Boa Tarde! EDSSX

< http://forums.comodo.com/portuguaordfsportuguese-b37.0/'>forums.comodo.com >

|- Verifique se estas informações lhe ajudam!

< http://forums.comodo.com/portuguaordfsportuguese/comodo-napoundo-atualiza-t90747.0.html;msg654965#msg654965'>maxdelong >

|- Ou...especificamente!

-/-

|- Baixe: | ftp://zebulon.fr/ZHPDiag2.exe'>ZHPDiag2 | ºº < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/NicolasCoolman.jpg&key=31eaca9d787a5cb7b785eaca882cfe95bdd41bfffaf35086b6e7ecf044ef83cf" alt="NicolasCoolman.jpg" /> > ºº ( ... de Nicolas Coolman )

|- Salve-o no desktop!

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag2.jpg&key=178ad18b812c89ff002c2f7a6a9d26b7ea0a5b5c562a6b193a3cfe4a954dd513" alt="ZHPDiag2.jpg" />

|- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag_Installation.jpg&key=96a003c16d3f0c4253ed9d913f8dbccdccf05e2d319057541335ce11db36eedb" alt="ZHPDiag_Installation.jpg" />

|- Confirme todos os passos,ao instalar ZHPDiag.

|- Conclua a instalação,clicando em "Termine".

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_MBRCheck.jpg&key=422695ace691aac35aeb3c90e3a6a983cfe4bf8e09e8b7c24f682693d9ed8b14" alt="ZHPDiag_MBRCheck.jpg" />

|- Ps: Após a instalação,além de ZHPScript,estarão disponíveis no desktop:

|- <1> MBRCheck

|- <2> ZHPDiag2

|- <3> ZHPFix

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_cones.jpg&key=28df64f28f8eccaf2ff09c97b834aecbbd25cab9f58be4d67df683b802f5731a" alt="ZHPDiag_cones.jpg" />

|- Clique no ícone do pergaminho. ( ZHPScript )

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Update.jpg&key=023d5cefa9a24da0bb233d6c3e9cfa2c6e9791d4b2e637615413003efcd1974c" alt="ZHPDiag_Update.jpg" />

|- Clique na seta verde para atualizá-la e/ou baixar sua definição mais recente. ( Your version is update. )

|- Habilite todas as opções de diagnóstico,clicando em "Options".

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPDiag_All.jpg&key=3039b3237721774c7ab0d572b8e334e5c59ce98a6435f488397e0b5452ea4640" alt="ZHPDiag_All.jpg" />

|- Clique em All.

|- Desmarque,à seguir,as caixinhas de n° O45,O61,O62,O65,O82.

|- /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_30days.jpg&key=4e2e7f7c08dde47e5d0f7001510ca78ffc8d42a4df5b5c0087e1aee884192fea" alt="ZHPDiag_30days.jpg" />

|- Clique em "Calendar" e escolha 30 dias!

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/ZHPDiag_UAC.jpg&key=f03b919472ff9f0d8a3597cdd2980adb445695813761dfe0f41961f0b4893a7b" alt="ZHPDiag_UAC.jpg" />

|- Clique no botão UAC,para desabilitar essa proteção.

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Lupa.jpg&key=8c7d977ff17da07a9b2472916401a7cf33c310788cb5a2891a5ebdc78642cd4e" alt="ZHPDiag_Lupa.jpg" />

|- Dê início ao scan,clicando no ícone da lupa. ( Start Diagnosis )

|- Ao concluir,clique em "Save Report".

|- Salve-o em um local conveniente! ( ZHPDiag.txt )

|- Ps: Não poste,diretamente,esse arquivo texto.

|- Envie-o à http://forum.imasters.com.br/topic/452207-pjjointmalekal-hospedagem-inteligente/'>Pjjoint.malekal,clicando na seta azul! < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/ZHPDiag_Pjjoint-1.jpg&key=e6b4e6e3b19c50d6f2496ead0bcc87ac5ce8da02d5c381929fc5543e68ca06b0" alt="ZHPDiag_Pjjoint-1.jpg" /> >

|- Ou acesse: http://cjoint.com/'>/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Cjoint_Logo.jpg&key=bc3f249ffa4fec167155636520ebfd1fed8f6c8d63b5aa0b8cd82fb55aa2edb7" alt="Cjoint_Logo.jpg" /> << Link!

|- Ou acesse: http://imgbox.com/abmdaZsE'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/abmdaZsE.jpg&key=433ccdd2cd040bd965a0b2bee3887132a2fd78ca8d607165658bf45467e220f0" alt="abmdaZsE.jpg" /> << Link!

|- Maiores informações: < |http://forum.imasters.com.br/topic/452911-myfiletk-cjoint/'>Link| >

A+

Boa noite ! DigRam

Este software ; o ZHPDiag ; não está funfando direito não !!!

http://imageshack.us'>ImageShack.us

http://imageshack.us'>ImageShack.us

Abraços

Bom Dia! EDSSX

Este software ; o ZHPDiag ; não está funfando direito não !!!

|- Desabilitou o antivírus e/ou sandbox?
|- Desmarcou as checkbox,antes de efetuar o scan?
|- Verifique se ZHPDiag_silent funciona em sua máquina?

-/-

|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_Silent.jpg&key=b108c6f3da4b9ebe004c6fc63c6e29fc4f2043056612e16f58c8a6da9600eaea" alt="ZHPDiag_Silent.jpg" /> > ( ... par Nicolas Coolman )

|- Salve-o no desktop!

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPDiag_silent_Abrir_link_zps77a6fb10.jpg&key=1f9a07d6538b0ffb5bb4cfa5167c7c8856ac161555a2ff85b027160471db0e3c" alt="ZHPDiag_silent_Abrir_link_zps77a6fb10.jp" />

|- Ou clique direto na imagem,e escolha: "Abrir link em uma nova guia"
|- Salve-o no desktop!

|- Desabilite seu antivírus!

|- Caso utilize o Avast,estabeleça esta configuração à SandBox.
|- Para Windows Vista ou 7,clique direito e execute o arquivo como /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />
|- Aguarde a conclusão do scan e clique em "Copier". <- Aguarde!

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_4cones.jpg&key=1fa875282159446f710d915aa0f19515c10ea929b8487f1466b6ce34a529ae11" alt="ZHPDiag_4cones.jpg" />

|- Além do relatório,teremos no desktop: ZHP_uninstall, MBRCheck, ZHPDiag, ZHPFix

/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/abi6rX9e.jpg&key=92c78ea35f87f8eb069ae0f2916f89217f86c2317aef892b27e6440e4dd75740" alt="abi6rX9e.jpg" />

|- Poste e/ou cole aqui,o link que será gerado,logo após o relatório.

|- Ou acesse: /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Cjoint_Logo.jpg&key=bc3f249ffa4fec167155636520ebfd1fed8f6c8d63b5aa0b8cd82fb55aa2edb7" alt="Cjoint_Logo.jpg" />

|- Ou acesse: /applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/abmdaZsE.jpg&key=433ccdd2cd040bd965a0b2bee3887132a2fd78ca8d607165658bf45467e220f0" alt="abmdaZsE.jpg" />

|- Maiores informações: < |Link| >

A+

Boa tarde e bom domingo ! DigRam

Embora a tela abaixo :

http://pjjoint.malekal.com/files.php?read=ZHPDiag_20130421_o5s8j1213c13

http://img197.imageshack.us/img197/6559/screenshot024.bmp

Obrigado e abraços

Boa Noite! EDSSX

|- Baixe: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/adwcleaner_logo.jpg&key=e2bde0dd8c13fd52e18ca6fc88e8f2d73040a387059f8bc22a53202f0de6f95f" alt="adwcleaner_logo.jpg" /> > ( ... par Xplode )

|- Ao acessar,clique na imagem: < /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/AdwCleaner_Tlcharger.jpg&key=2319bbcd35144166c25768473f26c7f193a7ab5036b9479bd1465d8257d6f6b2" alt="AdwCleaner_Tlcharger.jpg" /> >

|- Ps: Se utilizar o navegador IE9,desabilite o filtro "SmartScreen".
|- Salve-o no desktop!

|- Clique direito em adwcleaner.exe,e escolha sua execução como /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />
|- Ps: Dê início ao scan,clicando em "Remover". < /applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/abpXmu2U.jpg&key=ba3ca278ff9701ebe84a46dc01caabecb05660294243097bd9cdadad470fa662" alt="abpXmu2U.jpg" /> >

/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/acuDr4Nb.jpg&key=492da95813cfa0b62258768d3d470b9ceb78ca09dae770ecd9b6708eee1aab5e" alt="acuDr4Nb.jpg" />

|- Ao concluir,poste o relatório: C:\AdwCleaner[S1].txt

-/-

|- Feche programas/pastas que estejam abertas.
|- Feche,também,o navegador!

|- Para Windows Vista,desabilite a UAC.

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/ZHPFix_Logo.jpg&key=e1490e388cb3365073cd3d8484ad299330f9c980ec992ca5e2d4b57fd46b5d7b" alt="ZHPFix_Logo.jpg" />

|- Dê um duplo clique em ZHPFix.
|- Selecione e copie estas informações,que estão na quote,para o "Bloco de Notas"

>

M2 - MFEP: prefs.js [EDSON - srcjlstd.default\amo@dealplyshopping.com] [] DealPly Shopping v2.0 (.dealplyshopping.com.)
M2 - MFEP: prefs.js [EDSON - srcjlstd.default\{87F8774F-B485-47E2-A755-A40A8A5E886C}] [] Modulo de Seguranca - Banco do Brasil v2.12.3.1.190 (.dealplyshopping.com.)
[MD5.B4746563EBF36A45DCF151C03D7C48CE] [sPRF][20/04/2013] (...) -- C:\Users\EDSON\AppData\Local\Temp\.gbas.dll [389207]
[MD5.7A20CD170D9EE580B6828DBCCB43A6D1] [sPRF][26/03/2013] (...) -- C:\Users\EDSON\AppData\Local\Temp\ICReinstall_safari-517-baixaki-32-bits.exe [649968]
[MD5.00000000000000000000000000000000] [APT] [DealPlyUpdate] (...) -- C:\Program Files\DealPly\DealPlyUpdate.exe (.not file.)
[MD5.6C9AB0B99399AE3815844DFF6E2B66B2] [sPRF][17/04/2013] (...) -- C:\Users\EDSON\AppData\Local\Temp\utt11BC.tmp.bat [77]
[MD5.87B9362056FF7E77D52C5F7A537632E7] [sPRF][16/04/2013] (...) -- C:\Users\EDSON\AppData\Local\Temp\utt45B1.tmp.exe [8194048]
[MD5.00000000000000000000000000000000] [APT] [{C411470A-E353-416A-A3C4-77EFD259CDB0}] (...) -- C:\Users\EDSON\Downloads\PERDCOMPv5.1A.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{F2F95980-03A7-466D-81D8-E305AD967F02}] (...) -- C:\Users\EDSON\Downloads\Receitanet-1.03.exe (.not file.)
[MD5.3DACD570840FFDA9A1B18CA1914391EB] [sPRF][16/04/2013] (.Conduit Ltd. - uTorrentBar_PT Toolbar.) -- C:\Users\EDSON\AppData\Local\Temp\ietACD9.tmp.exe [2524688]
M2 - MFEP: prefs.js [EDSON - srcjlstd.default\{e0301295-ab3e-4af3-979f-3d453c5f9f48}] [] uTorrentBar_PT v10.15.0.62 (.Conduit Ltd..)
O2 - BHO: (no name) - {EF7BD87A-8024-11E2-F316-F3E56188709B} Orphean Key
O2 - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} Orphean Key
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} Orphean Key
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Orphean Key
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} Orphean Key
O2 - BHO: (no name) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} Orphean Key
O2 - BHO: (no name) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} Orphean Key
O2 - BHO: (no name) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} Orphean Key
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} Orphean Key
O4 - Global Startup: C:\Users\EDSON\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
O42 - Logiciel: Malwarebytes Anti-Malware versão 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O43 - CFD: 16/04/2013 - 16:08:16 - [0,609] ----D C:\Program Files\Conduit
O43 - CFD: 16/04/2013 - 16:08:13 - [0,080] ----D C:\Users\EDSON\AppData\Local\Conduit
O43 - CFD: 18/04/2013 - 09:06:20 - [0] ----D C:\Users\EDSON\AppData\Roaming\DealPly
O43 - CFD: 11/04/2013 - 10:37:07 - [13,339] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 02/09/2012 - 21:49:38 - [0] ----D C:\Users\EDSON\AppData\Roaming\AVG2012
O44 - LFC:[MD5.4470E3C1E0C3378E4CAB137893C12C3A] - 04/04/2013 - 14:50:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [22856]
O53 - SMSR:HKLM\...\startupreg\PSafeTray [Key] . (...) -- C:\Program Files\PSafe\PSafeSysTray.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\PSafeWDS [Key] . (...) -- C:\Program Files\PSafe\PSafeWDS.exe (.not file.)

O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.1000234.TWC_TMP_city", "SAO PAULO");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.1000234.TWC_TMP_country", "BR");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.1000234.TWC_country", "BRAZIL");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.1000234.TWC_locId", "BRXX0232");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.1000234.TWC_location", "Sao Paulo, Brazil");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.1000234.TWC_region", "BR");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.1000234.TWC_temp_dis", "c");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.1000234.TWC_wind_dis", "kmh");

O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.1000234.weatherData", "{\"icon\":\"32.png\",\"temperature\":\"16°C\",\"temperatureClear\":\"16°C\",\"highTe[...]

O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.FF19Solved", "true");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.FirstTime", "true");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.FirstTimeFF3", "true");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.PG_ENABLE", "dHJ1ZQ==");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.SF_JUST_INSTALLED.enc", "RkFMU0U=");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.SF_STATUS.enc", "RU5BQkxFRA==");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.SF_USER_ID.enc", "Y2lkXzE5NDIwMTM3NTU0OTg2NDIzMjk=");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.SearchAppState.enc", "Mg==");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.UserID", "UN34079048312052225");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.addressBarTakeOverEnabledInHidden", "true");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.autoDisableScopes", -1);
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.defaultSearch", "false");

O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.embeddedsData", "[{\"appId\":\"129351530870900444\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFra[...]

O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.enableFix404ByUser", "FALSE");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.enableSearchFromAddressBar", "false");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.firstTimeDialogOpened", "true");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.fixPageNotFoundErrorByUser", "TRUE");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.fixPageNotFoundErrorInHidden", "true");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.fixUrls", true);
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.installDate", "16/4/2013 16:08:21");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.installType", "xpe");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.installUsage", "2013-04-19T13:55:28.6386253 03:00");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.installUsageEarly", "2013-04-19T13:55:27.6246903 03:00");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.installerVersion", "1.3.7.3");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.isCheckedStartAsHidden", true);
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.isFirstTimeToolbarLoading", "false");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.lastVersion", "10.15.0.62");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_appStateReportTime.enc", "MTM2NjM2ODk0NzA2Mw==");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_appState_CouponBuddy.enc", "b24=");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_appState_PriceGong.enc", "b24=");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_appState_WindowShopper.enc", "b24=");

O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY2[...]
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_appsDefaultEnabled.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IldpbmRvd1Nob3BwZXIiLCJjcml0ZXJpYXMiOlt7ImNyaXRlc[...]
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_currentVersion.enc", "MS40LjQuNg==");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_eventsCache.enc", "eyI0MDJhZDAwOS01ODMzLTQwMTMtOWIwNi1kZDE1OWEwZmU4YmUiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJ[...]

O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_first_time.enc", "MQ==");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_gadgetOpen.enc", "d2VsY29tZQ==");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_lastLoginTime.enc", "MTM2NjM2ODk0MTAxMQ==");

O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJQb2zDrXRpY2EgZGUgY29udGXDumRvIn0sImdhZG[...]
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMjE1Xy0[...]

O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_showWelcomeGadget.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.mam_gk_userId.enc", "ZDAzMjU5ZjQtZTRmYy00OGE5LTk1YmItMjIwZDg1MjU1NWQz");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.migrateAppsAndComponents", true);

O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"http://utorrentbarpt.ourtoolb[...]

O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.openThankYouPage", "true");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.openUninstallPage", "false");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.price-gong.isManagedApp", "true");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.revertSettingsEnabled", "false");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.search.searchAppId", "129351530870900444");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.search.searchCount", "0");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.searchInNewTabEnabledByUser", "false");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.searchInNewTabEnabledInHidden", "true");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2851643\"}");

O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://uTorrent[...]
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_PT\[...]

O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1366368933739");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_services_appsMetadata_lastUpdate", "1366368933732");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1366368933687");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1366368932583");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1366368933893");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_services_location_lastUpdate", "1366368932586");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_services_login_10.15.0.62_lastUpdate", "1366368934046");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1366368933593");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_services_searchAPI_lastUpdate", "1366368932600");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_services_serviceMap_lastUpdate", "1366368930454");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_services_toolbarContextMenu_lastUpdate", "1366368933474");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_services_toolbarSettings_lastUpdate", "1366368932280");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.serviceLayer_services_translation_lastUpdate", "1366368933403");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.settingsINI", true);
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.shouldFirstTimeDialog", "false");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.showToolbarPermission", "false");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.smartbar.CTID", "CT2851643");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.smartbar.Uninstall", "0");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.smartbar.toolbarName", "uTorrentBar_PT ");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.startPage", "false");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.toolbarBornServerTime", "19-4-2013");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.toolbarCurrentServerTime", "19-4-2013");
O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643.toolbarLoginClientTime", "Fri Apr 19 2013 07:55:34 GMT-0300 (Hora oficial do Brasil)");

O69 - SBI: prefs.js [EDSON - srcjlstd.default] user_pref("CT2851643_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1366368926946,\"isWithState\"[...]

[HKCU\Software\AppDataLow\Software\Conduit]
[HKLM\Software\Classes\Toolbar.CT2851643]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow\Software\uTorrentBar_PT]
[HKLM\Software\uTorrentBar_PT]
[HKCU\Software\Conduit]
[HKLM\Software\Conduit]
[HKCU\Software\MCAFEE]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\InstallCore]
[HKLM\Software\360Safe]

C:\Program Files\Conduit
C:\Users\EDSON\AppData\Local\Conduit
C:\Users\EDSON\AppData\LocalLow\Conduit
C:\Users\EDSON\AppData\Roaming\DealPly
C:\Users\EDSON\AppData\Roaming\AVG2012

proxyfix
emptytemp
emptyclsid
emptyflash
firewallraz
sysrestore

|- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C"
|- Minimize o Bloco de Notas.

