8-42C1-B996-2F99E95238D0}
[2012/02/05 20:49:32 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{D0BE57A0-460F-4848-978D-AB779939B012}
[2012/02/05 20:49:20 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{C7B430BB-30DE-4EE0-94E2-8B89B9576AEB}
[2012/02/05 20:48:51 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{290C0C49-DFBE-4E1A-8A9C-EF24908085B1}
[2012/02/05 05:58:19 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{97BDE42C-700D-42B9-8911-A301297E0C94}
[2012/02/05 05:57:54 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{53D923DD-69CD-45BB-BFD6-1E208AAA38E0}
[2012/02/04 17:57:28 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{31969706-677D-44A7-A228-DD84020D1F04}
[2012/02/04 17:57:03 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{382583B7-CAC7-462E-A0F1-42B499754A93}
[2012/02/04 05:56:36 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{87B1B7D8-D165-4944-B471-07E35ADE7ABF}
[2012/02/03 17:55:56 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{D7F3BBE2-B9CA-4D9C-9DC9-8EA2FBAF7373}
[2012/02/03 17:55:33 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{30D0C55A-3B6C-4DC6-BADD-9AA3EADE820A}
[2012/02/03 05:55:07 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{F1579436-20CA-4184-ACBC-5093BB461360}
[2012/02/02 17:54:30 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{5ED87632-8E71-470B-83BD-26B11C80783E}
[2012/02/02 17:54:19 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{C5270AFB-EA2D-4CDB-BB1B-8BA303A5A3AD}
[2012/02/02 17:54:08 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{21CD337A-8F30-4D1C-B46B-CD865704F31A}
[2012/02/02 17:53:46 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{7CF9959D-729A-4533-B482-B43B02844610}
[2012/02/02 05:53:19 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{70C34A24-38E3-491D-8F03-5FB2433DA471}
[2012/02/02 05:52:55 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{AC7C7F97-3679-4A89-B4F1-4CF38C01BC84}
[2012/02/01 17:52:42 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{6CF65A01-3588-47AA-B154-A6C2557A0E14}
[2012/02/01 17:52:31 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{0874F612-F7D8-436D-B070-C17F2F138928}
[2012/02/01 17:52:20 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{BFE321D9-92E2-4C99-955E-C88D9DD7466E}
[2012/02/01 17:51:58 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{5BFB4141-3F68-4C26-A7DB-1A24AFD76093}
[2012/02/01 05:51:32 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{B29363DB-CED4-4D10-8D78-8378EED06414}
[2012/02/01 05:51:20 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{D7464AEF-3ED2-4BCA-BC5F-105902E24CC2}
[2012/02/01 05:51:05 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{C260C4CA-15CF-4D41-9C1A-7725F30EC6B2}
[2012/01/31 17:50:25 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{FA070E77-FDDF-402A-A08C-B2031D043E8A}
[2012/01/31 17:50:14 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{9FCBE60E-DE0E-465A-93E3-38B0F58DACF9}
[2012/01/31 17:50:03 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{08DE50E2-7CB1-4CCD-A2AB-7B7295FCD0B8}
[2012/01/31 17:49:41 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{2A1B7F1D-BBBF-41B2-BE36-EF7E7E63BDA2}
[2012/01/31 05:49:15 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{B53D13F8-05C3-4CEF-870D-7115F5CDF750}
[2012/01/31 05:49:03 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{20259D15-F5D1-44A9-B422-44CB85AAB422}
[2012/01/31 05:48:51 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{75CD9410-9C1F-4D85-8F32-026B59EE5156}
[2012/01/30 17:48:03 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{01B2D080-F8B8-4BF2-AD9E-25D696E8CCC8}
[2012/01/30 17:47:52 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{15E6108C-74E3-4DC0-BDD4-49CE63A47780}
[2012/01/30 17:47:41 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{FF8B9E12-C20C-4054-A2AD-4680F403740E}
[2012/01/30 17:46:57 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{92BCDF4D-EDE3-495C-B833-1456685F421C}
[2012/01/30 05:46:32 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{54179CC4-E956-4D49-98A9-EC2744AA1B53}
[2012/01/30 05:46:19 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{FD4F4155-31B6-4B3E-AA31-1BA0E46F69AA}
[2012/01/30 05:46:07 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{49CDAEF3-FCF7-431D-BE5D-476F64CA790B}
[2012/01/29 17:45:13 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{8481F578-39E1-49AD-B8C2-9805A82BCFED}
[2012/01/29 17:41:59 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{45CA642B-AE4B-4B9D-B0E7-4D42E3560D77}
[2012/01/29 00:13:13 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{73983511-01BC-437E-8A06-504502ACF950}
