[Resolvido] &nbspAvira informando freneticamente mensagem de bloqueio

Mário Monteiro · Janeiro 28, 2011

Mensagem

Guard: Autorun blocked

Access to the file 'C:\Autorun,inf' was blocked for your security.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 09:13:49, on 28/01/2011

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18999)

Boot mode: Normal

Running processes:

C:\Program Files\DigitalPersona\Bin\DpAgent.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Comodo\Firewall\cfp.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Program Files\HP\HP Software Update\hpwuSchd2.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\VIVO Internet e TV Digital\Vivo 3G.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe

C:\Program Files\VIVO Internet e TV Digital\CMUpdater.exe

C:\Users\Mário Monteiro\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mário Monteiro\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mário Monteiro\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Mário Monteiro\AppData\Local\Google\Chrome\Application\chrome.exe

C:\HijackThis\HiJackThis.exe

C:\HijackThis\Malwarebytes' Anti-Malware\mbam.exe

C:\Windows\system32\SearchFilterHost.exe

C:\HijackThis\Malwarebytes' Anti-Malware\mbam.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orkut.com.br/Main#Application?uid=17360339365536149156&appId=999787414856&rl=ls

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_br&c=83&bd=Pavilion&pf=cnnb

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\PROGRAM FILES\GBPLUGIN\gbieh.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\cfp.exe" -h

O4 - HKLM\..\Run: [DpAgent] C:\Program Files\DigitalPersona\Bin\dpagent.exe

O4 - HKLM\..\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O8 - Extra context menu item: Enviar imagem para Dispositivo &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Enviar página para Dispositivo &Bluetooth ... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)

O15 - Trusted Zone: www.bancobrasil.com.br

O15 - Trusted Zone: www14.bancobrasil.com.br

O15 - Trusted Zone: www2.bancobrasil.com.br

O15 - Trusted Zone: www.bb.com.br

O17 - HKLM\System\CCS\Services\Tcpip\..\{F23D74C9-A8F0-4E6B-A94F-CA09C9A6A55D}: NameServer = 200.202.193.75 200.223.0.83

O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - (no file)

O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll

O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\Comodo\Firewall\cmdagent.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHostW.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: HP Service (hpsrv) - Hewlett-Packard Company - C:\Windows\system32\Hpservice.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe

O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe

O23 - Service: Validity Fingerprint Service (vfsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vfsFPService.exe

--

End of file - 9507 bytes

Obrigado

wings · Janeiro 28, 2011

Olá Mário

1.

*Execute o hijack, clique em [Do a system scan only], selecione as entradas abaixo e clique em [Fix checked]

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)

O18 - Protocol: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - (no file)

*Feche o hijack

2.

Abra o Spybot

No menu superior, clique em [Modo] > [Avançado] e confirme.

Clique em [Ferramentas] > [Residente]

Desmarque a opção Ativar "TeaTimer" do Residente (proteção geral das configurações de sistema).

Feche o programa.

3.

*Desative temporariamente seu antivírus

Clique com o botão direito do mouse no ícone do Avira ao lado do relógio

Clique na opção "Antivir Guard enable".

*Baixe o USBFix e salve-o no desktop

*Conecte o pen drive no PC

*Clique com o botão direito do mouse no UsbFix e selecione "Executar como administrador"

*Clique [Pesquisa] e aguarde

*Ao finalizar, remova o pen drive

*Cole o relatório C:\UsbFix.txt

Mário Monteiro · Janeiro 28, 2011

wings só informando que o unico pen drive conectado é o modem vivo sigo os procedimentos assim mesmo?

Informo ainda que de fato existe esta pasta

C:\Autorun.inf\

que é inacessivel

wings · Janeiro 28, 2011

Pode seguir...sem problemas.