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_PasteClipboard.jpg&key=e48613cfa6f79756d0d3087d1f9470f91a4d063f3d1285295d93d87cacbfb63d" alt="ZHPDiag_PasteClipboard.jpg" />

|- Clique no menu,"Paste ClipBoard".
|- Clique "GO" -> Oui.

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPFix_GO.jpg&key=558fe81face1e694faa61f1e0c3985db203e8ad910d59aa68f5da5f2fd114f02" alt="ZHPFix_GO.jpg" />

|- Ps: Temos,àcima,sequência de imagens para maior exclarecimento.
|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt

A+

Bom dia ! DigRam

Segue - os :

AdwCleaner v2.201 - Relatório criado em 22/04/2013 às 10:26:22

Atualizado em 21/04/2013 por Xplode

Sistema Operacional : Windows 7 Home Basic Service Pack 1 (32 bits)

Usuário : EDSON - EDSON-PC

Modo de Boot : Normal

Executado de : C:\Users\EDSON\Downloads\adwcleaner.exe

Opção [Remover]

*** [serviços] ***

*** [Arquivos/Pastas] ***

Pasta Removido : C:\Program Files\Conduit
Pasta Removido : C:\Users\EDSON\AppData\Local\Conduit
Pasta Removido : C:\Users\EDSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdebcffgnijbblbinknkbefciofebcda
Pasta Removido : C:\Users\EDSON\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdebcffgnijbblbinknkbefciofebcda
Pasta Removido : C:\Users\EDSON\AppData\Local\Temp\CT2851643
Pasta Removido : C:\Users\EDSON\AppData\LocalLow\Conduit
Pasta Removido : C:\Users\EDSON\AppData\LocalLow\uTorrentBar_PT
Pasta Removido : C:\Users\EDSON\AppData\Roaming\DealPly
Pasta Removido : C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\srcjlstd.default\CT2851643
Pasta Removido : C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\srcjlstd.default\extensions\{e0301295-ab3e-4af3-979f-3d453c5f9f48}
Pasta Removido : C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\srcjlstd.default\extensions\amo@dealplyshopping.com
Pasta Removido : C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\srcjlstd.default\Smartbar

*** [Registro] ***

Chave Removida : HKCU\Software\AppDataLow\Software\Conduit
Chave Removida : HKCU\Software\AppDataLow\Software\SmartBar
Chave Removida : HKCU\Software\AppDataLow\Software\uTorrentBar_PT
Chave Removida : HKCU\Software\AppDataLow\Toolbar
Chave Removida : HKCU\Software\Conduit
Chave Removida : HKCU\Software\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda
Chave Removida : HKCU\Software\InstallCore
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E0301295-AB3E-4AF3-979F-3D453C5F9F48}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Chave Removida : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Chave Removida : HKLM\SOFTWARE\Classes\Toolbar.CT2851643
Chave Removida : HKLM\Software\Conduit
Chave Removida : HKLM\SOFTWARE\Google\Chrome\Extensions\mdebcffgnijbblbinknkbefciofebcda
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C724B77-3BE1-44A8-9306-4CF8578980B4}
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A7085C17-2A1A-4FDD-B22F-942B22131F3A}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{075FB993-E0E5-42BC-9558-BE07965E184A}
Chave Removida : HKLM\Software\uTorrentBar_PT

*** [Navegadores] ***

-\\ Internet Explorer v10.0.9200.16537

[OK] Registro está limpo.

-\\ Mozilla Firefox v20.0.1 (pt-BR)

Arquivo : C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\fsz8l3w8.default\prefs.js

C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\fsz8l3w8.default\user.js ... Removido !

[OK] Arquivo está limpo.

Arquivo : C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\srcjlstd.default\prefs.js

C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\srcjlstd.default\user.js ... Removido !

Removida : user_pref("CT2851643.1000234.TWC_TMP_city", "SAO PAULO");
Removida : user_pref("CT2851643.1000234.TWC_TMP_country", "BR");
Removida : user_pref("CT2851643.1000234.TWC_country", "BRAZIL");
Removida : user_pref("CT2851643.1000234.TWC_locId", "BRXX0232");
Removida : user_pref("CT2851643.1000234.TWC_location", "Sao Paulo, Brazil");
Removida : user_pref("CT2851643.1000234.TWC_region", "BR");
Removida : user_pref("CT2851643.1000234.TWC_temp_dis", "c");
Removida : user_pref("CT2851643.1000234.TWC_wind_dis", "kmh");

Removida : user_pref("CT2851643.1000234.weatherData", "{\"icon\":\"32.png\",\"temperature\":\"16°C\",\"temperat[...] Removida : user_pref("CT2851643.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Removida : user_pref("CT2851643.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]

Removida : user_pref("CT2851643.FF19Solved", "true");
Removida : user_pref("CT2851643.FirstTime", "true");
Removida : user_pref("CT2851643.FirstTimeFF3", "true");
Removida : user_pref("CT2851643.PG_ENABLE", "dHJ1ZQ==");
Removida : user_pref("CT2851643.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Removida : user_pref("CT2851643.SF_STATUS.enc", "RU5BQkxFRA==");
Removida : user_pref("CT2851643.SF_USER_ID.enc", "Y2lkXzE5NDIwMTM3NTU0OTg2NDIzMjk=");
Removida : user_pref("CT2851643.SearchAppState.enc", "Mg==");
Removida : user_pref("CT2851643.UserID", "UN34079048312052225");
Removida : user_pref("CT2851643.addressBarTakeOverEnabledInHidden", "true");
Removida : user_pref("CT2851643.autoDisableScopes", -1);
Removida : user_pref("CT2851643.defaultSearch", "false");

Removida : user_pref("CT2851643.embeddedsData", "[{\"appId\":\"129351530870900444\",\"apiPermissions\":{\"cross[...]

Removida : user_pref("CT2851643.enableFix404ByUser", "FALSE");
Removida : user_pref("CT2851643.enableSearchFromAddressBar", "false");
Removida : user_pref("CT2851643.firstTimeDialogOpened", "true");
Removida : user_pref("CT2851643.fixPageNotFoundErrorByUser", "TRUE");
Removida : user_pref("CT2851643.fixPageNotFoundErrorInHidden", "true");
Removida : user_pref("CT2851643.fixUrls", true);
Removida : user_pref("CT2851643.installDate", "16/4/2013 16:08:21");
Removida : user_pref("CT2851643.installType", "xpe");
Removida : user_pref("CT2851643.installUsage", "2013-04-19T13:55:28.6386253+03:00");
Removida : user_pref("CT2851643.installUsageEarly", "2013-04-19T13:55:27.6246903+03:00");
Removida : user_pref("CT2851643.installerVersion", "1.3.7.3");
Removida : user_pref("CT2851643.isCheckedStartAsHidden", true);
Removida : user_pref("CT2851643.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Removida : user_pref("CT2851643.isFirstTimeToolbarLoading", "false");
Removida : user_pref("CT2851643.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Removida : user_pref("CT2851643.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Removida : user_pref("CT2851643.lastVersion", "10.15.0.62");
Removida : user_pref("CT2851643.mam_gk_appStateReportTime.enc", "MTM2NjM2ODk0NzA2Mw==");
Removida : user_pref("CT2851643.mam_gk_appState_CouponBuddy.enc", "b24=");
Removida : user_pref("CT2851643.mam_gk_appState_PriceGong.enc", "b24=");
Removida : user_pref("CT2851643.mam_gk_appState_WindowShopper.enc", "b24=");

Removida : user_pref("CT2851643.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9w[...] Removida : user_pref("CT2851643.mam_gk_appsDefaultEnabled.enc", "dHJ1ZQ=="); Removida : user_pref("CT2851643.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IldpbmRvd1Nob3BwZXI[...] Removida : user_pref("CT2851643.mam_gk_currentVersion.enc", "MS40LjQuNg=="); Removida : user_pref("CT2851643.mam_gk_eventsCache.enc", "eyI0MDJhZDAwOS01ODMzLTQwMTMtOWIwNi1kZDE1OWEwZmU4YmUiO[...]

Removida : user_pref("CT2851643.mam_gk_first_time.enc", "MQ==");
Removida : user_pref("CT2851643.mam_gk_gadgetOpen.enc", "d2VsY29tZQ==");
Removida : user_pref("CT2851643.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
Removida : user_pref("CT2851643.mam_gk_lastLoginTime.enc", "MTM2NjM2ODk0MTAxMQ==");

Removida : user_pref("CT2851643.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJQb2zDrXRp[...] Removida : user_pref("CT2851643.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ=="); Removida : user_pref("CT2851643.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVyd[...]

Removida : user_pref("CT2851643.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
Removida : user_pref("CT2851643.mam_gk_showWelcomeGadget.enc", "dHJ1ZQ==");
Removida : user_pref("CT2851643.mam_gk_userId.enc", "ZDAzMjU5ZjQtZTRmYy00OGE5LTk1YmItMjIwZDg1MjU1NWQz");
Removida : user_pref("CT2851643.migrateAppsAndComponents", true);

Removida : user_pref("CT2851643.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%[...]

Removida : user_pref("CT2851643.openThankYouPage", "true");
Removida : user_pref("CT2851643.openUninstallPage", "false");
Removida : user_pref("CT2851643.price-gong.isManagedApp", "true");
Removida : user_pref("CT2851643.revertSettingsEnabled", "false");
Removida : user_pref("CT2851643.search.searchAppId", "129351530870900444");
Removida : user_pref("CT2851643.search.searchCount", "0");
Removida : user_pref("CT2851643.searchInNewTabEnabledByUser", "false");
Removida : user_pref("CT2851643.searchInNewTabEnabledInHidden", "true");
Removida : user_pref("CT2851643.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");

Removida : user_pref("CT2851643.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Removida : user_pref("CT2851643.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\[...] Removida : user_pref("CT2851643.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Removida : user_pref("CT2851643.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Removida : user_pref("CT2851643.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Removida : user_pref("CT2851643.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]

Removida : user_pref("CT2851643.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1366368933739");
Removida : user_pref("CT2851643.serviceLayer_services_appsMetadata_lastUpdate", "1366368933732");
Removida : user_pref("CT2851643.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1366368933687");

Removida : user_pref("CT2851643.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1366368932[...] Removida : user_pref("CT2851643.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1366368933893")[...]

Removida : user_pref("CT2851643.serviceLayer_services_location_lastUpdate", "1366368932586");
Removida : user_pref("CT2851643.serviceLayer_services_login_10.15.0.62_lastUpdate", "1366368934046");
Removida : user_pref("CT2851643.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1366368933593");
Removida : user_pref("CT2851643.serviceLayer_services_searchAPI_lastUpdate", "1366368932600");
Removida : user_pref("CT2851643.serviceLayer_services_serviceMap_lastUpdate", "1366368930454");
Removida : user_pref("CT2851643.serviceLayer_services_toolbarContextMenu_lastUpdate", "1366368933474");
Removida : user_pref("CT2851643.serviceLayer_services_toolbarSettings_lastUpdate", "1366368932280");
Removida : user_pref("CT2851643.serviceLayer_services_translation_lastUpdate", "1366368933403");
Removida : user_pref("CT2851643.settingsINI", true);
Removida : user_pref("CT2851643.shouldFirstTimeDialog", "false");
Removida : user_pref("CT2851643.showToolbarPermission", "false");
Removida : user_pref("CT2851643.smartbar.CTID", "CT2851643");
Removida : user_pref("CT2851643.smartbar.Uninstall", "0");
Removida : user_pref("CT2851643.smartbar.toolbarName", "uTorrentBar_PT ");
Removida : user_pref("CT2851643.startPage", "false");
Removida : user_pref("CT2851643.toolbarBornServerTime", "19-4-2013");
Removida : user_pref("CT2851643.toolbarCurrentServerTime", "19-4-2013");

Removida : user_pref("CT2851643.toolbarLoginClientTime", "Fri Apr 19 2013 07:55:34 GMT-0300 (Hora oficial do Br[...] Removida : user_pref("CT2851643_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...] Removida : user_pref("smartbar.machineId", "8RPOLXJ3HHTWMJOMM09FWDXRL/G+LFJIZKKFCR8KBUI08DQZEQXSGPTMON8RPGN4LF6[...]

-\\ Google Chrome v26.0.1410.64

Arquivo : C:\Users\EDSON\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Arquivo está limpo.

*************************

AdwCleaner[s5].txt - [12408 octets] - [22/04/2013 10:26:22]

########## EOF - C:\AdwCleaner[s5].txt - [12469 octets] ##########

Não encontro o log do outro; parece que não foi gerado .

Abraços

Boa Noite! EDSSX

|- Baixe: < http://thisisudax.org/downloads/JRT.exe'>/applications/core/interface/imageproxy/imageproxy.php?img=http://i48.tinypic.com/1268r49.png&key=be85c7a026af0cb092d2f868777759c6b4bd667a01f00e36e91558a667424520" alt="1268r49.png" /> > ( ... de Thisisu )

|- Salve-o no desktop!

|- Para Windows 7,clique direito em JRT.exe e execute-o como /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />

|- Aguarde a conclusão e poste o relatório. ( JRT.txt )

-/-

|- Baixe: < http://oldtimer.geekstogo.com/OTS.exe'>/applications/core/interface/imageproxy/imageproxy.php?img=http://i44.tinypic.com/331oifp.png&key=fcad0478e14636700bb766245fedff7f764d6e0195351797c0e1ab72934d78e6" alt="331oifp.png" /> > ( ... by Old Timer )

|- Salve-o no desktop ou C:\.

|- Duplo-clique em OTS.exe.

|- Ps: Para Windows Vista ou 7,dê clique direito e execute OTS.exe como administrador.

http://imgbox.com/adpvC8bl'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/adpvC8bl.jpg&key=c379085dc10cb672dedff4ce093df80ec17dca618363c71f07f4d338a99567c0" alt="adpvC8bl.jpg" />

|- Na opção "Additional Scans",clique em "Extras".

|- Marque as caixinhas:

[] Reg - NetSvcs

[] File - Lop Check

/applications/core/interface/imageproxy/imageproxy.php?img=http://i286.photobucket.com/albums/ll83/mcristinna/64bitscan.png&key=bb930c4777d4df8bdf97c83c503f27f38aee8edb1dd2c5f0c16ae9f112f517be" alt="64bitscan.png" />

|- Para SO 64 bits,marque a caixinha!

|- Em "Basic Scans",marque as caixinhas:

[] Use Company Name Whitelist

[] Skip Microsoft Files

|- Verifique: /applications/core/interface/imageproxy/imageproxy.php?img=http://i44.tinypic.com/250ii3s.png&key=220c88c537da331db8d2d91588f8ee40fb89d926eae7b2328f77b0caa0637226" alt="250ii3s.png" /> & /applications/core/interface/imageproxy/imageproxy.php?img=http://i43.tinypic.com/n19ytt.png&key=9af9c765610d7447fca8af2ec98f7f59c910b356ed6037a4e58b0049401ff51b" alt="n19ytt.png" />

%systemdrive%\.

%systemdrive%\drivers\*.exe

%systemroot%\system32\drivers\. /90

%programfiles%\.

%localappdata%\*.exe

%localappdata%\*.txt

%localappdata%\*.ini

%localappdata%\*.dll

%localappdata%\*.dat

%userprofile%\*.exe

%userprofile%\*.txt

%userprofile%\*.ini

%userprofile%\*.dll

%userprofile%\*.dat /30

%appdata%\.

%systemroot%\system32\tasks\.

%windir%\tasks\.

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMPT

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/OTS_CustomScans.jpg&key=380aa0a74d5a8040902c14adba79fb15e5943d5436baaaff1051b8861166384b" alt="OTS_CustomScans.jpg" />

|- Copie e cole estas informações que estão no Code,para o campo "Custom Scans".

|- À seguir,clique em /applications/core/interface/imageproxy/imageproxy.php?img=http://i41.tinypic.com/2lasxtt.png&key=d7a264dfc3d064d2dacf8f5dc7ca6802693c680aebb1b13c4505002e84b61c85" alt="2lasxtt.png" />

|- Ao concluir,abrir-se-á o Bloco de Notas,com o relatório. ( OTS.txt )

|- Poste-o em sua resposta!

|- Acesse para isso! ( http://cjoint.com/'>cjoint.com ou http://myfile.tk/'>myfile.tk )

A+

Bom dia ! DigRam

Segue - os :

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.9 (04.22.2013:1)
OS: Windows 7 Home Basic x86
Ran by EDSON on 23/04/2013 at 9:58:17,44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

Successfully deleted: [File] C:\install.res.1028.dll
Successfully deleted: [File] C:\install.res.1031.dll
Successfully deleted: [File] C:\install.res.1033.dll
Successfully deleted: [File] C:\install.res.1036.dll
Successfully deleted: [File] C:\install.res.1040.dll
Successfully deleted: [File] C:\install.res.1041.dll
Successfully deleted: [File] C:\install.res.1042.dll
Successfully deleted: [File] C:\install.res.2052.dll
Successfully deleted: [File] C:\install.res.3082.dll