[2012/01/29 00:12:57 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{7F1FEF9F-3FC6-4FE8-BF2F-24679B359EA8}
[2012/01/28 10:17:00 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{B7D5AE63-4AC0-4A4B-8AF0-72CB2796F525}
[2012/01/28 10:16:37 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{A40BF91B-8859-4547-9414-A9186BD1D391}
[2012/01/27 22:16:09 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{8FC1F6C8-B872-4AED-8C04-B35D8283151C}
[2012/01/27 22:15:30 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{0A188A60-4F4E-45ED-A7F3-684A08165C23}
[2012/01/27 08:42:27 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{CA034FE4-79F6-422F-B2E3-7EA70950D1BA}
[2012/01/27 08:42:16 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{70C59FE1-4533-494C-9F9C-3BCCD2EBFB07}
[2012/01/27 08:42:04 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{E31CAB56-3861-4C5F-ADE8-2AC2B7548249}
[2012/01/26 20:41:24 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{AE5ACAB0-38C4-4248-80AE-FB6B9B9BDE97}
[2012/01/26 20:40:58 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{A8648392-6C7A-40B7-8C72-10530F3928AE}
[2012/01/26 07:58:34 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{D122D185-1893-45D5-82AC-0052EF1BF395}
[2012/01/26 07:58:23 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{299E4E69-7F5F-4C09-B54F-90264876316C}
[2012/01/26 07:58:12 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{BF188223-1FF7-43D5-BCFC-028A7FF0DCDD}
[2012/01/25 19:57:37 | 000,000,000 | ---D | C] -- C:\Users\Documentos\AppData\Local\{26877595-D181-47A6-9E70-E598B2366207}
[1 C:\Windows\SysNative\drivers\.tmp files -> C:\Windows\SysNative\drivers\.tmp -> ]
[1 C:\Users\Documentos\Desktop\.tmp files -> C:\Users\Documentos\Desktop\.tmp -> ]
[1 C:\.tmp files -> C:\.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/02/24 08:49:23 | 000,583,680 | ---- | M] (OldTimer Tools) -- C:\Users\Documentos\Desktop\OTL.exe
[2012/02/24 08:18:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1837178300-1776902075-3512206551-1000UA.job
[2012/02/24 05:18:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1837178300-1776902075-3512206551-1000Core.job
[2012/02/23 13:18:06 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/02/23 13:18:06 | 000,014,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/02/23 13:10:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/02/23 13:10:20 | 3207,323,648 | -HS- | M] () -- C:\hiberfil.sys
[2012/02/22 19:01:46 | 000,043,472 | ---- | M] () -- C:\Users\Documentos\Desktop\whimsical-charm_en.jpg
[2012/02/22 05:08:44 | 000,000,633 | ---- | M] () -- C:\Users\Public\Desktop\Tibia.lnk
[2012/02/22 04:40:16 | 000,001,178 | ---- | M] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2012/02/22 04:38:43 | 000,001,226 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012/02/20 09:56:27 | 000,005,291 | ---- | M] () -- C:\Windows\my.ini.old
[2012/02/20 09:56:27 | 000,005,291 | ---- | M] () -- C:\Windows\my.ini
[2012/02/20 01:27:45 | 000,070,269 | ---- | M] () -- C:\Users\Documentos\Desktop\10819.jpg
[2012/02/17 19:42:53 | 000,001,387 | ---- | M] () -- C:\Users\Documentos\Desktop\energyhv32k - Atalho.lnk
[2012/02/16 00:26:09 | 000,000,781 | ---- | M] () -- C:\Users\Public\Desktop\Shank.lnk
[2012/02/14 21:02:58 | 000,156,364 | ---- | M] () -- C:\Users\Documentos\Desktop\topo-novo2.jpg
[2012/02/12 21:22:23 | 001,499,760 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/02/12 21:22:23 | 000,657,176 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
[2012/02/12 21:22:23 | 000,609,896 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/02/12 21:22:23 | 000,125,568 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
[2012/02/12 21:22:23 | 000,104,214 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/02/11 22:07:00 | 005,137,680 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/02/10 17:15:57 | 000,083,039 | ---- | M] () -- C:\Windows\FontData.fdb
[2012/02/09 21:19:54 | 000,000,771 | ---- | M] () -- C:\Users\Public\Desktop\VDownloader.lnk
[2012/02/09 19:19:44 | 000,071,524 | ---- | M] () -- C:\Users\Documentos\Documents\cc_20120209_201934.reg
[2012/02/09 19:11:55 | 000,001,309 | ---- | M] () -- C:\Users\Public\Desktop\MV RegClean 6.0.lnk
[2012/02/08 18:23:13 | 000,162,377 | ---- | M] () -- C:\Users\Documentos\Desktop\fazer para mr. duff.jpg
[2012/02/04 18:22:43 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/31 18:32:37 | 000,071,931 | ---- | M] () -- C:\Users\Documentos\Desktop\simples e bacana ID.jpg
[2012/01/30 18:15:49 | 000,764,725 | ---- | M] () -- C:\Users\Documentos\Desktop\polaroid template.cdr
[2012/01/29 23:58:31 | 000,000,192 | ---- | M] () -- C:\Users\Documentos\Desktop\alimentar bem.url