~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{002CF9BB-76EC-44B8-9461-7BC0A245A689}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{020D4BCD-0852-4D63-B861-C006BA7D3B79}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{020FAAAB-C18D-4551-B1F8-070152F79D16}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0216C481-F011-484E-9CA4-5490503DA071}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{022A8FC6-E5C3-41D0-A422-08A17AD6DCDB}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{03945CFD-FC65-4389-BE19-3450F8C9ADDE}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{07D5A3F6-7382-41CF-8913-18022150CA91}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0867A835-2AE2-408D-A912-EA3D97AEF868}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{08990230-4F45-4ED4-9771-EB571BDCC135}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0930F12C-E59E-48AF-9466-DDC8B269EB8B}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{09397833-B0AF-4624-BBD8-9694D95BAA78}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0AEBFEC8-1A89-421B-8338-C26CAE848CE2}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0B05524A-4798-4E7B-A543-92E633D9B793}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0B3D474C-FC4A-4936-986D-BB856E78117B}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0B4F4998-34FB-4556-9DF9-FFF971628AB0}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0B552C62-6355-4056-83A2-81B88F519F18}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0BCA9DC4-BDC7-46D6-9AFA-8C515B095E31}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0C2479E8-C767-4711-A269-30BC86A6D4E5}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0C860D6E-4CCF-4F59-9A77-0A612258DDBA}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0C9C35E1-056A-4AB9-8BCD-8E3048F9F42F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0CD793C1-D089-4F99-9D81-146D39E49D5D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0D231F90-6B84-4D36-8478-5EFA7C4158AB}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0E72727E-64E3-443A-9142-2F0F6215698A}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0EC4984D-D442-495A-9329-2DBCB4A93199}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0F1962BE-D205-4F96-9C80-2FC74F68552D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0F58EF26-4947-48F4-9EA8-B2B4374EF69D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0F5C765E-CC5E-4567-A4AC-D79049BCA7C7}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{0FE30DBC-E00C-4DEE-AAB6-6C796EF9C472}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{11139A22-03E4-46B7-A887-6C2FD6713975}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{124D10D9-C822-4544-B29F-7A715F4E1262}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{134DD62B-7E13-40A1-92F7-D8784CCEB0C0}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{14729740-8454-4C46-8CB7-F272AF84BB67}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{14C476DE-E309-452D-85F1-A2375CDD45DA}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{165CECB4-EF2A-402E-B99C-CD03E51B2344}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{17360F19-B0A2-4B31-BE18-243E04FC3DC7}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{1755EA89-3786-4E9F-AFA4-4A1D80E26D13}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{17BB5913-B3BD-43E4-AC85-8CAF5DF003B3}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{17E27861-A095-47A5-A5DA-039EB8A25FBA}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{18BC7A04-79E1-412C-97CD-DFCE89AC4B7A}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{192CC929-C10E-452A-9292-F491531CBCBC}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{1A491085-458D-4644-99C5-F6CE0580B65F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{1B0A4A3B-EE6E-47A4-95AA-A1F64AA7ECCA}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{1B18E941-718F-4464-9313-B9FCB2F9B8D7}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{1BF6475B-1013-4898-A7A9-8B1B8D8C3BD2}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{1D465AE7-05F3-4E0E-B52C-28CB0A48C10D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{1DBFE04A-44F8-42F6-A33D-0F6C861EBA2C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{1EF0D0F3-36C2-47B6-A5AB-3907D41F89EC}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{1F906BEA-6487-44DB-B378-370CFBD384C7}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{1FC1B097-E945-42A8-9B9C-816C7DE0E630}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{22D42ACA-A202-4A64-8E7B-52971ADC4F7F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{23C3D8B9-CB8D-4CDE-AB17-593F2A36371E}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{23E71A96-2C0F-4BD2-97CE-527E2195CFBA}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{2483CAED-4165-4F15-A05A-D6A2916D2D9F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{24FFF43F-555E-4770-82A2-E5C1DF990DD6}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{2715C17F-8894-4460-B88B-4F7D0C34C6E5}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{28015A42-4A84-4080-B709-9DD157D58E8C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{282E88DD-2F39-481B-BCF5-78BF874451BA}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{29D4E1BE-0762-4667-BBB2-5847FEFC6C72}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{2A7FE159-E8E4-46DE-97B6-13D15B51F3F2}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{2ACEEC6D-51AE-487C-A2C5-B520FB2719F1}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{2AFA1580-0D18-4FB7-B547-2E9560B9E25A}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{2BA75E84-B0D3-4053-9627-1D584BCC54BC}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{2BC1539D-AF2F-4416-BD24-D907FAE5BC64}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{2C16FE82-649B-4DFB-9917-3205302145AB}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{2C39116F-2BA0-47F6-A4A7-771A1C3B9697}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{2CAC1483-B116-4919-AB33-7EDB8DBA3965}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{2CFAA8FD-EF46-471F-B8CF-F4DC2B37600C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{2D3DAA7C-23CC-4990-BF1E-A6698E0EBBE6}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{2DF082D2-604B-4F78-BB40-2C357CC1D12B}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{2F5DECBF-1A2C-456F-A1A2-5BBB8D95FFD7}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{3012A7C3-6D01-4548-9D5C-F40F51F9E2BB}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{304AD50F-FA28-4BDE-8C42-6D17C50A62AB}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{30DEF343-062A-4A46-8C3E-7E2E8ECC5334}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{311B39AC-37B2-46B4-80D6-E80F3C7DD966}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{31EAEBA9-A15B-4472-BB21-7933196231F0}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{323DCD6B-0F48-46E4-AB9A-388CCBE938AE}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{328632FC-80BD-408A-A436-C9D268BF036C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{33426497-B369-44C9-A773-9678DB493146}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{33968CE7-A325-4C41-B3CF-B8A0EFD71F7D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{343B3719-51C6-4AF9-BEF4-8163B0E2750E}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{3441BDB7-4739-404C-9078-A4CD47FE416F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{34E7834F-9BB9-4431-B6B4-F61BF227BAD6}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{355A94AB-2340-4BC9-A9B4-14987DC25F2D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{35894948-A0F0-47EB-B27B-9918E8CE79C5}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{35DA86C1-8278-4C6B-8E1D-292CE1F897CA}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{36747F62-7D7A-4F6C-8AFA-4F45F56E2F20}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{3740F46E-BAC7-4A60-AE2D-99F72215A9BF}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{3808A0BD-3660-43B6-81B9-75382AB9F5C1}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{3809C524-7351-4DAF-9F48-3F7132D67869}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{388CD01E-FFAA-499F-86C9-B510ED704A69}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{38B45808-C53F-46DD-B114-A728BAA296B9}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{38EBB304-5045-4CB8-B5D4-91ED2EEFD963}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{39BB901F-BC18-4A9F-AE8B-0D8153F13C26}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{3A113618-9F3C-4959-8B52-EB9BB47AD3A5}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{3A12A7F9-9D2B-4D57-8410-480E876ED41C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{3BB54001-500B-4076-9BC5-2AF1608B38B6}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{3BE5B23A-F7AC-467B-B25E-2A7BBF057589}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{3CE4E08E-9E22-4730-B37B-5D80F4EF8547}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{3E3361B5-00FD-4E4D-8240-3A09F403DDA2}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{401D15C6-8107-4E2D-8E27-B692AE1E4E3B}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{41C3D8FA-763D-4459-A3FD-5E80E0B2C491}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{43028EA7-5648-4DB8-B29E-B9F373FCEC0F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{4412220D-3607-48E5-8591-13B599CD8E77}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{444A67C5-23AB-40CF-AE23-ED927C874448}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{44B21E4F-BAB6-4C37-91D4-4F328BB6839A}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{4590ACB9-65FC-4D4F-B4DA-0F03CD2F1D97}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{46E68286-276E-4E98-BCC5-8F9FFAE886AE}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{46FC5EE5-6D2B-4802-B4F1-655062A82E4D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{475DA460-6E3B-441C-B5A0-5610CB30988F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{47B0863D-15FE-4BC8-AD39-222E3B6D46B5}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{47C5FE51-0544-4EBD-BC09-76BD90C3DE18}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{4846D63D-A63C-4885-A993-BD959AF24407}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{484F685C-3A9D-459E-9938-577047FD7F3A}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{4888B543-AC7A-4C26-B424-77EA15417B1F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{488C1FFB-C6F5-47A6-B2C6-57C297C5FED1}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{48D499AD-2A0F-4645-A3DD-393E1FDC93A3}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{48E93259-5D68-4894-8E1F-36E8D2345923}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{49CAC30B-52B4-46A6-95D1-6ADBE35B83CB}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{4A96E769-24D4-4DDF-A299-128ADC770AE3}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{4CDD94C0-8C03-4C0A-8E44-AC8055BED22B}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{4D0B6A59-0C28-4672-B570-FCACF60934EB}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{4D77C726-F188-43DC-85F4-156503139602}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{4E219740-7E0B-487E-AA8F-F022DC25620B}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{4E39802D-C41F-4DF2-9E90-1C7671401834}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{512A82A6-42E9-4103-A85A-5F668CB99595}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{5145BC8C-CF44-4169-AE7D-F641DCCFEAD8}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{51A5FF1A-C44C-4324-86BE-1951C10A7BD7}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{51B06472-625A-40F9-AAA1-76229DA8534A}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{51F629F8-FF5F-4AD2-BA03-B1B38DE8372E}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{53A59AAF-1111-4FED-AB84-2B8AF69DD1D0}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{5496DA3D-1BD5-4801-95A8-AA6271DF810B}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{54C54E9C-1B78-42C4-9E08-F6313422D5D5}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{550EEC62-E839-4930-8C62-1ED76061AC76}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{559795A0-CA5F-4DB9-8AF4-6FA566E07D3A}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{56734BC4-6EE2-409B-813D-E41DBC32C125}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{578F16BE-0DA9-4806-9BF7-C3B3754D9A34}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{57F62C12-0244-47D1-8009-C8D0DFFEC10D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{5868B6B2-F1DF-4E8C-91BC-2543D44E4944}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{5899AD1F-92E5-4257-BF81-74D83E329947}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{5A165B77-732B-4A8B-A35A-4778C28847DA}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{5CCDA655-E79B-4163-94D5-FE0185380201}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{5D15A27C-FC07-4B20-9987-5E859EE2AAEE}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{5D8F1BB8-D2C8-4FA2-B306-B690D42A60B6}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{5D8F6254-1428-4C1A-A4D2-40D5B26BA91D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{5DF43FBE-B172-4C46-8F8B-647A14CB0BB9}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{60AF6F6A-FB2D-4507-AD18-7BA2C9A38B75}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{60B11E86-D1D1-4E18-AFB7-855359B1F788}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{62A1292E-A5EB-42D9-AD93-713FB0A66E63}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{62DDAF6C-335C-45E1-AE74-A0DC29474871}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{63857C55-47EE-467B-B6B1-8EA9A1DD4AA0}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{64DFF558-E2DC-4ABE-8B31-CFA498D75D59}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{657EF3B1-1517-4542-868B-8832182A4D78}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{65F36A95-2350-4F7C-9D92-B09C5A6F8012}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{660EA13E-771A-4B08-9A19-1267D327F263}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{6620178C-BADD-4141-A031-7639E73DC1CE}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{6651048D-86E9-4423-B7C1-EB67BFE51EAD}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{67904323-FBFB-4B9F-B754-2395961786D2}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{67CFAD20-0358-4775-9CBB-7E6B327F0827}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{694A7709-F41F-4111-A6AF-8A28FDAFCA5D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{6A8BE41A-9C6A-4342-8745-FF149F7BA00A}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{6B86F8C5-3045-401C-89CC-410C656B6DF4}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{6B9A4772-A150-4485-AFE0-C6E7BE5F57CA}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{6C75ABAB-7FDA-4141-B11C-FD1763AF4E0F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{6CE02EAB-B775-4F33-AA2E-D90D20249D7B}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{6D69A7F0-EC34-4276-9D5D-13EAD6BB751F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{6DA2EA0C-1D22-4677-A66E-E1F085CF2692}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{6DC662D4-6632-41F9-B872-EBE1D8D3E5EB}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{6E029A68-F87D-4805-9A13-B77B0CD05ED9}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{6E730491-0DB2-4749-AC63-52D8C7A3BF93}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{6E93410C-6936-42C3-8E85-9109B9C01FF0}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{703D09E9-FB5E-43E8-BF8F-1294CD0849CA}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{70D957BC-6D95-4A6B-AA29-7DE8AAAA1F06}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{71ACB387-8771-45AA-8C7F-8B0658727D4B}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{71DFCDB0-172D-40C1-873F-12871DA63C67}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{7350AE28-3ECB-4E27-9E01-EFA3E6907388}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{7403D5C3-F754-4933-92CB-BE18A91D49E9}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{74969E4E-50DD-4DAC-8739-040DB62D371D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{74FE4BFE-CFC0-4BC1-A0A9-2D1F803CA676}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{753EFFE3-8A1E-4236-9926-7842D2A12E9F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{76DD296B-1B7A-4C2D-AF31-E72F8354D045}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{777135C2-0C19-4EF2-B934-EC778591CE1C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{78B15DCD-2DAF-4B41-9FF3-7526C78740D5}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{78E579F1-6915-4A22-9ED8-7956627885D0}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{7AFE102A-99D6-4930-8635-52C6554B399A}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{7C935716-77F1-4FDA-BB57-8CF174411B3C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{7CD02D0A-FFF0-4826-B545-E479DD6423B6}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{7CF863AB-16E2-49C0-8A44-8E4739C954BB}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{7E95D03C-FB95-4365-B1A5-9A4162AA7BCB}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{7F1A6A1B-B72B-42A0-8931-FDEB84551949}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{7FCC3773-0E09-4C1D-845F-54896B3B2505}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{80BA2BA0-C937-4E80-9BB4-EA83D47A9E2A}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{813CD7EE-A930-40CF-9A56-43ABD229DB65}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{8140034D-5CA5-46EC-A34B-36B30B052A3F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{829FEBED-B611-4792-A3F2-C188B5AA85ED}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{83EB5292-731F-4E66-9557-0CD24747C220}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{84C91750-485B-473C-9CE5-ED05FA559867}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{85383E4F-819F-4CDA-9016-69554605B090}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{86FE00D2-3A2D-4D75-92FD-B98F8394355F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{87D64B53-6621-4948-B8EB-CD33EB51215A}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{87FD007B-5D9C-4523-AF07-41ED0CDE107E}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{88075ED5-FDC4-44FE-9E27-F0B41ACA037D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{889EEF9A-1A7C-440C-9C9E-89E610556264}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{89516411-E259-449C-A3A9-94E73A872EC8}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{899E3ADE-6FE7-4C3B-AF2E-5396C59709DD}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{8A1429EF-0D7D-405A-898D-A2F0FB0C3743}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{8A9E4A83-3E7C-4EC2-A3DA-6BCDB0DA3120}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{8ADF0D64-BB87-4F3A-AA30-CCF32636617F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{8BE5A8BB-7817-4C63-B777-EF97FA0A8730}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{8E94A3FB-79DA-48AC-8115-90DC0A537364}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{8EB50A68-8006-4D32-BF3F-7D9C9E9C3236}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{8F7D5213-AE09-423A-810A-261894425195}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{8F830C5B-C7E7-4184-9DF2-6CB8C71C10D7}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{8FD0018C-A457-49AD-8156-26449155A17B}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{902EF01D-53AA-458B-949F-EF33E0FCA5C3}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{9193E834-5F2D-4D05-8000-FA0A69EC3D6C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{92485AA7-9412-4E74-952C-56828EDAFBD0}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{953D41CE-10D3-4E44-87E9-AE59646FEAEA}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{95DB2093-DC2A-4CF7-8310-C6480D953AD0}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{95E7979D-B87B-4092-B2BB-8606ABCA37C5}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{96235B25-CD88-4CE6-B651-917B278DCB1D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{96B890F4-4E13-48ED-9BEE-E4004BCFF5B8}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{96BD0C0A-EE81-4946-94D1-9D78A6BD20FC}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{98965F50-CA38-42FE-B459-8135257D6631}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{98C119E3-4A85-4D3D-8358-272D2D6C3E76}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{98DD5891-E1D9-4DD1-8A6F-DA966CE52C94}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{998E1EA7-DBB2-4E0C-B5EF-0DED7D53411E}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{9B9E626D-D5D0-4887-8F8F-7D0A3378B4EF}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{9D9457BF-66BA-4826-9631-CCC855B6ECFD}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{9DC021EF-AB0B-441D-A1F4-DF49A5626D02}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{9E73FD72-4CA9-4DCA-AF9F-3241EFC4872C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{9FCD1112-25F1-44A4-9A21-9CD645314B2C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{9FEDF5FA-1B4B-4DFD-8C63-A48A77D55065}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A0D38307-E297-4B0C-BDD2-3FC856AA266E}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A1681EBB-7C8A-4815-BEAD-E515C8E944E1}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A1C84F41-98DE-466C-AC7F-F47B3B8579FA}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A2FC17DC-CD94-4F4A-9788-C713831C3D23}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A2FCAFCE-6DE6-4D99-8F0A-84268410E797}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A327A67F-9D60-4F48-A1F8-0D87C2BD6F14}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A33FFEF9-21D4-4C1F-9154-F734BAEDF0BC}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A37D549A-D3E9-42F9-8DFF-961727583B62}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A3F20E2D-A39C-46ED-9319-ED668879E04F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A4A9A9A5-EB8F-4A50-A211-84580F2298A2}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A4AC21A1-1C85-4905-B498-5A95B787B3D5}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A4B5E22B-CCCE-4615-AFCA-45C1AEEEBE15}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A5DE4209-149D-4CC4-A382-F2B67E7BD15E}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A646B135-A743-47C4-B3C3-6EC472B19FA0}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A651AFE9-E460-4E87-A293-1E5A66CE865B}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A66D8ECD-59EE-4E14-BB9D-99672D39E4CA}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A6CFB6A3-BAD0-43FC-96FA-6630036AA7A5}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A726CB65-B0DE-409A-BDBA-F0E64AED318E}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A824BF2C-3E91-49FB-9EDF-189C57D8C2FB}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A8ED69CE-2EFE-4835-B6C6-FC153DE31F81}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A8FDB1D9-4945-4763-834E-59FC25C6CA59}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{A90E5883-2F81-4D21-9ACF-C6B4A2A3B706}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{ACBC322E-AA7C-4AE5-AE87-B9442DF0304D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{ACF2318E-2BBE-4D7F-85E4-06F28580CCF8}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{AD641F61-7D17-4881-88FF-E8AD21B1ABA2}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{ADD20369-329F-4A93-8097-F6EDFE9EE12D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{AE9EBD0F-91F2-4812-A528-686D86949D90}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{AF067CA3-D444-42E5-80F5-94FA63B3C6D3}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{AF262775-970C-432B-82C0-12BCCDF97C2C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{AF72679A-075F-412D-BD10-B6E1CA10B589}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{B102A253-F389-4DCB-846E-95C6DCDC7642}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{B13700EF-A0DB-4240-B44A-37D607F80042}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{B208752A-A407-46D9-B295-720ACB8E1D1D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{B414DE9E-19EF-4B5F-A0C6-A4D7D61E8723}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{B6A96367-47E8-4329-8FF8-47A1B1AFAA50}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{B7816379-1912-49ED-AF1D-CB9C026A37B3}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{B78284B4-6EDD-410F-B19C-3908AA5D38C4}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{B7A08FC1-F69C-4FAA-AD77-9D6B2823B147}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{B7B6F19E-4616-4B88-80F0-775862D8A498}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{B7C6A1EA-99A1-4D67-A118-B1DB1F160064}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{B849E7AE-FF8C-4018-9594-95532B3DB32D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{B93430DB-7651-401A-82D0-43E235403ACE}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{B97AC005-556A-4EB9-B548-B8661943503F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{B99D4599-EAF2-43F2-AB63-71B0E37387CE}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{B9D22257-B5E2-45F5-9E86-DAB1C9B4B7B8}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{BA60E996-53F6-4B5C-98B9-D1DBF63BBFCC}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{BBEC33D8-E6A0-46CA-BD49-62DA29E85CF0}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{BBFE48B6-63C9-4FC3-A960-75C502C4FF97}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{BD123A46-E614-46E7-874E-03A5A6030BD0}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{BE1D553F-A9C2-4A58-9B8F-9C34AE334A81}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{BF54D32E-DA62-4DD7-9B3C-FED93C802DF9}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{BFFC7AE8-4723-4B17-BF6D-66271316066B}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{C10F0127-92F7-4371-B64D-3CB79CD79137}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{C13394AF-5A3A-4637-A5C3-6FE4AD5E39B4}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{C19F9FE4-4583-41C8-9FAB-560FECF2E558}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{C1A3FF0C-53C5-4E6F-835D-8BFA9268E6E0}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{C22B7574-7A7C-41A3-AA5B-B6D190C57337}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{C25E3A03-11A8-43BC-8B97-A1AD1E36E449}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{C333630F-8A25-4C9C-B3B9-242FAB58E605}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{C3F3C277-01EF-4A6B-9814-7F31886358E1}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{C4118C46-5BD0-47E4-A230-CCF1313F1A2B}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{C685BBA1-37CD-46F5-A666-B1C2FFFF9F86}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{C73F62F6-6669-408E-8324-11F47CC1E52C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{C7D3279C-DF97-48A3-B268-E195E62CF1B0}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{C7FEA47A-DA87-463C-8BA0-B5B147502A46}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{C823BE47-D10C-48FC-8825-08C451965B1F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{CB059DAD-15E7-4FC0-BD6D-0D97BF495035}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{CB0C8516-B2BB-41FD-BD83-A52C21B11303}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{CBA315F7-B474-40C9-8ACE-D37329C85CAF}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{CCB3824E-D6E4-424D-BA6F-DF1EC4B4026C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{CD1C7CFE-FD48-4675-A063-FC9DA207DA2A}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{CD2C1955-9E38-4531-815E-EF01F09428A6}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{CD5DCCE9-25B0-4D56-B913-6774306E69B1}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{CDACDF7B-FCF6-4B6D-8630-55B3406740BB}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{CE23CD45-A710-4C55-92C2-F2A86284C9C9}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{CE642215-9862-4390-80AA-E61E8170F316}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{CEAD1E7C-0A07-44FD-8303-3E6E837C3AE8}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{CF76C655-E336-41F5-9BB8-94823614D9AC}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{CF7C6129-E0A0-401C-B2C3-3C90D52DAA54}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D0A6F9A0-6029-4B43-973A-0C9854D8B724}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D162595E-03D5-42DD-88B6-A6BBE9FC6695}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D1BB2B0E-EC90-4A52-88E0-9A1EFF851BA8}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D27F76C8-24F4-48CF-8EB2-5748794CB125}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D2BF9915-BFBB-4E0F-9B82-4243529F1C54}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D38886CA-BBAC-4017-94DF-2CF984C265CD}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D38F59E3-E221-474C-917F-3A4CC619E0AF}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D3A7035D-B146-45FF-98E9-A4C94133B688}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D3C29220-3D51-4331-832E-99D265EAABF3}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D473494E-9B42-487D-B678-E003C3E06055}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D56CB89E-D613-4778-B0B6-B93990020AFA}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D5D9AF6B-40E0-4531-B890-5A2F1771B97C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D617B19F-FE93-4912-B449-043E755F7B71}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D686D338-4CA1-4893-B7C9-3E16A3D7F8E7}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D6B8C734-EBE9-4548-8E27-CF1ADB2CCA46}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D7DD6879-9DB0-4969-B1AA-7F7840848B28}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{D7EF4456-B610-406D-B734-FB2349765E35}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{DAC63080-F302-4F53-BA12-4BB845D379B6}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{DB470478-F2D8-4966-89B1-67544B5E854E}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{DD49B299-D50D-4DF0-A249-2C8A0DA44692}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{DD74E405-2E46-4657-B478-2ADB67652DFD}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{DEA761A2-E75E-4B06-A5C2-0642E3722632}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{DF37D7CB-437E-4DF2-8474-61C96E41FB91}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E13D2899-2834-4022-8A3C-0DF5CD7EA5EC}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E148923A-F9AA-4FB6-B0DA-6F8D5994A877}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E16B6E86-A2FF-4106-AA87-5F75904D78F7}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E1A6399B-7170-4314-BCF9-042F7DF8BDAC}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E1A7A228-416E-404F-AEBF-76306AF71D02}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E30A79D2-B817-4D3E-B4D0-D22F56DF9EA2}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E3844A3B-1F29-43A6-A74C-52E4B8FF95C7}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E3847BC4-EACE-40A2-AAB0-C7528D9AA996}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E38D2DBE-8947-4C95-8B1E-F46ADB9B8371}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E469D004-119E-49A0-98BE-247F4944BCC0}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E5381020-E1DC-4F81-9DB3-DCB953D8FE3D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E701B0EB-C81F-4CC4-9576-0391595ADA12}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E7EA38FD-1B02-4F85-A3CF-691802AF4A6E}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E839DE8C-8183-4C0B-B733-420317B1F48F}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E8524F44-A51C-4088-B000-7DEBE4995018}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E9C6D4F1-3FFF-4B37-A98B-F601895592D4}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{E9DD639D-2337-4F29-BFE2-6784DB687821}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{EA2C4D4F-F39B-4905-8E2E-6C50F167181A}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{EA9205A4-46A7-4EF1-8597-189AA364F845}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{EB109D9E-BF88-4C98-9F65-940F787805D4}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{EBA36F64-F2EA-4E26-96EE-B05126DB4D40}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{EBDF9C5A-EE1B-4600-91A2-651D6CBF1526}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{ED63E44B-911E-4781-81B1-A94CBE66386C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{EDC26063-B2B0-4C93-927B-62B29C36FF4D}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{EF06B22C-7A40-4504-AF71-C51A9DC5AB8C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{EFB415FC-C678-469F-AF7C-FDBB41EDD630}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{EFC1B3B0-2368-45F8-8979-21F913F290BD}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{EFEA93C5-FC75-4D53-9AFA-F9F2AD311F77}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{F072E452-3B3A-4319-9057-3D4DA153DF2C}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{F10C7143-B9A0-4F42-A88F-E03799FF7355}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{F283027A-D450-4343-B81D-C1AFF3EFB2B6}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{F2F01730-3310-419C-B96E-EFDDE2B1B0C4}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{F32DD43C-1089-4627-AAAE-375F371C70D8}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{F3C9645E-C53D-4F3D-8A0D-0CC7C1346FCA}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{F3D26F77-2A95-4C5A-BF15-E840C7B4C644}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{F3E655B9-8C41-4F17-8215-DF5A0BDA57ED}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{F5CA263D-BC2D-4B36-8211-192287DC6A26}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{F6FCAC33-2E72-4FE3-B730-9CFA074FC50E}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{F7523596-3BED-4168-8B4F-9B4F9E01C273}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{F861C640-6C3C-4230-B0C3-BF8B6250B6E0}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{F8722CA8-E507-48F1-B618-05DF7DCD41C3}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{F92B3E79-5ECB-4A42-ABD7-47DE14E9B4E4}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{F956C268-DFAE-4C3C-8AF4-299B763B7EFD}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{FA80451A-E9EC-4CB4-B879-E86A18864FA6}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{FBC1C812-60AC-43BB-B41A-9DC2C184E971}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{FBDF28AD-5A7A-4CF9-9357-77F3C06332B1}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{FC2C92D5-AA9A-4D3A-B445-6D53E3F0FA04}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{FC9B74CD-E89F-47D4-9824-2584C2AAB3F5}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{FE495D79-4281-4B28-B69F-4C8D81970786}
Successfully deleted: [Empty Folder] C:\Users\EDSON\appdata\local\{FF0D4C93-2EA0-4BAD-A4AC-C1D80293FE90}

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23/04/2013 at 10:02:12,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OTS. txt :

http://cjoint.com/13av/CDxpJWG1J8K.htm

Obs : No notebook com o mesmo windows; o comodo atualiza as assinaturas normal.

Abraços

Boa Tarde! EDSSX

Obs : No notebook com o mesmo windows; o comodo atualiza as assinaturas normal.

|- E,também,com o mesmo provedor de internet?

|- Desinstale o AVG e o Panda,para evitar conflito com o Comodo.

-/-

|- Abra a ferramenta OTS.

[Unregister Dlls]

[Driver Services - Safe List]

YY -> (AVGIDSDriver) AVGIDSDriver [Kernel | System | Running] -> C:\Windows\System32\drivers\avgidsdriverx.sys

YY -> (Avgtdix) AVG TDI Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\avgtdix.sys

YY -> (Avgmfx86) AVG Mini-Filter Resident Anti-Virus Shield [File_System | System | Running] -> C:\Windows\System32\drivers\avgmfx86.sys

YY -> (AVGIDSShim) AVGIDSShim [Kernel | System | Running] -> C:\Windows\System32\drivers\avgidsshimx.sys

YY -> (Avgrkx86) AVG Anti-Rootkit Driver [File_System | Boot | Running] -> C:\Windows\system32\DRIVERS\avgrkx86.sys

YY -> (Avglogx) AVG Logging Driver [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\avglogx.sys

YY -> (AVGIDSHX) AVGIDSHX [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\avgidshx.sys

YY -> (Avgldx86) AVG AVI Loader Driver [Kernel | System | Stopped] -> C:\Windows\System32\drivers\avgldx86.sys

[Registry - Safe List]

< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > ->

YN -> HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal

< FireFox Settings [Prefs.js] > -> C:\Users\EDSON\AppData\Roaming\Mozilla\FireFox\Profiles\srcjlstd.default\prefs.js

YN -> browser.startup.homepage -> "http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"

< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\

YN -> {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}:{FFFDC614-B694-4AE6-AB38-5D6374584B52} [HKLM] -> Reg Error: Key error. [Button: OneNote Lin&ked Notes]

YN -> {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA}:{FFFDC614-B694-4AE6-AB38-5D6374584B52} [HKLM] -> Reg Error: Key error. [Menu: OneNote Lin&ked Notes]

[Files/Folders - Created Within 30 Days]

NY -> JRT -> C:\JRT

[Files/Folders - Modified Within 30 Days]

NY -> mbam.sys -> C:\Windows\System32\drivers\mbam.sys

NY -> 9 C:\Windows\Temp\.tmp files -> C:\Windows\Temp\.tmp

NY -> 9 C:\Windows\Temp\.tmp files -> C:\Windows\Temp\.tmp

[File - Lop Check]

NY -> AVG -> C:\Users\EDSON\AppData\Roaming\AVG

NY -> AVG2012 -> C:\Users\EDSON\AppData\Roaming\AVG2012

NY -> Panda Security -> C:\Users\EDSON\AppData\Roaming\Panda Security

[Custom Scans]

YY -> mbam.sys -> C:\Windows\system32\drivers\mbam.sys

YY -> DealPlyUpdate -> C:\Windows\system32\tasks\DealPlyUpdate

[Alternate Data Streams]

NY -> @Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0B4227B4

[custom items]

:files

type C:\Windows\system32\tasks\{B3CC8138-54E9-4922-8B83-CF0AE987E882} /c

type C:\Windows\system32\tasks\{C411470A-E353-416A-A3C4-77EFD259CDB0} /c

type C:\Windows\system32\tasks\{F2F95980-03A7-466D-81D8-E305AD967F02} /c

:end

[empty temp folders]

[clear all restore points]

[reboot machine after fix]

|- Cole estas informações que estão no Code,para o campo: "Paste Fix Here"

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/OTS_RunFix.jpg&key=748aeb7148600d575912c17ea09a93e07507846ce9814810a92df046d745c699" alt="OTS_RunFix.jpg" />

|- Clique em Run Fix --> Aguarde!

|- Terminando,poste o relatório: C:\_OTS\MovedFiles\OTS.txt

A+

Boa tarde ! DigRam

Sim com o mesmo provedor . O AVG e o panda não estão mais no pc; são apenas sobras dos mesmos no registro do windows .

Ao executar o fix; o programa OTS não estava mais respondendo . Tive que reiniciar o sistema com o gerenciador de tarefas .

E após o reinicio me deparei com uns detalhes; aqui criou - se na área de trabalho dois arquivos chamados desktop.ini e foram restabelecidas pastas( com acesso negado ) em meu sistema com datas bem antigas; até duplicando - se algumas já existentes no sistema .

http://imageshack.us'>ImageShack.us

http://imageshack.us'>ImageShack.us

Abraços

Bom Dia! EDSSX

|- Baixe: < http://download.avg.com/filedir/util/avgrem/avg_remover_stf_x86_2012_1796.exe'>avgremover >

|- Clique direto no arquivo,e execute-o como administrador.

|- Siga as instruções da ferramenta,para que sejam removidos resquícios do AVG.

-/-

|- Baixe: < http://www.sur-la-toile.com/RogueKiller/RogueKiller.exe'>RogueKiller > ( ... par tigzy ) ( 32 bits version )

|- Ou: < http://www.sur-la-toile.com/RogueKiller/RogueKillerX64.exe'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/ablsEVeT.jpg&key=ebe62f6e6b003c3e23d8db0ff92a90e81df2d7816af5fecaeb9b0fd72c8fa9e7" alt="ablsEVeT.jpg" /> > ( ... par tigzy ) ( 64 bits version )

|- Salve-o no desktop! /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25202/RogueKiller_Logo.jpg&key=99f754ad8ac3afe28f2674c5df4045eed7cd3d0d73384947ed6af1127ec30157" alt="RogueKiller_Logo.jpg" />

|- Feche aplicativos que estejam abertos!

|- Execute RogueKiller.exe e aceite a Eula.

http://imgbox.com/abeo9i3V'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/abeo9i3V.jpg&key=28fdbc4031eead1b4262f4375d709e2ef75c8fa438c4d53edbfcfd7071cbb903" alt="abeo9i3V.jpg" />

|- Aguarde a finalização de seu Pre-scan.

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/RogueKiller_Scan2.jpg&key=02afd4d0311ea8fed8ddb59a023987cb25f7d895ebf760d1c7192afebdbba6f1" alt="RogueKiller_Scan2.jpg" />

|- Dê início ao diagnóstico,clicando no botão "Verificar".

|- Exemplo: Mode: Verificar -- Date: mm/dd/2013 00:52:24

|- Poste o relatório: RKreport[1].txt

A+

Bom dia ! DigRam

Segue - o :

RogueKiller V8.5.4 [Mar 18 2013] Por Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Site : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Iniciado em : Modo Normal
Usuario : EDSON [Privilegios de Admnistrador]
Modo : Verificar -- Data : 04/24/2013 09:20:11
| ARK || FAK || MBR |

¤¤¤ Entradas ruins : 0 ¤¤¤

¤¤¤ Entradas do Registro : 4 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> ENCONTRADO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> ENCONTRADO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> ENCONTRADO
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> ENCONTRADO

¤¤¤ Arquivos / Pastas Pessoais: ¤¤¤

¤¤¤ Driver : [Carregado] ¤¤¤

¤¤¤ Arquivo de Hosts: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ Verificaçao do MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000AAKX-003CA0 ATA Device +++++
--- User ---
[MBR] 51306528823da76791b0bf4eb77f92f8
[bSP] f3e35c3e9dafaa8d57903de213dfb602 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Concluido : << RKreport[1]_S_04242013_02d0920.txt >>
RKreport[1]_S_04242013_02d0920.txt

Abraços

Bom Dia! EDSSX

|- Baixe: < http://download.bleepingcomputer.com/farbar/FSS.exe'>FSS > ( ... by Farbar )

|- Salve-a no desktop!

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/FSS.jpg&key=e5b13994a141cc085a90cce47e6e59c323bd275a9737c8edf7874d75f9552678" alt="FSS.jpg" />

|- Para Windows Vista ou 7,execute "FSS.exe" como administrador.

|- <1> Internet Services

|- <2> Windows Firewall

|- <3> System Restore

|- <4> Security Center/Action Center

|- <5> Windows Update

|- <6> Windows Defender

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/FarbarSS.jpg&key=1fc79d9172a8a8ee5ddff49d6aa2f9331e0644ddfea189a57dcb7f7076973261" alt="FarbarSS.jpg" />

|- Marque as seguintes caixas!

|- Clique em "Scan" e aguarde o seu término!

|- Poste o relatório! ( FSS.txt )

-/-

|- Abra,novamente,a ferramenta RogueKiller.

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/RogueKiller_Atualizado.jpg&key=0172c47c206813e7c9b9bee3f9524438470dd782fdca35036503f8ecbc358cef" alt="RogueKiller_Atualizado.jpg" />

|- <1> Clique na guia "Registro" >> Deletar.

|- Aguarde a conclusão!

|- <2> Clique na guia "Atalhos" >> Reparar Atalhos.

|- Aguarde a conclusão!

|- Poste todos os relatórios,que resultarão dessas operações!

-/-

|- Baixe: < http://oldtimer.geekstogo.com/OTL.exe'>/applications/core/interface/imageproxy/imageproxy.php?img=http://billy-oneal.com/Canned%2520Speeches/speechimages/OTL/otlDesktopIcon.png&key=1894e5d356219721410c3360cbf9af74877ae24ccc81ed88026fc2d95dd96a07" alt="otlDesktopIcon.png" /> > ( ... by OldTimer Tools )

|- Salve-o no desktop!

|- Duplo clique em OTL.exe >> Executar ou /applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Executar_Administrador.jpg&key=29bbf2d3836c6859afe3923102565f782321b5a7a2787d5bb24cc9918d13e9bd" alt="Executar_Administrador.jpg" />

|- Ps: Tendo dificuldades ao executar OTL.exe,delete o arquivo e baixe-o http://oldtimer.geekstogo.com/OTL.com'>daqui ou http://oldtimer.geekstogo.com/OTL.scr'>aqui.

http://imgbox.com/acbYKMx0'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/acbYKMx0.jpg&key=956637f2de1bf97f9519e151336a4238161d36fe56a7bd50d0667620da5dd24e" alt="acbYKMx0.jpg" />

|- Configure a ferramenta,segundo a screenshot!

|- Em "Exame Extra do Registro",assinale "Nenhum".

SAVEMBR:0

crack /s

keygen /s

serial /s

AutoKMS /s

loader /s

netsvcs

msconfig

activex

drivers32

%SYSTEMDRIVE%\.

%APPDATA%\Local\*.

%APPDATA%\*.exe /s

%APPDATA%\*.

%systemdrive%\drivers\*.exe

%USERPROFILE%\AppData\Local\.

%USERPROFILE%\AppData\Roaming\.

%systemroote%\*. /mp /s

%systemroot%\system32\*.ini

%systemroot%\Tasks\.