[2012/01/28 08:48:39 | 000,000,759 | ---- | M] () -- C:\Users\Documentos\Desktop\Play Torchlight.lnk
[2012/01/26 14:53:35 | 000,000,132 | ---- | M] () -- C:\Users\Documentos\AppData\Roaming\Adobe PNG Format CS5 Prefs
[1 C:\Windows\SysNative\drivers\.tmp files -> C:\Windows\SysNative\drivers\.tmp -> ]
[1 C:\Users\Documentos\Desktop\.tmp files -> C:\Users\Documentos\Desktop\.tmp -> ]
[1 C:\.tmp files -> C:\.tmp -> ]
========== Files Created - No Company Name ==========
[2012/02/22 19:01:49 | 000,043,472 | ---- | C] () -- C:\Users\Documentos\Desktop\whimsical-charm_en.jpg
[2012/02/22 05:08:44 | 000,000,633 | ---- | C] () -- C:\Users\Public\Desktop\Tibia.lnk
[2012/02/22 04:40:16 | 000,001,178 | ---- | C] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2012/02/22 04:38:43 | 000,001,226 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 5.lnk
[2012/02/20 09:52:28 | 000,005,291 | ---- | C] () -- C:\Windows\my.ini.old
[2012/02/20 09:52:21 | 000,005,291 | ---- | C] () -- C:\Windows\my.ini
[2012/02/20 01:27:49 | 000,070,269 | ---- | C] () -- C:\Users\Documentos\Desktop\10819.jpg
[2012/02/17 19:42:53 | 000,001,387 | ---- | C] () -- C:\Users\Documentos\Desktop\energyhv32k - Atalho.lnk
[2012/02/16 00:26:09 | 000,000,781 | ---- | C] () -- C:\Users\Public\Desktop\Shank.lnk
[2012/02/14 19:21:54 | 000,156,364 | ---- | C] () -- C:\Users\Documentos\Desktop\topo-novo2.jpg
[2012/02/09 19:19:37 | 000,071,524 | ---- | C] () -- C:\Users\Documentos\Documents\cc_20120209_201934.reg
[2012/02/09 19:11:55 | 000,001,309 | ---- | C] () -- C:\Users\Public\Desktop\MV RegClean 6.0.lnk
[2012/02/08 18:23:17 | 000,162,377 | ---- | C] () -- C:\Users\Documentos\Desktop\fazer para mr. duff.jpg
[2012/02/04 18:22:43 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/01/31 18:32:37 | 000,071,931 | ---- | C] () -- C:\Users\Documentos\Desktop\simples e bacana ID.jpg
[2012/01/30 18:15:46 | 000,764,725 | ---- | C] () -- C:\Users\Documentos\Desktop\polaroid template.cdr
[2012/01/29 23:58:22 | 000,000,192 | ---- | C] () -- C:\Users\Documentos\Desktop\alimentar bem.url
[2012/01/11 20:13:18 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012/01/11 20:13:16 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012/01/11 20:13:16 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011/12/21 10:27:56 | 000,219,864 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011/11/07 23:35:02 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2011/11/07 23:33:46 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2011/11/06 19:59:48 | 000,001,456 | ---- | C] () -- C:\Users\Documentos\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/10/29 10:34:54 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2011/10/14 23:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011/09/12 09:13:41 | 000,000,132 | ---- | C] () -- C:\Users\Documentos\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/09/10 10:34:08 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2011/09/10 09:41:49 | 000,444,283 | ---- | C] () -- C:\Program Files (x86)\Common Files\WinPcapNmap.exe
[2011/09/08 08:40:45 | 000,073,220 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2011/09/08 08:40:45 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2011/09/08 08:40:45 | 000,029,114 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2011/09/08 08:40:45 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2011/09/08 08:40:45 | 000,021,021 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2011/09/08 08:40:45 | 000,015,670 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2011/09/08 08:40:45 | 000,013,280 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2011/09/08 08:40:45 | 000,010,673 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2011/09/08 08:40:45 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2011/09/08 08:40:45 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2011/09/08 08:40:45 | 000,001,140 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2011/09/08 08:40:45 | 000,001,137 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2011/09/08 08:40:45 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2011/09/08 08:40:45 | 000,001,130 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2011/09/08 08:40:45 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2011/09/08 08:40:45 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2011/09/08 08:39:35 | 000,000,088 | ---- | C] () -- C:\Windows\ETX123_125.ini