%systemroot%\system32\tasks\. /s /64

%systemroot%\system32\*.dll /lockedfiles

%systemroot%\Tasks\*.job /lockedfiles

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\system32\drivers\. /90

%systemroot%\assembly\tmp\. /S /MD5

%systemroot%\assembly\temp\. /S /MD5

%systemroot%\assembly\GAC\. /S /MD5

%systemroot%\assembly\GAC_32\. /S /MD5

%systemroot%\assembly\GAC_64\. /S /MD5

%systemroot%\system32\config\systemprofile\AppData\Local\.

%windir%\ServiceProfiles\LocalService\AppData\Local\Temp\.

%windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\.

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa /s

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings

/md5start

services.exe

/md5stop

regedit /e c:\registrybackup.reg /c

%windir%\tasks\. /s

|- Copie estas informações que estão no Code,para o Bloco de Notas.

|- Salve-as em Meus Documentos ou desktop,com o nome scan. << Texto!

|- Clique na área "Exames Personalizados/Correções".

http://imgbox.com/acvcVUrd'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/acvcVUrd.jpg&key=db0fed5b23d09625588d8b5ed5b03efe9a64bb5fdd50957d617e8b044de082da" alt="acvcVUrd.jpg" />

|- Clique em Ok para procurar um arquivo com exame personalizado.

|- Clique "Abrir". ( scan.txt )

http://imgbox.com/acqlW68e'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/acqlW68e.jpg&key=51d7a6c7e3539bcb6c0a92e46b99db282782947af7f9a4ce208742fee824c2e1" alt="acqlW68e.jpg" />

|- Após colar as informações na área branca,clique em http://imgbox.com/acng1cS9'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/acng1cS9.jpg&key=fb1e02409683f8329d0b244b9220e36e79615ed69c4f8fed8fb2c273e8653d04" alt="acng1cS9.jpg" />

|- Concluindo,poste o relatório: OTL.txt << Link ao relatório!

http://imgbox.com/abmdaZsE'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/abmdaZsE.jpg&key=433ccdd2cd040bd965a0b2bee3887132a2fd78ca8d607165658bf45467e220f0" alt="abmdaZsE.jpg" />

|- Para enviar,acesse: < http://myfile.tk/'>MyFile.tk >

|- Ou acesse: < http://cjoint.com/'>/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/Cjoint_Logo.jpg&key=bc3f249ffa4fec167155636520ebfd1fed8f6c8d63b5aa0b8cd82fb55aa2edb7" alt="Cjoint_Logo.jpg" /> >

|- Maiores informações: < |http://forum.imasters.com.br/topic/452911-myfiletk-cjoint/'>Link| >

Abs!

Segue - os :

Farbar Service Scanner Version: 14-04-2013
Ran by EDSON (administrator) on 24-04-2013 at 10:29:25
Running from "C:\Users\EDSON\Downloads"
Windows 7 Home Basic Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Attempt to access Yahoo IP returned error. Yahoo IP is offline
Yahoo.com is accessible.

Windows Firewall:
=============

Firewall Disabled Policy:
==================

System Restore:
============

System Restore Disabled Policy:
========================

Action Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================

Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.

Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1

Other Services:
==============

File Check:
========

C:\Windows\system32\nsisvc.dll => MD5 is legit
C:\Windows\system32\Drivers\nsiproxy.sys => MD5 is legit
C:\Windows\system32\dhcpcore.dll => MD5 is legit
C:\Windows\system32\Drivers\afd.sys => MD5 is legit
C:\Windows\system32\Drivers\tdx.sys => MD5 is legit
C:\Windows\system32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\system32\dnsrslvr.dll => MD5 is legit
C:\Windows\system32\mpssvc.dll => MD5 is legit
C:\Windows\system32\bfe.dll => MD5 is legit
C:\Windows\system32\Drivers\mpsdrv.sys => MD5 is legit
C:\Windows\system32\SDRSVC.dll => MD5 is legit
C:\Windows\system32\vssvc.exe => MD5 is legit
C:\Windows\system32\wscsvc.dll => MD5 is legit
C:\Windows\system32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\system32\wuaueng.dll => MD5 is legit
C:\Windows\system32\qmgr.dll => MD5 is legit
C:\Windows\system32\es.dll => MD5 is legit
C:\Windows\system32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit

** End of log **

RKreport[2]_D_04242013_02d1033.txt :

RogueKiller V8.5.4 [Mar 18 2013] Por Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Site : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Iniciado em : Modo Normal
Usuario : EDSON [Privilegios de Admnistrador]
Modo : Remover -- Data : 04/24/2013 10:33:32
| ARK || FAK || MBR |

¤¤¤ Entradas ruins : 0 ¤¤¤

¤¤¤ Entradas do Registro : 4 ¤¤¤
[HJPOL] HKCU\[...]\System : disableregistrytools (0) -> DELETADO
[HJPOL] HKLM\[...]\System : DisableRegistryTools (0) -> DELETADO
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> SUBSTITUIDO (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> SUBSTITUIDO (0)

¤¤¤ Arquivos / Pastas Pessoais: ¤¤¤

¤¤¤ Driver : [Carregado] ¤¤¤

¤¤¤ Arquivo de Hosts: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ Verificaçao do MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000AAKX-003CA0 ATA Device +++++
--- User ---
[MBR] 51306528823da76791b0bf4eb77f92f8
[bSP] f3e35c3e9dafaa8d57903de213dfb602 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Concluido : << RKreport[2]_D_04242013_02d1033.txt >>
RKreport[1]_S_04242013_02d1032.txt ; RKreport[2]_D_04242013_02d1033.txt

=========
=========

RogueKiller V8.5.4 [Mar 18 2013] Por Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Site : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Iniciado em : Modo Normal
Usuario : EDSON [Privilegios de Admnistrador]
Modo : Atalhos HJfix -- Data : 04/24/2013 10:34:33
| ARK || FAK || MBR |

¤¤¤ Entradas ruins : 0 ¤¤¤

¤¤¤ Driver : [Carregado] ¤¤¤

¤¤¤ Atributos de arquivos restaurados: ¤¤¤
Área de trabalho: Success 1 / Fail 0
Barra de inicialização rapida: Success 1 / Fail 0
Programas: Success 5 / Fail 0
Menu Iniciar: Success 0 / Fail 0
Pasta do Usuario: Success 318 / Fail 0
Meus Documentos: Success 0 / Fail 0
Meus Favoritos: Success 0 / Fail 0
Minhas Imagens: Success 0 / Fail 0
Minhas Musicas: Success 0 / Fail 0
Meus Videos: Success 0 / Fail 0
Unidade Local: Success 234 / Fail 0
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\CdRom0 -- 0x5 --> Skipped

Concluido : << RKreport[3]_SC_04242013_02d1034.txt >>
RKreport[1]_S_04242013_02d1032.txt ; RKreport[2]_D_04242013_02d1033.txt ; RKreport[3]_SC_04242013_02d1034.txt

2ª Verificação :

RogueKiller V8.5.4 [Mar 18 2013] Por Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/

Site : http://tigzy.geekstogo.com/roguekiller.php

Blog : http://tigzyrk.blogspot.com/

Sistema Operacional : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Iniciado em : Modo Normal
Usuario : EDSON [Privilegios de Admnistrador]
Modo : Verificar -- Data : 04/24/2013 10:37:53
| ARK || FAK || MBR |

¤¤¤ Entradas ruins : 0 ¤¤¤

¤¤¤ Entradas do Registro : 0 ¤¤¤

¤¤¤ Arquivos / Pastas Pessoais: ¤¤¤

¤¤¤ Driver : [Carregado] ¤¤¤

¤¤¤ Arquivo de Hosts: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts

¤¤¤ Verificaçao do MBR: ¤¤¤

+++++ PhysicalDrive0: WDC WD5000AAKX-003CA0 ATA Device +++++
--- User ---
[MBR] 51306528823da76791b0bf4eb77f92f8
[bSP] f3e35c3e9dafaa8d57903de213dfb602 : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Concluido : << RKreport[4]_S_04242013_02d1037.txt >>
RKreport[1]_S_04242013_02d1032.txt ; RKreport[2]_D_04242013_02d1033.txt ; RKreport[3]_SC_04242013_02d1034.txt ; RKreport[4]_S_04242013_02d1037.txt

http://cjoint.com/confirm.php?cjoint=CDyp04MtRqA

http://cjoint.com/confirm.php?cjoint=CDyqKsTutFy

Abraços

Boa Noite! EDSSX

|- Restou postar o log da OTL.

A+

Bom dia ! DigRam

Está contido em um dos link´s do cjoint.com acima .

Abraços

Bom Dia! EDSSX

|- Vá à http://rghost.net/45560924'>esta página e baixe: < http://rghost.net/download/45560924/2c7b44f911389dd83cc137725251f855c25e7609/Cloud_AV_Uninstaller.exe'>Cloud_AV_Uninstaller.exe >
|- Salve-o no desktop!
|- Clique Sim,após executá-lo!

-/-

|- Execute o OTL.exe.
|- Copie estas informações que estão no Code,para o campo clipboard da ferramenta. ( "Exames Personalizados/Correções" )

:otl
DRV - File not found [Kernel | Boot | Stopped] -- -- (vqdtrh)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\EDSON\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\avgidsshimx.sys -- (AVGIDSShim)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/08/09 13:56:44 | 000,178,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012/07/13 07:02:16 | 000,174,632 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\PSINKNC.sys -- (PSINKNC)
DRV - [2012/07/13 07:02:16 | 000,120,872 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINProt.sys -- (PSINProt)
DRV - [2012/07/13 07:02:16 | 000,114,216 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINProc.sys -- (PSINProc)
DRV - [2012/07/13 07:02:15 | 000,148,520 | ---- | M] (Panda Security, S.L.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PSINAflt.sys -- (PSINAflt)
DRV - [2012/07/13 07:02:15 | 000,103,464 | ---- | M] (Panda Security, S.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\PSINFile.sys -- (PSINFile)
DRV - [2012/07/12 11:18:32 | 000,206,632 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSStrm.sys -- (NNSSTRM)
DRV - [2012/06/27 15:51:07 | 000,092,840 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNStlsc.sys -- (NNSTLSC)
DRV - [2012/06/27 15:51:06 | 000,286,376 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSProt.sys -- (NNSPROT)
DRV - [2012/06/27 15:51:06 | 000,153,000 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSPrv.sys -- (NNSPRV)
DRV - [2012/06/27 15:51:06 | 000,106,536 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSSmtp.sys -- (NNSSMTP)
DRV - [2012/06/27 15:51:05 | 000,104,104 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSPop3.sys -- (NNSPOP3)
DRV - [2012/06/27 15:51:05 | 000,060,968 | ---- | M] (Panda Security, S.L.) [Kernel | Disabled | Stopped] -- C:\Windows\System32\drivers\NNSPihsw.sys -- (NNSPIHSW)
DRV - [2012/06/27 15:51:04 | 000,122,664 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSIds.sys -- (NNSIDS)
DRV - [2012/06/27 15:51:04 | 000,093,992 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSpicc.sys -- (NNSPICC)
DRV - [2012/06/27 15:51:04 | 000,028,712 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSNAHSL.sys -- (NNSNAHSL)
DRV - [2012/06/27 15:51:03 | 000,120,744 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSHttp.sys -- (NNSHTTP)
DRV - [2012/06/27 15:51:03 | 000,082,472 | ---- | M] (Panda Security, S.L.) [Kernel | System | Running] -- C:\Windows\System32\drivers\NNSAlpc.sys -- (NNSALPC)
DRV - [2011/03/10 18:04:57 | 000,046,280 | ---- | M] (Panda Security) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PSKMAD.sys -- (PSKMAD)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
FF - prefs.js..browser.startup.homepage: "http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal"
FF - user.js - File not found
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Key error. File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Reg Error: Value error.)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found
[2012/09/02 21:49:38 | 000,000,000 | ---D | M] -- C:\Users\EDSON\AppData\Roaming\AVG
[2012/09/02 21:49:38 | 000,000,000 | ---D | M] -- C:\Users\EDSON\AppData\Roaming\AVG2012
[2012/08/22 11:09:38 | 000,000,000 | ---D | M] -- C:\Users\EDSON\AppData\Roaming\Panda Security
File not found -- \Windows.old\Documents and Settings\User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\2JDXC3EO\ajax-loader[1].gif
File not found -- \Windows.old\Documents and Settings\User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\4PLW4DDK\ajax-loader[1].gif
File not found -- \Windows.old\Documents and Settings\User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\Q1OFA0SN\loader-vflff1Mjj[1].gif
File not found -- \Windows.old\Documents and Settings\User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2JDXC3EO\ajax-loader[1].gif
File not found -- \Windows.old\Documents and Settings\User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PLW4DDK\ajax-loader[1].gif
File not found -- \Windows.old\Documents and Settings\User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q1OFA0SN\loader-vflff1Mjj[1].gif
File not found -- \Windows.old\Documents and Settings\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\2JDXC3EO\ajax-loader[1].gif
File not found -- \Windows.old\Documents and Settings\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\4PLW4DDK\ajax-loader[1].gif
File not found -- \Windows.old\Documents and Settings\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\4PLW4DDK\Loader[1].gif
File not found -- \Windows.old\Documents and Settings\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\Q1OFA0SN\loader-vflff1Mjj[1].gif
File not found -- \Windows.old\Documents and Settings\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\SZ6PCGPQ\loader[1].gif
File not found -- \Windows.old\Documents and Settings\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2JDXC3EO\ajax-loader[1].gif
File not found -- \Windows.old\Documents and Settings\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PLW4DDK\ajax-loader[1].gif
File not found -- \Windows.old\Documents and Settings\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PLW4DDK\Loader[1].gif
File not found -- \Windows.old\Documents and Settings\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q1OFA0SN\loader-vflff1Mjj[1].gif
File not found -- \Windows.old\Documents and Settings\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SZ6PCGPQ\loader[1].gif
File not found -- \Windows.old\Users\User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\2JDXC3EO\ajax-loader[1].gif
File not found -- \Windows.old\Users\User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\4PLW4DDK\ajax-loader[1].gif
File not found -- \Windows.old\Users\User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\Q1OFA0SN\loader-vflff1Mjj[1].gif
[2012/04/27 11:58:21 | 000,000,673 | ---- | M] () -- \Windows.old\Users\User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\SZ6PCGPQ\loader[1].gif
File not found -- \Windows.old\Users\User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2JDXC3EO\ajax-loader[1].gif
File not found -- \Windows.old\Users\User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PLW4DDK\ajax-loader[1].gif
File not found -- \Windows.old\Users\User\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q1OFA0SN\loader-vflff1Mjj[1].gif
File not found -- \Windows.old\Users\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\2JDXC3EO\ajax-loader[1].gif
File not found -- \Windows.old\Users\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\4PLW4DDK\ajax-loader[1].gif
File not found -- \Windows.old\Users\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\4PLW4DDK\Loader[1].gif
File not found -- \Windows.old\Users\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\Q1OFA0SN\loader-vflff1Mjj[1].gif
File not found -- \Windows.old\Users\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Temporary Internet Files\Low\Content.IE5\SZ6PCGPQ\loader[1].gif
File not found -- \Windows.old\Users\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2JDXC3EO\ajax-loader[1].gif
File not found -- \Windows.old\Users\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PLW4DDK\ajax-loader[1].gif
File not found -- \Windows.old\Users\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\4PLW4DDK\Loader[1].gif
File not found -- \Windows.old\Users\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q1OFA0SN\loader-vflff1Mjj[1].gif
File not found -- \Windows.old\Users\User\Definições locais\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\SZ6PCGPQ\loader[1].gif
[2012/08/22 11:30:25 | 000,000,000 | ---D | M] -- C:\Users\EDSON\AppData\Roaming\IObit
[2012/08/22 11:09:38 | 000,000,000 | ---D | M] -- C:\Users\EDSON\AppData\Roaming\Panda Security
[2013/04/16 16:06:20 | 000,003,354 | ---- | M] () -- C:\Windows\system32\tasks\DealPlyUpdate
@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:0B4227B4

:files
type C:\Windows\system32\tasks\{B3CC8138-54E9-4922-8B83-CF0AE987E882} /c
type C:\Windows\system32\tasks\{C411470A-E353-416A-A3C4-77EFD259CDB0} /c
type C:\Windows\system32\tasks\{F2F95980-03A7-466D-81D8-E305AD967F02} /c
C:\Users\EDSON\AppData\Local\{*}
ipconfig /flushdns /c
netsh winhttp reset proxy
netsh winsock reset catalog /c

:Commands
[CREATERESTOREPOINT]
[purity]
[resethosts]
[emptytemp]
[Reboot]

|- Clique no botão Consertar -> Aguarde a conclusão!
|- O computador vai reiniciar! -> Clique em "Executar".

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/OTL_RunFix.jpg&key=09e9249e416710368096f3071f572470adab328652ebc1420e14063af4dbfd77" alt="OTL_RunFix.jpg" />

|- Para versões em Inglês,clique em Run Fix que é o mesmo que Consertar.
|- Poste o relatório: C:\_OTL\MovedFiles\*.log

A+

Bom dia ! DigRam

Segue - o :

All processes killed
========== OTL ==========
Service vqdtrh stopped successfully!
Service vqdtrh deleted successfully!
Service catchme stopped successfully!
Service catchme deleted successfully!
File C:\Users\EDSON\AppData\Local\Temp\catchme.sys not found.
Service AVGIDSShim stopped successfully!
Service AVGIDSShim deleted successfully!
File system32\DRIVERS\avgidsshimx.sys not found.
Service AVGIDSHX stopped successfully!
Service AVGIDSHX deleted successfully!
File system32\DRIVERS\avgidshx.sys not found.
Error: Unable to stop service Avglogx!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Avglogx deleted successfully.
C:\Windows\System32\drivers\avglogx.sys moved successfully.
Error: No service named PSINKNC was found to stop!
Service\Driver key PSINKNC not found.
File C:\Windows\System32\drivers\PSINKNC.sys not found.
Error: No service named PSINProt was found to stop!
Service\Driver key PSINProt not found.
File C:\Windows\System32\drivers\PSINProt.sys not found.
Error: No service named PSINProc was found to stop!
Service\Driver key PSINProc not found.
File C:\Windows\System32\drivers\PSINProc.sys not found.
Error: No service named PSINAflt was found to stop!
Service\Driver key PSINAflt not found.
File C:\Windows\System32\drivers\PSINAflt.sys not found.
Error: No service named PSINFile was found to stop!
Service\Driver key PSINFile not found.
File C:\Windows\System32\drivers\PSINFile.sys not found.
Service NNSSTRM stopped successfully!
Service NNSSTRM deleted successfully!
C:\Windows\System32\drivers\NNSStrm.sys moved successfully.
Service NNSTLSC stopped successfully!
Service NNSTLSC deleted successfully!
C:\Windows\System32\drivers\NNStlsc.sys moved successfully.
Service NNSPROT stopped successfully!
Service NNSPROT deleted successfully!
C:\Windows\System32\drivers\NNSProt.sys moved successfully.
Service NNSPRV stopped successfully!
Service NNSPRV deleted successfully!
C:\Windows\System32\drivers\NNSPrv.sys moved successfully.
Service NNSSMTP stopped successfully!
Service NNSSMTP deleted successfully!
C:\Windows\System32\drivers\NNSSmtp.sys moved successfully.
Service NNSPOP3 stopped successfully!
Service NNSPOP3 deleted successfully!
C:\Windows\System32\drivers\NNSPop3.sys moved successfully.
Service NNSPIHSW stopped successfully!
Service NNSPIHSW deleted successfully!
C:\Windows\System32\drivers\NNSPihsw.sys moved successfully.
Service NNSIDS stopped successfully!
Service NNSIDS deleted successfully!
C:\Windows\System32\drivers\NNSIds.sys moved successfully.
Service NNSPICC stopped successfully!
Service NNSPICC deleted successfully!
C:\Windows\System32\drivers\NNSpicc.sys moved successfully.
Service NNSNAHSL stopped successfully!
Service NNSNAHSL deleted successfully!
C:\Windows\System32\drivers\NNSNAHSL.sys moved successfully.
Service NNSHTTP stopped successfully!
Service NNSHTTP deleted successfully!
C:\Windows\System32\drivers\NNSHttp.sys moved successfully.
Service NNSALPC stopped successfully!
Service NNSALPC deleted successfully!
C:\Windows\System32\drivers\NNSAlpc.sys moved successfully.
Service PSKMAD stopped successfully!
Service PSKMAD deleted successfully!
C:\Windows\System32\drivers\PSKMAD.sys moved successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Prefs.js: "http://imageshack.us'>ImageShack.us

http://imageshack.us'>ImageShack.us

Abraços

Bom Dia! EDSSX

< http://pcsupport.about.com/od/toolsofthetrade/ht/sfc-scannow.htm'>SFC /SCANNOW >

|- Indo ao prompt de comando,tente esta correção!

|- Ps: Requer o CD de instalação do Windows 7.

|- Execute reparos no Windows,com o http://secsecurity.forumbrasil.net/t32-windows-repair-by-tweakingcom'>Windows Repair >

-/-

|- Desabilite seu antivírus e execute,novamente,a ferramenta ZHPDiag_silent.

|- Poste o relatório!

A+

Bom dia ! DigRam

Eis :

Rapport de ZHPDiag v1.31.31 par Nicolas Coolman, Update du 19/10/2012
Run by EDSON at 27/04/2013 10:13:08
Web site : http://nicolascoolman.skyrock.com/

State : Your version is update.
UAC : Not Found or deactivate by user

---\\ Web Browser
MSIE: Internet Explorer v9.10.9200.16540
MFIE: Mozilla Firefox 20.0.1 v20.0.1
GCIE: Google Chrome v26.0.1410.64 (Defaut)
OBIE: Safari v5.34.57.2

---\\ Windows Product Information
~ Langage: Anglais
Windows 7 Home Basic Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1981 MB (58% free)
System Restore: Activé (Enable)
System drive C: has 426 GB (91%) free of 466 GB

---\\ Logged in mode
~ Computer Name: EDSON-PC
~ User Name: EDSON
~ All Users Names: EDSON, Convidado, Administrador,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\EDSON\AppData\Roaming\
~ %Desktop% : C:\Users\EDSON\Desktop\
~ %Favorites% : C:\Users\EDSON\Favorites\
~ %LocalAppData% : C:\Users\EDSON\AppData\Local\
~ %StartMenu% : C:\Users\EDSON\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 426 Go of 466 Go)
D:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations
~ UAC deactivate by user
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Scan Security Center in 00mn 00s

---\\ Search Generic System Files
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.CFE0CEE587F9CEA4C29DEEC6D85FC91C] - (.Microsoft Corporation - Internet Extensions para Win32.) (.21/02/2013 - 07:30:16.) -- C:\Windows\System32\wininet.dll [1766912]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 18:29:06.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 18:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.24/04/2011 - 23:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 18:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.12/04/2013 - 10:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Scan Generic Processes in 00mn 01s

---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 1/42
~ Mes Favoris (My Favorites) : 1/51
~ Mes Documents (My Documents) : 1/711
~ Mon Bureau (My Desktop) : 1/7
~ Menu demarrer (Programs) : 1/32
~ Scan Hidden Files in 00mn 01s

---\\ Running Processes
[MD5.9A05953DDE2032A2248BD8731BC237FE] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\Comodo\COMODO Internet Security\CisTray.exe [3012816] [PID.2936]
[MD5.50F9B094DA1014F3C32E109684405CB1] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\Comodo\COMODO Internet Security\cis.exe [9478352] [PID.3504]
[MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Users\EDSON\AppData\Local\Google\Chrome\Application\chrome.exe [1312720] [PID.3672]
[MD5.56873D899C0707AA017AA2D74EC190AE] - (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [3770368] [PID.1336]
[MD5.06752FAEA93BB8C9D4D72C56D360E415] - (.GAS Tecnologia - G-Buster Browser Defense - Service.) -- C:\Program Files\GbPlugin\gbpsv.exe [526888] [PID.]
[MD5.7FE956E417D47389B55B466FE8C983AA] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [4443912] [PID.]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.]
[MD5.0C16E2F7287875BB91DA452B3EC405FE] - (...) -- C:\Program Files\Comodo\Dragon\dragon_updater.exe [2074760] [PID.]
[MD5.15BDE95FE8A8D6417E77767DE5B100E6] - (...) -- C:\Program Files\Comodo\IceDragon\icedragon_updater.exe [1821384] [PID.]
[MD5.B75C46B2448453378A3D24794C46CEC7] - (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe [1815248] [PID.]
~ Scan Processes Running in 00mn 01s

---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\EDSON\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [user Data\Default] None
~ Scan Google Browser in 00mn 00s

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\fsz8l3w8.default\prefs.js
C:\Users\EDSON\AppData\Roaming\Mozilla\Firefox\Profiles\srcjlstd.default\prefs.js
M3 - MFPP: Plugins - [EDSON] -- C:\Program Files\Mozilla FireFox\searchplugins\buscape.xml
M3 - MFPP: Plugins - [EDSON] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [EDSON] -- C:\Program Files\Mozilla FireFox\searchplugins\mercadolivre.xml
M3 - MFPP: Plugins - [EDSON] -- C:\Program Files\Mozilla FireFox\searchplugins\twitter.xml
M3 - MFPP: Plugins - [EDSON] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-br.xml
M3 - MFPP: Plugins - [EDSON] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-br.xml
M0 - MFSP: prefs.js [EDSON - fsz8l3w8.default] http://www.baixaki.com

M0 - MFSP: prefs.js [EDSON - srcjlstd.default]
M2 - MFEP: prefs.js [EDSON - srcjlstd.default\{87F8774F-B485-47E2-A755-A40A8A5E886C}] [] Modulo de Seguranca - Banco do Brasil v2.12.3.1.190 (..)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.21.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.21.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.21.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (...) -- C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.dll (.not file.)
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.6.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\EDSON\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\EDSON\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll

~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com

R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s

---\\ Changed inifile Value, Mapped to Registry (F2)
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s

---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 2

---\\ Browser Helper Objects (O2)
O2 - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} Orphean Key
O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} Orphean Key
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Orphean Key
O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} Orphean Key
O2 - BHO: (no name) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} Orphean Key
O2 - BHO: (no name) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} Orphean Key
O2 - BHO: (no name) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} Orphean Key
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} Orphean Key
~ Scan BHO in 00mn 00s

---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
~ Scan Application in 00mn 00s

---\\ Other User Links (O4)
O4 - Global Startup: C:\Users\EDSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\EDSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk . (.Microsoft Corporation.) -- C:\Users\EDSON\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
O4 - Global Startup: C:\Users\EDSON\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\EDSON\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\EDSON\Desktop\IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk . (...) -- C:\Arquivos de Programas RFB\IRPF2013\IRPF2013.exe
O4 - Global Startup: C:\Users\EDSON\Desktop\MBRCheck.lnk . (...) -- C:\Program Files\ZHPDiag\mbrcheck.exe
O4 - Global Startup: C:\Users\EDSON\Desktop\Microsoft Office - Atalho.lnk . (...) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
O4 - Global Startup: C:\Users\EDSON\Desktop\ZHPDiag.lnk . (...) -- C:\Program Files\ZHPDiag\ZHPDiags.exe
O4 - Global Startup: C:\Users\EDSON\Desktop\ZHPFix.lnk . (...) -- C:\Program Files\ZHPDiag\ZHPFix.exe
O4 - Global Startup: C:\Users\EDSON\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - Global Startup: C:\Users\EDSON\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Users\EDSON\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - Global Startup: C:\Users\EDSON\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\EDSON\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
~ Scan Global Startup in 00mn 00s

---\\ IE Options icon not visible in Control Panel (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s

---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MIF5BA~1\Office12\ONBttnIE.dll
O9 - Extra button: &Enviar para o OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ Scan IE Extra Buttons in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll
~ Scan Winsock in 00mn 00s

---\\ Site in Trusted Zone (O15)
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br
O15 - Trusted Zone: [HKCU\...\Domains\www] *.caixa.gov.br
~ Scan IE Zone Confiance in 00mn 00s

---\\ ActiveX Objects (Downloaded Program Files) (O16)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/pt/uno1/GAME_UNO1.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

~ Scan Objets ActiveX in 00mn 00s

---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A2458CE2-E6B6-4CE4-8F90-BF654280773E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A2458CE2-E6B6-4CE4-8F90-BF654280773E}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A2458CE2-E6B6-4CE4-8F90-BF654280773E}: DhcpNameServer = 192.168.0.1
~ Scan Domain in 00mn 00s

---\\ Extra protocols (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files\Common Files\Skype\Skype4COM.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn 01s

---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: GbPluginBb . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files\GbPlugin\gbieh.dll
O20 - Winlogon Notify: GbPluginCef . (.Caixa Economica Federal - Gbieh Module.) -- C:\Program Files\GbPlugin\gbiehCef.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Scan Winlogon in 00mn 00s

---\\ ShellServiceObjectDelayLoad (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Monitor de Sites.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s

---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) . (.COMODO - COMODO Internet Security.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: COMODO Dragon Update Service (DragonUpdater) . (...) - C:\Program Files\Comodo\Dragon\dragon_updater.exe
O23 - Service: Gbp Service (GbpSv) . (.GAS Tecnologia - G-Buster Browser Defense - Service.) - C:\Program Files\GbPlugin\gbpsv.exe

O23 - Service: Serviço do Google Update (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: COMODO IceDragon Update Service (IceDragonUpdater) . (...) - C:\Program Files\Comodo\IceDragon\icedragon_updater.exe

O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Scan Services in 00mn 00s

---\\ Windows Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s

---\\
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s

---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4116200772-1247309439-3526663088-1000Core.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4116200772-1247309439-3526663088-1000UA.job
~ Scan Scheduled Task in 00mn 00s

---\\ ActiveSetup Installed Components (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Internet Explorer - {2D46B6DC-2207-486B-B523-A557E6D54B47} . (.Microsoft Corporation - Processador de comandos do Windows.) -- C:\Windows\system32\cmd.exe
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 01s

---\\ Drivers launched at startup (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: (cmderd) . (.COMODO - COMODO Internet Security Eradication Driver.) - C:\Windows\System32\DRIVERS\cmderd.sys
O41 - Driver: (cmdGuard) . (.COMODO - COMODO Internet Security Sandbox Driver.) - C:\Windows\System32\DRIVERS\cmdguard.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Driver do Subsistema de Buffer da Unidade R.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: (Serial) . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
O41 - Driver: C:\Windows\System32\drivers\ws2ifsl.sys (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Scan Drivers in 00mn 01s

---\\ Software installed (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.4) - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-AA1000000001}
O42 - Logiciel: Adobe Reader X (10.1.6) - Português - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1046-7B44-AA1000000001}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Atualização do produto Microsoft Office Excel 2007 Help (KB963678) - (.Microsoft.) [HKLM] -- {90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}
O42 - Logiciel: Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) - (.Microsoft.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}
O42 - Logiciel: Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) - (.Microsoft.) [HKLM] -- {90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}
O42 - Logiciel: Atualização do produto Microsoft Office Word 2007 Help (KB963665) - (.Microsoft.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}
O42 - Logiciel: COMODO Antivirus - (.COMODO Security Solutions Inc..) [HKLM] -- {F1EC4151-805B-4097-B9BB-7D71A417AAF1}
O42 - Logiciel: Comodo Dragon - (.COMODO.) [HKLM] -- Comodo Dragon
O42 - Logiciel: Comodo IceDragon - (.COMODO.) [HKLM] -- Comodo IceDragon
O42 - Logiciel: Controle ActiveX do Windows Live Mesh para Conexões Remotas - (.Microsoft Corporation.) [HKLM] -- {39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Gadwin PrintScreen - (.Gadwin Systems, Inc..) [HKLM] -- Gadwin PrintScreen
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: IRPF2013 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2013

O42 - Logiciel: Java 7 Update 21 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217021FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: Malwarebytes Anti-Malware versão 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Messenger Companion - (.Microsoft Corporation.) [HKLM] -- {3889988F-762B-4B85-AB17-71C9CC3AE445}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile PTB Language Pack - (.Microsoft Corporation.) [HKLM] -- {20A15757-4AE4-3C82-9711-863C84AFE6AA}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{51530CD1-8244-4E0F-B536-BCCC05325C7F}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}
O42 - Logiciel: Microsoft Office Access MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-0416-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE
O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-0416-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-0416-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-0416-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-0416-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-0416-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0416-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0416-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{8A524694-0CA4-476A-9301-B1E9D70FC952}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}
O42 - Logiciel: Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0416-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0416-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft SkyDrive - (.Microsoft Corporation.) [HKCU] -- SkyDriveSetup.exe
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}
O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}
O42 - Logiciel: Mozilla Firefox 20.0.1 (x86 pt-BR) - (.Mozilla.) [HKLM] -- Mozilla Firefox 20.0.1 (x86 pt-BR)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: OMNIKEY 3x21 PC/SC Driver - (.OMNIKEY.) [HKLM] -- {4DDEADA8-25B8-41CB-9989-8F16D50A8E9C}
O42 - Logiciel: Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile PTB Language Pack
O42 - Logiciel: Petição Web 1.0 - (.MPS Informática.) [HKLM] -- petweb1.0_is1
O42 - Logiciel: Revo Uninstaller 1.94 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D}
O42 - Logiciel: SafeSign - (.A.E.T. Europe B.V..) [HKLM] -- {6347401C-C260-4B30-9816-8F5A1419CC49}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2604121
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656351
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656368v2
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656405
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2686827
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2729449
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2737019
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2742595
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2789642
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C6997D22-CC93-4ED9-AD8A-02C3F3D2F1F9}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D33B9EF5-3801-496A-A2D6-B7F4BE972D75}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B145DBBB-7778-4A5D-9D2B-DA6569F02391}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E34960DB-2A93-45DB-A208-02650F7AB09C}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{293FB6BE-D3EB-4162-B522-F9108040B9FE}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2B3C041A-A7F2-4A24-968D-4BEB6A123D15}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{43171CAD-DC60-4E7B-9703-B2EC18001B9F}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3579CE34-B225-4B19-A3AF-DE5F562A212F}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{020B65AD-B2ED-4B35-92CA-DB56EFB864A5}
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CAB47CC0-A98C-47DD-9FA1-C0416EC96ED5}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{488F0918-97F9-4CD0-8AD5-8986A46AC962}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Editi - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8F311D6C-D8DD-4C32-9457-1A129CABD1A5}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edi - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AEA16A27-0B97-4670-818F-A98D06EC0A6F}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edi - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edit - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}
O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{718E87EC-6590-485A-B12D-C01D290EDB12}

O42 - Logiciel: Skype™ 6.3 - (.Skype Technologies S.A..) [HKLM] -- {4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217
O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}
O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{620E77C0-CDFE-4C14-AAEB-830ABB65864C}
O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{525A4A44-8940-40AD-ABA0-14501199D2F0}
O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8153EC80-C988-4336-8DAF-6D99C0D26E0C}
O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}
O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{52F3455A-9ADB-41A6-BCE7-8D99F3770590}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-B - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2FAC8CEF-F191-4A30-A107-F33D92D52AEE}

O42 - Logiciel: VC 9.0 Runtime - (.Check Point Software Technologies Ltd.) [HKLM] -- {02E89EFC-7B07-4D5A-AA03-9EC0902914EE}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {43B43577-2514-4CE0-B14A-7E85C17C0453}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {2922DB34-682F-4A9C-BE18-6E579DBD1420}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {2D6E3D97-1FDF-4993-AC75-72F59EC445C5}
O42 - Logiciel: Windows Live Galeria de Fotos - (.Microsoft Corporation.) [HKLM] -- {F7A46527-DF1F-4B0F-9637-98547E189442}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9DA3F03B-2CEE-4344-838E-117861E61FAF}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {644063FA-ABA3-42AC-A8AC-3EDC0706018B}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {C9E1343D-E21E-4508-A1BE-04A089EC137D}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11}
O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {B33B61FE-701F-425F-98AB-2B85725CBF68}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {19A4A990-5343-4FF7-B3B5-6F046C091EDF}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {41B72CAF-036B-4E0A-8D22-F5DF7C970434}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {E6617B44-D556-49AC-B2A3-01451E115043}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {DF71ABBB-B834-41C0-BB58-80B0545D754C}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {B3BE54A4-8DFE-4593-8E66-56AB7133B812}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}
O42 - Logiciel: pdfsam - (.Unknown owner.) [HKLM] -- pdfsam
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}