[2011/06/29 07:20:20 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011/06/20 09:40:05 | 001,508,738 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/06/20 09:15:51 | 000,631,808 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011/06/20 09:15:51 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/06/20 09:15:51 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/06/20 09:15:51 | 000,080,896 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/06/20 09:15:51 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/06/17 23:40:54 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011/06/17 23:40:47 | 000,019,444 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
========== LOP Check ==========
[2012/02/22 04:46:36 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\BitTorrent
[2012/02/09 21:19:59 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\Complitly
[2012/02/22 04:46:36 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\DAEMON Tools Lite
[2012/02/15 22:14:41 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\Dev-Cpp
[2012/02/09 17:34:09 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\Dropbox
[2011/11/28 19:07:23 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\Epson
[2011/12/17 22:40:59 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\GetRightToGo
[2011/11/03 17:35:32 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\ImgBurn
[2012/02/22 04:40:12 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\IObit
[2011/09/10 12:06:55 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\KastorFreeVimeoDownloader
[2011/07/22 18:07:19 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\Power Burning Wizard
[2012/01/16 04:02:20 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\runic games
[2011/11/08 00:02:49 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\Samsung
[2011/11/12 11:04:57 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\sqlitestudio
[2012/01/18 20:12:02 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\TeamViewer
[2012/02/22 05:12:45 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\Tibia
[2011/06/26 14:05:14 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\Tibiacast
[2012/02/22 05:30:36 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\uTorrent
[2011/09/10 09:42:14 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\VDownloader
[2011/06/23 09:51:54 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\Wacom
[2011/06/23 09:51:55 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2011/12/17 22:41:00 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\WinAVI
[2011/07/19 19:01:21 | 000,000,000 | ---D | M] -- C:\Users\Documentos\AppData\Roaming\Windows Live Writer
[2012/02/17 16:28:56 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
EXTRAS:
OTL Extras logfile created on: 24/02/2012 08:50:04 - Run 1
OTL by OldTimer - Version 3.2.33.2 Folder = C:\Users\Documentos\Desktop
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
3,98 Gb Total Physical Memory | 2,29 Gb Available Physical Memory | 57,44% Memory free
7,96 Gb Paging File | 6,06 Gb Available in Paging File | 76,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 92,67 Gb Total Space | 43,97 Gb Free Space | 47,45% Space Free | Partition Type: NTFS
Drive D: | 838,74 Gb Total Space | 579,41 Gb Free Space | 69,08% Space Free | Partition Type: NTFS
Computer Name: DOCUMENTOS-PC | User Name: Documentos | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [bridge] -- D:\Programas\flashcs5\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [bridge] -- D:\Programas\flashcs5\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{66C10F29-31F0-4A9B-B2CF-465F488AE086}" = CorelDRAW Graphics Suite X5 - Windows Shell Extension 64 Bit
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0416-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Driver do 3D Vision 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Painel de controle da NVIDIA 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver de gráficos 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Driver de controle do 3D Vision 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Software do sistema PhysX 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Atualizações da NVIDIA 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"EPSON TX125 Series" = Desinstalar impressora EPSON TX125 Series
"Pen Tablet Driver" = Bamboo
"SAMSUNG Mobile Composite Device" = SAMSUNG Mobile Composite Device Software
"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"WinRAR archiver" = WinRAR 4.01 (64-bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW® Graphics Suite X5
"{0215A652-E081-4B09-9333-DC85AAB67FFA}" = Adobe Dreamweaver CS5.5
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}" = Epson Event Manager
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{164965E8-4BB0-4EEB-AFBA-75785A2A2A7F}" = Adobe Fireworks CS5
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{23E445D5-FD83-4C50-A211-EB26A2975317}" = Adobe Flash Professional CS5.5