---\\ HKCU & HKLM Software Keys
[HKCU\Software\A.E.T. Europe B.V.]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\COMODO]
[HKCU\Software\AppDataLow\ISWVolatile]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Auslogics]
[HKCU\Software\AutoHelpDesk]
[HKCU\Software\Baixaki]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\ComodoGroup]
[HKCU\Software\F-Secure]
[HKCU\Software\Gadwin Systems]
[HKCU\Software\GbAs]
[HKCU\Software\GbPlugin]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\JavaSoft]
[HKCU\Software\MCAFEE]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware (portable)]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Netscape]
[HKCU\Software\Northcode Inc]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\Skype]
[HKCU\Software\Sysinternals]
[HKCU\Software\Trolltech]
[HKCU\Software\VSRevoGroup]
[HKCU\Software\Wow6432Node]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\superdownloads.com.br]
[HKLM\Software\360Safe]
[HKLM\Software\A.E.T. Europe B.V.]
[HKLM\Software\ATI Technologies]
[HKLM\Software\AVAST Software]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Avg]
[HKLM\Software\Bunndle]
[HKLM\Software\COMODO]
[HKLM\Software\CheckPoint]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\ComodoGroup]
[HKLM\Software\Google]
[HKLM\Software\IM Providers]
[HKLM\Software\IObit]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Licenses]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware (portable)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee.com]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\Netscape]
[HKLM\Software\ODBC]
[HKLM\Software\OldTimer Tools]
[HKLM\Software\Panda Security]
[HKLM\Software\Panda Software]
[HKLM\Software\Policies]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Skype]
[HKLM\Software\Swearware]
[HKLM\Software\Symantec]
[HKLM\Software\TrendMicro]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Windows]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s

---\\ Contents of the Common Files folders (O43)
O43 - CFD: 04/08/2012 - 12:49:50 - [8,876] ----D C:\Program Files\A.E.T. Europe B.V
O43 - CFD: 17/06/2012 - 20:19:22 - [114,860] ----D C:\Program Files\Adobe
O43 - CFD: 26/03/2013 - 15:47:14 - [2,316] ----D C:\Program Files\Apple Software Update
O43 - CFD: 17/06/2012 - 14:35:39 - [0] R---D C:\Program Files\Arquivos Comuns
O43 - CFD: 23/04/2013 - 14:39:20 - [254,885] ----D C:\Program Files\Common Files
O43 - CFD: 23/04/2013 - 14:12:58 - [444,140] ----D C:\Program Files\Comodo
O43 - CFD: 12/04/2011 - 01:47:11 - [3,997] ----D C:\Program Files\DVD Maker
O43 - CFD: 17/06/2012 - 17:03:25 - [6,843] ----D C:\Program Files\Gadwin Systems
O43 - CFD: 18/03/2013 - 17:27:41 - [12,025] ----D C:\Program Files\GbPlugin
O43 - CFD: 22/08/2012 - 11:30:01 - [5,483] ----D C:\Program Files\Google
O43 - CFD: 20/07/2012 - 22:18:19 - [1,693] ----D C:\Program Files\GPLGS
O43 - CFD: 25/04/2013 - 10:29:20 - [1,538] --H-D C:\Program Files\InstallJammer Registry
O43 - CFD: 17/06/2012 - 16:52:54 - [0,905] ----D C:\Program Files\Intel
O43 - CFD: 09/04/2013 - 22:11:51 - [5,235] ----D C:\Program Files\Internet Explorer
O43 - CFD: 23/04/2013 - 14:38:46 - [122,325] ----D C:\Program Files\Java
O43 - CFD: 11/04/2013 - 10:37:07 - [13,339] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 27/01/2013 - 16:32:22 - [0] ----D C:\Program Files\Microsoft
O43 - CFD: 14/07/2009 - 01:52:30 - [44,793] ----D C:\Program Files\Microsoft Games
O43 - CFD: 17/04/2013 - 12:55:59 - [624,145] ----D C:\Program Files\Microsoft Office
O43 - CFD: 14/03/2013 - 08:34:44 - [40,835] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 27/01/2013 - 17:34:51 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 16/04/2013 - 16:31:32 - [0,014] ----D C:\Program Files\Microsoft Visual Studio
O43 - CFD: 16/04/2013 - 16:29:35 - [1,204] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 16/04/2013 - 19:45:00 - [3,554] ----D C:\Program Files\Microsoft Works
O43 - CFD: 16/04/2013 - 16:31:11 - [7,789] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 14/04/2013 - 13:18:12 - [44,777] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 15/04/2013 - 09:59:54 - [0,212] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 16/04/2013 - 16:31:52 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 23/03/2013 - 10:41:50 - [9,537] ----D C:\Program Files\MSECache
O43 - CFD: 02/08/2012 - 14:24:25 - [0,138] ----D C:\Program Files\OMNIKEY
O43 - CFD: 25/03/2013 - 12:03:34 - [14,004] ----D C:\Program Files\pdfsam
O43 - CFD: 14/07/2009 - 01:52:30 - [37,270] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 26/03/2013 - 15:48:11 - [102,605] ----D C:\Program Files\Safari
O43 - CFD: 08/04/2013 - 21:26:36 - [18,031] R---D C:\Program Files\Skype
O43 - CFD: 14/07/2009 - 01:53:23 - [0] ----D C:\Program Files\Uninstall Information
O43 - CFD: 17/06/2012 - 15:49:33 - [6,503] ----D C:\Program Files\VS Revo Group
O43 - CFD: 12/04/2011 - 01:47:11 - [2,897] ----D C:\Program Files\Windows Defender
O43 - CFD: 27/01/2013 - 17:38:28 - [182,611] ----D C:\Program Files\Windows Live
O43 - CFD: 12/04/2011 - 01:47:11 - [5,870] ----D C:\Program Files\Windows Mail
O43 - CFD: 12/04/2011 - 01:47:11 - [6,286] ----D C:\Program Files\Windows Media Player
O43 - CFD: 17/06/2012 - 14:35:39 - [11,630] ----D C:\Program Files\Windows NT
O43 - CFD: 12/04/2011 - 01:47:11 - [4,210] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 01/09/2012 - 08:51:43 - [0,181] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 01/09/2012 - 08:51:43 - [5,716] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 19/08/2012 - 18:42:09 - [1,439] ----D C:\Program Files\WinRAR
O43 - CFD: 27/04/2013 - 10:13:14 - [9,962] ----D C:\Program Files\ZHPDiag
O43 - CFD: 17/06/2012 - 20:19:38 - [3,796] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 16/04/2013 - 16:31:32 - [0,089] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 23/04/2013 - 14:39:20 - [1,189] ----D C:\Program Files\Common Files\Java
O43 - CFD: 16/04/2013 - 19:45:08 - [166,558] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 13/07/2009 - 23:37:05 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 17/06/2012 - 14:35:39 - [0] ----D C:\Program Files\Common Files\Sistema
O43 - CFD: 08/04/2013 - 21:26:36 - [1,904] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 13/07/2009 - 23:37:05 - [39,200] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 22/09/2012 - 19:51:44 - [0] ----D C:\Program Files\Common Files\Symantec Shared
O43 - CFD: 17/04/2013 - 11:03:35 - [42,148] ----D C:\Program Files\Common Files\System
O43 - CFD: 17/06/2012 - 16:23:01 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 18/04/2013 - 10:15:19 - [270,277] ----D C:\ProgramData\Adobe
O43 - CFD: 26/03/2013 - 15:47:14 - [2,216] ----D C:\ProgramData\Apple
O43 - CFD: 26/03/2013 - 15:47:57 - [36,533] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 01:53:55 - [0] ----D C:\ProgramData\Application Data
O43 - CFD: 25/08/2012 - 08:27:11 - [0,000] ----D C:\ProgramData\Common Files
O43 - CFD: 23/04/2013 - 13:56:18 - [649,742] ----D C:\ProgramData\Comodo
O43 - CFD: 13/04/2013 - 18:23:31 - [87,733] ----D C:\ProgramData\Comodo Downloader
O43 - CFD: 17/06/2012 - 14:35:39 - [0] ----D C:\ProgramData\Dados de aplicativos
O43 - CFD: 14/07/2009 - 01:53:55 - [0] ----D C:\ProgramData\Desktop
O43 - CFD: 17/06/2012 - 14:35:39 - [0] ----D C:\ProgramData\Documentos
O43 - CFD: 14/07/2009 - 01:53:55 - [0] ----D C:\ProgramData\Documents
O43 - CFD: 14/07/2009 - 01:53:55 - [0] ----D C:\ProgramData\Favorites
O43 - CFD: 17/06/2012 - 14:35:39 - [0] ----D C:\ProgramData\Favoritos
O43 - CFD: 02/09/2012 - 17:19:52 - [2,477] ----D C:\ProgramData\gas
O43 - CFD: 22/04/2013 - 14:09:41 - [0,011] ----D C:\ProgramData\GbPlugin
O43 - CFD: 20/07/2012 - 22:17:31 - [15,892] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 17/06/2012 - 14:35:39 - [0] ----D C:\ProgramData\Menu Iniciar
O43 - CFD: 24/04/2013 - 09:12:23 - [8,311] ----D C:\ProgramData\MFAData
O43 - CFD: 16/04/2013 - 16:31:11 - [547,216] -S--D C:\ProgramData\Microsoft
O43 - CFD: 17/04/2013 - 14:45:52 - [0,063] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 22/07/2012 - 00:44:11 - [0] ----D C:\ProgramData\Microsoft SkyDrive
O43 - CFD: 17/06/2012 - 14:35:39 - [0] ----D C:\ProgramData\Modelos
O43 - CFD: 17/06/2012 - 15:18:31 - [0,034] ----D C:\ProgramData\Mozilla
O43 - CFD: 08/04/2013 - 21:26:41 - [49,434] ----D C:\ProgramData\Skype
O43 - CFD: 14/07/2009 - 01:53:55 - [0] ----D C:\ProgramData\Start Menu
O43 - CFD: 17/06/2012 - 17:02:40 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 15/02/2013 - 07:59:43 - [9,731] ---AD C:\ProgramData\TEMP
O43 - CFD: 14/07/2009 - 01:53:55 - [0] ----D C:\ProgramData\Templates
O43 - CFD: 17/06/2012 - 20:22:19 - [3,240] ----D C:\Users\EDSON\AppData\Roaming\Adobe
O43 - CFD: 26/03/2013 - 15:48:27 - [0,074] ----D C:\Users\EDSON\AppData\Roaming\Apple Computer
O43 - CFD: 02/07/2012 - 09:30:32 - [0,018] ----D C:\Users\EDSON\AppData\Roaming\CheckPoint
O43 - CFD: 20/04/2013 - 20:01:24 - [13,713] ----D C:\Users\EDSON\AppData\Roaming\Comodo
O43 - CFD: 23/09/2012 - 23:29:31 - [0] ----D C:\Users\EDSON\AppData\Roaming\f-secure
O43 - CFD: 17/06/2012 - 14:35:57 - [0] ----D C:\Users\EDSON\AppData\Roaming\Identities
O43 - CFD: 18/06/2012 - 12:49:36 - [0] ----D C:\Users\EDSON\AppData\Roaming\LibreOffice
O43 - CFD: 17/06/2012 - 15:14:39 - [0] ----D C:\Users\EDSON\AppData\Roaming\Macromedia
O43 - CFD: 17/06/2012 - 16:42:55 - [0,488] ----D C:\Users\EDSON\AppData\Roaming\Malwarebytes
O43 - CFD: 16/04/2013 - 16:54:47 - [19,229] -S--D C:\Users\EDSON\AppData\Roaming\Microsoft
O43 - CFD: 17/06/2012 - 15:19:18 - [32,344] ----D C:\Users\EDSON\AppData\Roaming\Mozilla
O43 - CFD: 15/01/2013 - 15:12:53 - [0] ----D C:\Users\EDSON\AppData\Roaming\Opera
O43 - CFD: 13/10/2012 - 09:35:38 - [0] ----D C:\Users\EDSON\AppData\Roaming\Positivo
O43 - CFD: 25/04/2013 - 12:34:02 - [28,292] ----D C:\Users\EDSON\AppData\Roaming\Skype
O43 - CFD: 15/09/2012 - 20:00:15 - [0,908] ----D C:\Users\EDSON\AppData\Roaming\Sun
O43 - CFD: 30/06/2012 - 17:25:06 - [0] ----D C:\Users\EDSON\AppData\Roaming\TeamViewer
O43 - CFD: 06/09/2012 - 08:02:53 - [0] ----D C:\Users\EDSON\AppData\Roaming\TuneUp Software
O43 - CFD: 26/06/2012 - 16:15:00 - [0] ----D C:\Users\EDSON\AppData\Roaming\Windows Live Writer
O43 - CFD: 19/08/2012 - 18:23:55 - [0,000] ----D C:\Users\EDSON\AppData\Roaming\WinRAR
O43 - CFD: 17/06/2012 - 20:22:19 - [14,868] ----D C:\Users\EDSON\AppData\Local\Adobe
O43 - CFD: 26/03/2013 - 15:47:17 - [0] ----D C:\Users\EDSON\AppData\Local\Apple
O43 - CFD: 26/03/2013 - 15:48:27 - [59,677] ----D C:\Users\EDSON\AppData\Local\Apple Computer
O43 - CFD: 21/07/2012 - 11:51:08 - [1,487] ----D C:\Users\EDSON\AppData\Local\Apps
O43 - CFD: 13/04/2013 - 18:34:39 - [42,813] ----D C:\Users\EDSON\AppData\Local\Comodo
O43 - CFD: 16/04/2013 - 16:08:28 - [2,602] ----D C:\Users\EDSON\AppData\Local\CRE
O43 - CFD: 17/06/2012 - 14:35:49 - [0] ----D C:\Users\EDSON\AppData\Local\Dados de aplicativos
O43 - CFD: 21/07/2012 - 11:51:22 - [0] ----D C:\Users\EDSON\AppData\Local\Deployment
O43 - CFD: 24/03/2013 - 17:28:46 - [2,024] ----D C:\Users\EDSON\AppData\Local\Diagnostics
O43 - CFD: 12/08/2012 - 10:31:00 - [0] ----D C:\Users\EDSON\AppData\Local\ElevatedDiagnostics
O43 - CFD: 22/08/2012 - 11:30:20 - [511,013] ----D C:\Users\EDSON\AppData\Local\Google
O43 - CFD: 17/06/2012 - 14:35:49 - [0] ----D C:\Users\EDSON\AppData\Local\Histórico
O43 - CFD: 18/06/2012 - 13:30:38 - [0] ----D C:\Users\EDSON\AppData\Local\Macromedia
O43 - CFD: 12/11/2012 - 20:15:20 - [345,993] ----D C:\Users\EDSON\AppData\Local\Microsoft
O43 - CFD: 30/10/2012 - 09:32:06 - [0,603] ----D C:\Users\EDSON\AppData\Local\Microsoft Games
O43 - CFD: 16/04/2013 - 16:54:45 - [0,154] ----D C:\Users\EDSON\AppData\Local\Microsoft Help
O43 - CFD: 12/01/2013 - 20:00:46 - [0,016] ----D C:\Users\EDSON\AppData\Local\Mozilla
O43 - CFD: 15/01/2013 - 15:12:52 - [0] ----D C:\Users\EDSON\AppData\Local\Opera
O43 - CFD: 30/12/2012 - 14:32:13 - [0] ----D C:\Users\EDSON\AppData\Local\Programs
O43 - CFD: 27/04/2013 - 10:12:05 - [6,627] ----D C:\Users\EDSON\AppData\Local\Temp
O43 - CFD: 17/06/2012 - 14:35:49 - [0] ----D C:\Users\EDSON\AppData\Local\Temporary Internet Files
O43 - CFD: 13/11/2012 - 18:35:21 - [0,001] ----D C:\Users\EDSON\AppData\Local\VirtualStore
O43 - CFD: 25/04/2013 - 11:25:40 - [0,031] ----D C:\Users\EDSON\AppData\Local\Windows Live
O43 - CFD: 26/06/2012 - 16:15:07 - [0,618] ----D C:\Users\EDSON\AppData\Local\Windows Live Writer
O43 - CFD: 14/07/2009 - 01:42:04 - [0,014] R---D C:\Users\EDSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 20/07/2012 - 22:48:00 - [0,000] R---D C:\Users\EDSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 17/06/2012 - 17:03:26 - [0] ----D C:\Users\EDSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gadwin Systems
O43 - CFD: 09/02/2013 - 19:51:41 - [0,002] ----D C:\Users\EDSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
O43 - CFD: 14/07/2009 - 01:37:42 - [0,001] R---D C:\Users\EDSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 25/02/2013 - 08:41:48 - [0,004] ----D C:\Users\EDSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programas RFB2013
O43 - CFD: 20/07/2012 - 22:18:22 - [0,005] ----D C:\Users\EDSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
O43 - CFD: 20/07/2012 - 22:48:00 - [0,000] R---D C:\Users\EDSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 19/08/2012 - 18:42:05 - [0] ----D C:\Users\EDSON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Scan Program Folder in 00mn 07s

---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.0BA0B3870D5347882BEA1809F5650931] - 27/04/2013 - 10:10:11 ---A- . (...) -- C:\Windows\System32\Drivers\sfi.dat [1474832]
O44 - LFC:[MD5.7A519B65170DDFC8E19D0DB1B5CD84FF] - 27/04/2013 - 09:47:28 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [26944]
O44 - LFC:[MD5.7A519B65170DDFC8E19D0DB1B5CD84FF] - 27/04/2013 - 09:47:28 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [26944]
O44 - LFC:[MD5.DD0062DF6811F3DA780E0B876E8E461E] - 27/04/2013 - 09:44:40 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1517030]
O44 - LFC:[MD5.2408DBADB9A62CBC225ED74861FD9FF5] - 27/04/2013 - 09:44:40 ---A- . (...) -- C:\Windows\System32\perfc009.dat [106190]
O44 - LFC:[MD5.9F4B5FBC219BA325B23582BF46A5F680] - 27/04/2013 - 09:44:40 ---A- . (...) -- C:\Windows\System32\perfh009.dat [615810]
O44 - LFC:[MD5.B90709C09A0B1AD1E10EC284DD104217] - 27/04/2013 - 09:44:40 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [127896]
O44 - LFC:[MD5.F2734E8AC82F754A6FD62BBFF8DD7291] - 27/04/2013 - 09:44:40 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [663606]
O44 - LFC:[MD5.7B20F6B18F8B913428D9B69D3A04CDD2] - 27/04/2013 - 09:43:45 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1266021]
O44 - LFC:[MD5.5C3F5981052D13CBDAB14CB5DDE96D47] - 27/04/2013 - 09:40:22 ---A- . (...) -- C:\Windows\setupact.log [9352]
O44 - LFC:[MD5.799F80E2F45AF4D51C40A8BA5F6FB610] - 27/04/2013 - 09:40:15 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]
O44 - LFC:[MD5.A2419E86B13740C37E97E16982FE7AD9] - 26/04/2013 - 08:46:21 ---A- . (...) -- C:\Windows\PFRO.log [12080]
O44 - LFC:[MD5.691577DC9E72C5526871182D48572D5F] - 25/04/2013 - 19:15:23 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [594960]
O44 - LFC:[MD5.A283E768FA12EF33087F07B01F82D6DD] - 25/04/2013 - 19:11:26 ---A- . (.Sysinternals - PsExec Service.) -- C:\Windows\PSEXESVC.EXE [181064]
O44 - LFC:[MD5.CA2A8AF1DBAD0F31F9B33A2827DFBC16] - 25/04/2013 - 18:59:25 ---A- . (...) -- C:\Windows\tweaking.com-regbackup-EDSON-PC-Microsoft-Windows-7-Home-Basic-(32-bit).dat [207]
O44 - LFC:[MD5.09FC33AC3AA1BAAFF3C1C1A37AC0EC2F] - 24/04/2013 - 11:31:37 ---A- . (...) -- C:\REGISTRYBACKUP.REG [139629910]
O44 - LFC:[MD5.51306528823DA76791B0BF4EB77F92F8] - 24/04/2013 - 11:09:49 ---A- . (...) -- C:\PhysicalMBR.bin [512]
O44 - LFC:[MD5.FA73A9A5109BFFB6F051F01DA1A739E6] - 23/04/2013 - 23:49:25 ---A- . (...) -- C:\Windows\CCE.INI [630]
O44 - LFC:[MD5.D0F47BFDDE810912F65E079B5956D6C7] - 23/04/2013 - 14:38:49 ---A- . (.Oracle Corporation - No comment.) -- C:\Windows\System32\WindowsAccessBridge.dll [94112]
O44 - LFC:[MD5.69EC2283D9CB6762FFC7A85E075018F9] - 23/04/2013 - 14:38:48 ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\System32\deployJava1.dll [788896]
O44 - LFC:[MD5.091C84FE9C2A2C4AE1F30AC7C6A4BDD1] - 23/04/2013 - 14:38:48 ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\System32\java.exe [174496]
O44 - LFC:[MD5.AE5F5021FC66A380FD46B17A3E30E8E8] - 23/04/2013 - 14:38:48 ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\System32\javaw.exe [174496]
O44 - LFC:[MD5.21CFE2D87E8C81FF66DEFD1AB75B29EA] - 23/04/2013 - 14:38:48 ---A- . (.Oracle Corporation - Java Web Start Launcher.) -- C:\Windows\System32\javaws.exe [263584]
O44 - LFC:[MD5.ADC539F67D3198679F480974EE203678] - 23/04/2013 - 14:38:48 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\System32\npDeployJava1.dll [866720]
O44 - LFC:[MD5.838D5CB090D46E40089400BDB8ED9D9A] - 23/04/2013 - 13:15:58 ---A- . (...) -- C:\Windows\System32\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile [694]
O44 - LFC:[MD5.51306528823DA76791B0BF4EB77F92F8] - 21/04/2013 - 14:59:56 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]
O44 - LFC:[MD5.D5FB8F0882BA6D21D5842C89AA72AC72] - 19/04/2013 - 10:12:40 ---A- . (.COMODO CA Limited - COMODO CertSentry Revocation Provider.) -- C:\Windows\System32\certsentry.dll [47368]
O44 - LFC:[MD5.A06A0409D9D2E4785E6D05027F0B1E12] - 18/04/2013 - 18:02:02 ---A- . (.COMODO - COMODO Internet Security Firewall Driver.) -- C:\Windows\System32\Drivers\inspect.sys [84928]
O44 - LFC:[MD5.229770FF9B87160AC3C22517BBFE6BF4] - 18/04/2013 - 10:15:11 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe [691592]
O44 - LFC:[MD5.33AABF5D0F7C87E1F7C58FCD1966B542] - 18/04/2013 - 10:15:11 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [71048]
O44 - LFC:[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - 17/04/2013 - 11:03:35 ---A- . (...) -- C:\Windows\win.ini [478]
O44 - LFC:[MD5.0FCFB70E0505156BA90218DA19372BA4] - 15/04/2013 - 18:38:52 ---A- . (.COMODO - COMODO Internet Security Helper Driver.) -- C:\Windows\System32\Drivers\cmdhlp.sys [43728]
O44 - LFC:[MD5.11EEFA7EB58D2C33FDE5930E2FC490DC] - 15/04/2013 - 18:38:50 ---A- . (.COMODO - COMODO Internet Security Eradication Driver.) -- C:\Windows\System32\Drivers\cmderd.sys [20072]
O44 - LFC:[MD5.395EB1D5A2BEB44EACC5B13854D11D5E] - 15/04/2013 - 18:38:50 ---A- . (.COMODO - COMODO Internet Security Sandbox Driver.) -- C:\Windows\System32\Drivers\cmdguard.sys [581912]
O44 - LFC:[MD5.DFD8A8125934CA790FF1B9FE7ABF25CC] - 15/04/2013 - 18:38:38 ---A- . (.COMODO - COMODO Internet Security.) -- C:\Windows\System32\cmdcsr.dll [35488]
O44 - LFC:[MD5.A8251F5ACDE2CF0EE4A6251363FA858B] - 15/04/2013 - 18:38:38 ---A- . (.COMODO - COMODO Internet Security.) -- C:\Windows\System32\guard32.dll [348584]
O44 - LFC:[MD5.87CF741D6D08290CDDFAE98B727A1285] - 15/04/2013 - 18:38:26 ---A- . (.COMODO - COMODO Internet Security.) -- C:\Windows\System32\cmdkbd32.dll [40656]
O44 - LFC:[MD5.A1BC6469DC2E79CBAF93871AE8B587DC] - 15/04/2013 - 18:38:26 ---A- . (.COMODO - COMODO Internet Security.) -- C:\Windows\System32\cmdvrt32.dll [276688]
O44 - LFC:[MD5.6254A064C2878ECA43516AD740DF1CB4] - 13/04/2013 - 21:19:09 ---A- . (...) -- C:\Windows\System32\Drivers\fvstore.dat [101006]
O44 - LFC:[MD5.4470E3C1E0C3378E4CAB137893C12C3A] - 04/04/2013 - 14:50:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [22856]
~ Scan Files in 02mn 25s

---\\ Operations and functions at Windows Explorer startup (O46)
O46 - SEH:ShellExecuteHooks - GbPlugin ShlObj - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Program Files\GbPlugin\gbiehcef.dll
O46 - SEH:ShellExecuteHooks - GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ Scan ShellExecuteHooks in 00mn 00s

---\\ Local Security Authority-LSA Deny (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll
~ Scan Keys in 00mn 00s

---\\ Safe Boot Control (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s

---\\ MountPoints2 Shell Key (MPKS) (O51) (None)

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\CertificateRegistration [Key] . (.A.E.T. Europe B.V. - Certificate Expiration Check Utility.) -- C:\Windows\System32\aetcrss1.exe
O53 - SMSR:HKLM\...\startupreg\COMODO [Key] . (...) -- C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Gadwin PrintScreen [Key] . (.Gadwin Systems, Inc - Gadwin PrintScreen.) -- C:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe
O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Google Installer.) -- C:\Users\EDSON\AppData\Local\Google\Update\GoogleUpdate.exe
O53 - SMSR:HKLM\...\startupreg\GrooveMonitor [Key] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O53 - SMSR:HKLM\...\startupreg\MSC [Key] . (...) -- c:\Program Files\Microsoft Security Client\msseces.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O53 - SMSR:HKLM\...\startupreg\PSafeTray [Key] . (...) -- C:\Program Files\PSafe\PSafeSysTray.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\PSafeWDS [Key] . (...) -- C:\Program Files\PSafe\PSafeWDS.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
~ Scan SMSR Keys in 00mn 00s

---\\ Microsoft Control Security Providers (MCSP) (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0
~ Scan Keys in 00mn 00s

---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.31E96818831A9BDFEA233CF078A7DCB3] - 17/01/2013 - 21:07:36 R--A- . (.360.cn - 360FileOem.) -- C:\Windows\System32\Drivers\360FileOem.sys [152880]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Scan Drivers in 00mn 00s

---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: Lop SD - (.AngelDark & Eric71.)
~ Scan ADS in 00mn 00s

---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 15/04/2013 - C:\Windows\System32\DRIVERS\cmderd.sys (cmderd) .(.COMODO - COMODO Internet Security Eradication Driver.) - LEGACY_CMDERD
O64 - Services: CurCS - 15/04/2013 - C:\Windows\System32\DRIVERS\cmdguard.sys (cmdGuard) .(.COMODO - COMODO Internet Security Sandbox Driver.) - LEGACY_CMDGUARD
O64 - Services: CurCS - 22/01/2013 - C:\Windows\System32\drivers\gbpkm.sys (GbpKm) .(.GAS Tecnologia - GbPlugin Device Driver.) - LEGACY_GBPKM
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Scan Services in 00mn 00s

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <DragonHTML>[HKLM\..\open\Command] (.Comodo - Comodo Dragon.) -- C:\Program Files\Comodo\Dragon\dragon.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\EDSON\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\EDSON\AppData\Local\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <Dragon> <Dragon>[HKLM\..\Shell\open\Command] (.Comodo - Comodo Dragon.) -- C:\Program Files\Comodo\Dragon\dragon.exe
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\EDSON\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe
O68 - StartMenuInternet: <Dragon> <Dragon>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Comodo\Dragon\dragon.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Users\EDSON\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Safari\Safari.exe (.not file.)
O68 - StartMenuInternet: <Dragon> <Dragon>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Comodo\Dragon\dragon.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Users\EDSON\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Safari\Safari.exe (.not file.)
O68 - StartMenuInternet: <Dragon> <Dragon>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Comodo\Dragon\dragon.exe (.not file.)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Users\EDSON\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)
O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Safari\Safari.exe (.not file.)

~ Scan Keys in 00mn 00s

---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Bing) - http://www.bing.com

~ Scan Keys in 00mn 00s

---\\ Search Svchost Services (SSS) (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\System32\srvsvc.dll [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\Windows\System32\gpsvc.dll [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [674304]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\Audiosrv.dll [473600]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acesso Remoto.) -- C:\Windows\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\Windows\System32\sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor Host da Sessão da Área de.) -- C:\Windows\System32\termsrv.dll [521216]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de plano de fundo.) -- C:\Windows\System32\qmgr.dll [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em uma rede IPv4..) -- C:\Windows\System32\iphlpsvc.dll [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\System32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164352]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\System32\kmsvc.dll [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho Remota.) -- C:\Windows\System32\sessenv.dll [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\System32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [76800]
~ Scan Services in 00mn 00s

---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.6D9E5361414A404F62DC249F2AADC327] [sPRF][31/01/2008] (.Unknown owner - 7-zip32.) -- C:\Users\EDSON\AppData\Local\Temp\7-zip32.dll [506880]
[MD5.244F1B4BD10E7BAEE91DA50B097BD087] [sPRF][26/04/2013] (...) -- C:\Users\EDSON\AppData\Local\Temp\ICReinstall_ccleaner-4014093-baixaki-32-bits (1).exe [636280]
[MD5.80F4A456633F78A26A3C6B16E64EFEC5] [sPRF][28/09/2007] (.Microsoft - Uno Messenger.) -- C:\Windows\Downloaded Program Files\GAME_UNO1.dll [381960]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [sPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544]
~ Scan Files in 00mn 00s

---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{1AE32C2A-6CCB-4007-B267-E218B0678793}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "TCP Query User{FA2F34A4-D10E-4165-AAD5-120E10114CC8}C:\program files\java\jre7\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Oracle Corporation - Java Platform SE binary.) -- C:\program files\java\jre7\bin\javaw.exe
O87 - FAEL: "UDP Query User{4DCC01DE-B427-4056-9E5B-D3B3FF1D1A28}C:\program files\java\jre7\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Oracle Corporation - Java Platform SE binary.) -- C:\program files\java\jre7\bin\javaw.exe
~ Scan Firewall in 00mn 01s

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 18/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 15/04/2013 4443912 | (cmdAgent) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
SS - | Demand 15/04/2013 127184 | (cmdvirth) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
SR - | Auto 2074760 | (DragonUpdater) . (...) - C:\Program Files\Comodo\Dragon\dragon_updater.exe
SR - | Auto 22/01/2013 526888 | (GbpSv) . (.GAS Tecnologia.) - C:\Program Files\GbPlugin\gbpsv.exe

SS - | Auto 28/07/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 28/07/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SR - | Auto 1821384 | (IceDragonUpdater) . (...) - C:\Program Files\Comodo\IceDragon\icedragon_updater.exe
SS - | Demand 14/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 13/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 13/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 03s

End of the scan (1086 lines in 03mn 02s)(0)

Abraços

Bom Dia! EDSSX

#######

---\\ System Information

~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 1981 MB (58% free)

System Restore: Activé (Enable) <<

System drive C: has 426 GB (91%) free of 466 GB

#######

|- A Restauração do Sistema,por esta indicação,encontra-se ativada.

|- Ps: Desinstale o Malwarebytes! Deixe,apenas,o Comodo.

-/-

|- Feche programas/pastas que estejam abertas.

|- Feche,também,o navegador!

|- Para Windows Vista,desabilite a http://windows.microsoft.com/pt-BR/windows-vista/Turn-User-Account-Control-on-or-off'>UAC.

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/My%2520Tools%25204/ZHPFix_silent_zps532d2db6.jpg&key=e3bca71d24a0067fad1910903f2d756650c2d526a3a3b4495f41f8a5e073328a" alt="ZHPFix_silent_zps532d2db6.jpg" />

|- Para Windows Vista ou 7,clique direito em ZHPFix.exe e execute-o como administrador.

|- Selecione e copie estas informações,que estão no Code,para o "Bloco de Notas".

R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)

O2 - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} Orphean Key

O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} Orphean Key

O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Orphean Key

O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} Orphean Key

O2 - BHO: (no name) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} Orphean Key

O2 - BHO: (no name) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} Orphean Key

O2 - BHO: (no name) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} Orphean Key

O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} Orphean Key

O4 - Global Startup: C:\Users\EDSON\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Malwarebytes Anti-Malware versão 1.75.0.1300 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O43 - CFD: 11/04/2013 - 10:37:07 - [13,339] ----D C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 17/06/2012 - 14:35:49 - [0] ----D C:\Users\EDSON\AppData\Local\Histórico

O43 - CFD: 23/09/2012 - 23:29:31 - [0] ----D C:\Users\EDSON\AppData\Roaming\f-secure

O44 - LFC:[MD5.4470E3C1E0C3378E4CAB137893C12C3A] - 04/04/2013 - 14:50:32 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [22856]

O53 - SMSR:HKLM\...\startupreg\PSafeTray [Key] . (...) -- C:\Program Files\PSafe\PSafeSysTray.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\PSafeWDS [Key] . (...) -- C:\Program Files\PSafe\PSafeWDS.exe (.not file.)

[HKLM\Software\360Safe]

[HKCU\Software\F-Secure]

[HKCU\Software\MCAFEE]

[HKCU\Software\Malwarebytes' Anti-Malware (portable)]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]

[HKLM\Software\Malwarebytes' Anti-Malware (portable)]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\Panda Security]

[HKLM\Software\Panda Software]

[HKLM\Software\Swearware]

C:\Program Files\PSafe

emptytemp

emptyclsid

emptyflash

firewallraz

sysrestore

|- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C"

|- Minimize o Bloco de Notas.

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPDiag_PasteClipboard.jpg&key=e48613cfa6f79756d0d3087d1f9470f91a4d063f3d1285295d93d87cacbfb63d" alt="ZHPDiag_PasteClipboard.jpg" />

|- Clique no menu,"Paste ClipBoard".

http://imgbox.com/acerMAbC'>/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/acerMAbC.jpg&key=8f6573385f94e5beff1160ce0a8e6778a7b84bd7dbdcfdd2ee7c4058d85bf88a" alt="acerMAbC.jpg" />

|- Clique "GO" -> Oui.

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/ZHPFix_GO.jpg&key=558fe81face1e694faa61f1e0c3985db203e8ad910d59aa68f5da5f2fd114f02" alt="ZHPFix_GO.jpg" />

|- Ps: Temos,àcima,sequência de imagens para maior exclarecimento.

|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt

A+

DigRam !

Eis :

Rapport de ZHPFix 1.3.05 par Nicolas Coolman, Update du 09/10/2012
Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-27-04-2013-11-32-29.txt
Run by EDSON at 27/04/2013 11:32:29
Windows 7 Home Basic Edition, 32-bit Service Pack 1 (Build 7601)
Web site : http://imageshack.us'>ImageShack.us

http://imageshack.us'>ImageShack.us

O malwaresbytes; eu rodo ele todos os dias . Faço uma execução rápida . Por isto vou mantê - lo . Já o comodo acho é um execelente AV; pois detecta tudo .

Abraços

Boa Tarde! EDSSX

/applications/core/interface/imageproxy/imageproxy.php?img=http://static.commentcamarche.net/pt.kioskea.net/pictures/rSoB84ZR-protecao-sistema-w7-2-s-.png&key=f5b8896244239b61e4bad48affa853dfa5da5c971efe484f87dd0a172873f6f5" alt="rSoB84ZR-protecao-sistema-w7-2-s-.png" />

|- Segundo esta imagem,está faltando a unidade Recovery,nas configurações de Proteção. Vc possui o CD de instalação,para o reparo?

A+

Bom inicio de tarde ! DigRam

Infelizmente não .

Algum malware pode ter formatado esta partição recovery ?

Obrigado e abraços

Boa Tarde! EDSSX

< Criar uma partição Recovery >

Algum malware pode ter formatado esta partição recovery ?

|- Acredito que não tenha sido criada por você. Ela seria útil para reverter problemas e/ou reinstalar o Windows. Mas..como não existe,sua criação não irá solucionar seus problemas.
|- Caso possua backups ao registro,estabelecido por ERUNT,vá à este caminho: C:\WINDOWS\ERDNT <<
|- Abra a pasta AutoBackup e restaure o Registro,escolhendo data que seja anterior ao problema com a RS.

-/-

|- Baixe: |DelFix| ( ... de Xplode )

/applications/core/interface/imageproxy/imageproxy.php?img=http://i1143.photobucket.com/albums/n629/j2ram/My%2520Tools%25203/DelFix_SetaVerde.jpg&key=a562af283f81224b0096f109e2c85fcde8abae0d109a59c91160b5f99a23e243" alt="DelFix_SetaVerde.jpg" />

|- Estando na página,clique na seta verde para o download.
|- Salve-a em um local conveniente! ( desktop! )
|- Feche aplicativos que estejam abertos.

/applications/core/interface/imageproxy/imageproxy.php?img=http://t.imgbox.com/aciCkcnc.jpg&key=64869378cfa4b064d7b47039e3c62f5b7663c245630c39d83d544fa67ef7cd81" alt="aciCkcnc.jpg" />

|- Execute-a!

|- Com as duas checkbox marcadas!
|- Clique "Run".
|- Informe as condições da máquina!

A+