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications ® Core
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java 6 Update 29
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4EBFAB00-674D-27E3-91B0-3BAA73FC6FA6}" = Bamboo Dock
"{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007
"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007
"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007
"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007
"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007
"{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B97EC91-B3FD-4BFF-88FC-5345A26AC2E7}" = Adobe Illustrator CS5
"{9C542173-96F0-435D-A95C-468CAAC75EA0}" = Adobe Flash Player 10 Plugin
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.8.985
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1046-7B44-A93000000001}" = Adobe Reader 9.3 - Português
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3783869-5D14-4838-A042-910DF816D070}" = Xara3D6
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{BDE646E8-86E0-50E1-37BC-0AEBB2185D76}" = Adobe Widget Browser
"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications ® Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{D7A4A1E2-1F01-4325-BEC9-9F2A9EFF9B2B}" = Tibiacast
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA1B174B-4297-467C-9EF8-0AB8D4D5171E}" = Adobe After Effects CS5
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E29D8938-2E48-498C-832D-9663DCABD55F}" = Visual Basic for Applications ® Core - Portuguese (Brazil)
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F761359C-9CED-45AE-9A51-9D6605CD55C4}" = Evernote v. 4.3.1
"{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}" = CorelDRAW Graphics Suite X5 - BR
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Advanced SystemCare 5_is1" = Advanced SystemCare 5
"avast" = avast! Free Antivirus
"Bamboo Dock" = Bamboo Dock 3.3
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Widget Browser
"Complitly_is1" = Complitly
"Cycore FX 1.0.1 for After Effects" = Cycore FX 1.0.1 for After Effects
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DVD Shrink_is1" = DVD Shrink 3.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON Scanner" = EPSON Scan
"ImgBurn" = ImgBurn
"IObit Malware Fighter_is1" = IObit Malware Fighter
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 7.1.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versão 1.60.1.1000
"Messenger Plus!" = Messenger Plus! 5
"msgplscomtb" = Messenger Plus Community Toolbar
"MV RegClean 6.0_is1" = MV RegClean 6.0
"Nero8Lite_is1" = Nero 8 Micro 8.3.2.1
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"PunkBusterSvc" = PunkBuster Services
"QuicktimeAlt_is1" = QuickTime Alternative 3.2.2
"Runic Games Torchlight" = Torchlight
"Shank_is1" = Shank Full Pc version
"Tibia_is1" = Tibia
"uTorrent" = µTorrent
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"WinAVI Video Converter" = WinAVI Video Converter
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = Arquivo do WinRAR
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
========== Last 10 Event Log Errors ==========
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
< End of report >
Bom Dia! maceno
|- Baixe: < MyHosts > ( ... par Jeanmimigab )
|- Salve-o no desktop!
/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/MyHosts.jpg&key=55ffdb1b1e10372ffe12971bf75febd40dd02a1d214b922df8081924a61b3181" alt="MyHosts.jpg" />
|- Execute o arquivo MyHosts.exe,que está na área de trabalho.
|- Para Windows Vista ou 7,execute-o como administrador.
-----------
-----------
Rapport MyHosts.txt
MyHosts V.1.0.0.2 de jeanmimigab
Merci à la team MH, W-T ,C_XX, Laddy et à Batch_man pour leurs aides
Résultat de l'opération:restauration du fichier hosts réussi...
Fin du rapport
-----------
-----------
|- Poste o relatório: C:\MyHosts.txt
///°°°///
|- Execute o OTL.exe.
|- Copie estas informações que estão em vermelho,para o campo clipboard da ferramenta. ( "Exames Personalizados Correções" )
>
:OTLO2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
O4 - HKCU..\Run: [AdobeBridge] File not found
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
[1 C:\Windows\SysNative\drivers\.tmp files -> C:\Windows\SysNative\drivers\.tmp -> ]
[1 C:\Users\Documentos\Desktop\.tmp files -> C:\Users\Documentos\Desktop\.tmp -> ]
[1 C:\.tmp files -> C:\.tmp -> ]
:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"Gopher"="gopher://"
:Commands
[emptyflash]
[emptytemp]
[reboot]
|- Clique no botão Consertar.
|- Ps: A ferramenta irá reiniciar o computador.
|- Ao surgir,clique em executar.
|- Poste o relatório: C:\_OTL\MovedFiles\*.log
Abraços!
Bom dia DigRam,
Rapport MyHosts.txt
MyHosts V.1.0.0.2 de jeanmimigab
Merci à la team MH, W-T ,C_XX, Laddy et à Batch_man pour leurs aides
Résultat de l'opération:restauration du fichier hosts réussi...
Fin du rapport
OTL LOG
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\gopher|:gopher:// /E : value set successfully!
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {E2883E8F-472F-4FB0-9522-AC9BF37916A7}
C:\Windows\Downloaded Program Files\gp.inf not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2883E8F-472F-4FB0-9522-AC9BF37916A7}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
C:\Windows\SysNative\drivers\SETFFA8.tmp deleted successfully.
C:\Users\Documentos\Desktop\~WRL0001.tmp deleted successfully.
C:\timestmp.tmp deleted successfully.
========== REGISTRY ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\Prefixes\\"Gopher"|"gopher://" /E : value set successfully!
========== COMMANDS ==========
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 56475 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Documentos
->Flash cache emptied: 60888 bytes
User: Public
User: Todos os Usuários
User: UpdatusUser
User: Usuário Padrão
->Flash cache emptied: 0 bytes
Total Flash Files Cleaned = 0,00 mb
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Documentos
->Temp folder emptied: 33460412 bytes
->Temporary Internet Files folder emptied: 1086409 bytes
->Java cache emptied: 103571 bytes
->Google Chrome cache emptied: 379233310 bytes
->Flash cache emptied: 0 bytes
User: Public
User: Todos os Usuários
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Usuário Padrão
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 91424 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 68006 bytes
RecycleBin emptied: 1167360 bytes
Total Files Cleaned = 396,00 mb
OTL by OldTimer - Version 3.2.33.2 log created on 02242012_102008
Files\Folders moved on Reboot...
C:\Users\Documentos\AppData\Local\Temp\7zS417D\HPSLPSVC64.DLL moved successfully.
C:\Users\Documentos\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Documentos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FO9GEEK9\api[1].htm moved successfully.
C:\Users\Documentos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FO9GEEK9\background-banner-right-v3[1].jpg moved successfully.
C:\Users\Documentos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BWMOP0YN\background-banner-middle-v3[1].jpg moved successfully.
C:\Users\Documentos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BWMOP0YN\background_button_green_full[1].png moved successfully.
C:\Users\Documentos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6U0JJC6V\api[1].htm moved successfully.
C:\Users\Documentos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6U0JJC6V\list-item-plus[1].png moved successfully.
C:\Users\Documentos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5VF6TUQ5\background_banner_green_50_v3[1].jpg moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
Registry entries deleted on Reboot...
Bom Dia! maceno
|- Abra o OTL.exe -> Clique em Limpeza. <-- Confirme!
|- Ps: O computador irá reiniciar!
///°°°///
|- Baixe: < exeHelper > ( ... by Raktor )
|- Salve-o no desktop!
|- Inicie a ferramenta,com duplo clique em exeHelper.com.
|- Surgirá uma tela preta e,à seguir,o relatório. ( exehelperlog.txt )
|- Ps: Caso ocorra alguma mensagem de erro: "Error deleting file"
|- Execute,novamente,o scan e poste,também,o novo relatório que será gerado.
///°°°///
|- Baixe: < AVPTool >
|- < Link-2 >
<!> Você será conduzido a uma página da Kaspersky,solicitando um email para cadastro.|- Ps: Será pedido seu nome e sobrenome.
|- Ps: Somente o campo "email" é obrigatório.
/applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/452fe62dcc1e70a4612473394b450d3f6b2ac7718d67d0f3b91993f3bd1c411d6g.jpg&key=5f91926b7873055b1a93685cfa85325a95756aa89da7627f49b7a21c9000f1e5" alt="452fe62dcc1e70a4612473394b450d3f6b2ac7718d67d0f3b91993f3bd1c411d6g.jpg" />
|- Informe seu email e depois,clique no botão "Submit Form".
|- Ps: A página será recarregada!
|- Clique no botão "Download".
|- Salve-o em seu desktop!
|- Duplo clique no arquivo "setup".
|- Ps: Aguarde a instalação!
|- Ps: Na próxima tela,marque: "I accept the licence agreement"
|- À seguir,clique em "Start".
|- Clique no botão: < /applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/76f0fc3841655bbb20073c5eafb99183ff229129be65005edaffab3e7d5270d76g.jpg&key=f4992ccdbaf54155ddcbb775c7b6dab8d1bbdc8315abeb85266a013bf2ccad75" alt="76f0fc3841655bbb20073c5eafb99183ff229129be65005edaffab3e7d5270d76g.jpg" /> >
|- Marque:
|- <1> Meu Computador;
|- <2> Disco local ( C: ) ou ( D: );
|- Ps: Normalmente,a unidade em que esteja instalado o SO!
/applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/88fecb3b2eff98883b66e8cdb9d80724cd68fc43575f9b35e4a44c1ee6132b786g.jpg&key=aeacff4203ba9081bd9d8812f1c4408dee4c9e879e3adf48cdbe3c77fc74cfd0" alt="88fecb3b2eff98883b66e8cdb9d80724cd68fc43575f9b35e4a44c1ee6132b786g.jpg" />
|- Clique em "Actions".
|- Ps: Deixe os dois quadrinhos desmarcados! <-- Importante!
|- Ps: Imprima estas orientações,para posterior consulta!
|- Clique na aba "Automatic Scan" e aguarde o término da verificação.
|- Clique no botão < /applications/core/interface/imageproxy/imageproxy.php?img=http://www.mediafire.com/imgbnc.php/b32fe2186e639ada1d2d057fd914121da5aca6d7cf049a1359c50213fa487d7b6g.jpg&key=a157b976c5bad17e2f9f1f5655c2352ebc5b1e692418bcd270a31a97616f1ce4" alt="b32fe2186e639ada1d2d057fd914121da5aca6d7cf049a1359c50213fa487d7b6g.jpg" /> >
|- Clique em"Detected threats".
|- Clique no botão "Save".
|- Ps: Copie o conteúdo do arquivo salvo. <-- *Se houver algo **detectado!*
|- Poste-o em sua resposta!
Abraços!
Boa tarde DigRam
o kaspersky não encontrou nada então abaixo o log EXEHELPER
exeHelper by Raktor
Build 20100414
Run at 12:22:25 on 02/24/12
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--
Boa Tarde! maceno
|- Atualize o Java!
|- Seus logs estão limpos!
|- Tudo Ok?
Abraços!
>
Boa Tarde! maceno
|- Atualize o Java!
|- Seus logs estão limpos!
|- Tudo Ok?
Abraços!
Opa DigRam, muito obrigado já irei atualizar meu java.
Parabéns pela competência.
PROBLEMA RESOLVIDO
Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.
agora vai o log Hijack
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:12:07, on 23/02/2012
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 5\Asc.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?linkid=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {e0301295-ab3e-4af3-979f-3d453c5f9f48} - (no file)
F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\Userinit.exe,
O2 - BHO: AC-Pro - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Documentos\AppData\Roaming\Complitly\AutocompletePro.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Messenger Plus Community Toolbar - {9E7E8B2E-604D-495f-9AF8-EE5C2CB1398D} - C:\Program Files (x86)\msgplscomtb\MsgPlsComDx.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Messenger Plus Community Toolbar - {9E7E8B2E-604D-495f-9AF8-EE5C2CB1398D} - C:\Program Files (x86)\msgplscomtb\MsgPlsComDx.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [iObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [DIMBaixando a sua atualização...1300677038363] "C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite X5\Programs\DIM.exe" "c:\programdata\corel\downloads\540215253_410003\1300677038363\dim_params.xml" -Launch=3 -uibase="c:\users\documentos\appdata\roaming\corel\messages\540215253_410003\br\messagecache2\workflow"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Advanced SystemCare 5] "C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe" /AutoStart
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')
O4 - HKUS\S-1-5-21-1837178300-1776902075-3512206551-1004\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1837178300-1776902075-3512206551-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL
O23 - Service: Emsisoft Anti-Malware 6.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
O23 - Service: Advanced SystemCare Service 5 (AdvancedSystemCareService5) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
O23 - Service: Wacom Consumer Touch Service (TouchServicePen) - Wacom Technology, Corp. - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10268 bytes