Mário Monteiro · Janeiro 28, 2011

Ja que o próprio usbfix sugere que seja plugado tudo coloquei o meu hd externo que não conectava ao note já a uns 2 dias também

Segue o log

############################## | UsbFix 7.038 | [Pesquisa]

Usuário: Mário Monteiro (Administrador) # MARIO [Hewlett-Packard HP Pavilion DV5]

Atualizado em 14/01/2011 por El Desaparecido / C_XX

Começou em 10:02:48 | 28/01/2011

Site: http://www.teamxscript.org

Contato: eldesaparecido@teamxscript.org

CPU: AMD Turion X2 Dual-Core Mobile RM-70

CPU 2: AMD Turion X2 Dual-Core Mobile RM-70

Microsoft® Windows Vista™ Home Premium (6.0.6002 32-Bit) # Service Pack 2

Internet Explorer 8.0.6001.18999

Windows Firewall: Deficientes /!\

RAM -> 2813 Mb

C:\ (%systemdrive%) -> Disco fixo # 225 Gb (57 Mb livre - 25%) [] # NTFS

D:\ -> Disco fixo # 8 Gb (2 Mb livre - 19%) [HP_RECOVERY] # NTFS

E:\ -> CD-ROM

G:\ -> Disco fixo # 466 Gb (370 Mb livre - 79%) [MARIO] # NTFS

################## | Ficheiros # pastas infeciosos |

Presente ! C:\tmp

################## | Registro |

################## | Mountpoints2 |

################## | Vaccin |

(!) Este computador não é vacinada!

################## | E.O.F |

wings · Janeiro 28, 2011

*Baixe o OTS e salve-o no desktop

*Execute o OTS

*Selecione as opções:

[x] Scan All Users

[x] Use Company Name WhiteList

[x] Skip Microsoft Files

[] Include 64bit scan

*Clique no espaço abaixo de "Custom Scans" e cole o código:

%SYSTEMDRIVE%\*.*

*Clique [Run Scan]

*Ao finalizar, cole o relatório OTS.txt apresentado.

Caso o relatório fique demasiadamente grande...

*Acesse o link abaixo

http://cjoint.com/

*Clique em [Enviar arquivo]

*Localize o OTS.txt

*Clique em [Abrir]

*Clique em [Créer le lien Cjoint]

*Cole o endereço criado

Mário Monteiro · Janeiro 28, 2011

este ultimo procedimento ainda é com o avira desativado ou eu o ponho para funcionar denovo logo?

wings · Janeiro 28, 2011

este ultimo procedimento ainda é com o avira desativado ou eu o ponho para funcionar denovo logo?

Pode ativar o Avira.

Mário Monteiro · Janeiro 28, 2011

OTS logfile created on: 28/01/2011 10:43:25 - Run 1
OTS by OldTimer - Version 3.1.41.4     Folder = C:\Users\Mário Monteiro\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 36,00% Memory free
6,00 Gb Paging File | 3,00 Gb Available in Paging File | 58,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224,66 Gb Total Space | 56,90 Gb Free Space | 25,33% Space Free | Partition Type: NTFS
Drive D: | 8,23 Gb Total Space | 1,57 Gb Free Space | 19,11% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: MARIO
Current User Name: Mário Monteiro
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 30 Days

[Processes - Safe List]
ots.exe -> C:\Users\Mário Monteiro\Desktop\OTS.exe -> [2011/01/28 10:36:44 | 000,642,560 | ---- | M] (OldTimer Tools)
plugin-container.exe -> C:\Program Files\Mozilla Firefox 4.0 Beta 7\plugin-container.exe -> [2011/01/26 13:03:44 | 000,016,856 | ---- | M] (Mozilla Corporation)
firefox.exe -> C:\Program Files\Mozilla Firefox 4.0 Beta 7\firefox.exe -> [2011/01/26 13:03:37 | 000,924,632 | ---- | M] (Mozilla Corporation)
chrome.exe -> C:\Users\Mário Monteiro\AppData\Local\Google\Chrome\Application\chrome.exe -> [2011/01/08 00:35:52 | 000,991,800 | ---- | M] (Google Inc.)
gbpsv.exe -> C:\Program Files\GbPlugin\gbpsv.exe -> [2010/12/28 10:43:18 | 000,054,664 | ---- | M] ( )
mbam.exe -> C:\HijackThis\Malwarebytes' Anti-Malware\mbam.exe -> [2010/12/20 18:08:46 | 000,963,976 | ---- | M] (Malwarebytes Corporation)
avscan.exe -> C:\Program Files\Avira\AntiVir Desktop\avscan.exe -> [2010/12/09 10:45:15 | 000,435,368 | ---- | M] (Avira GmbH)
avguard.exe -> C:\Program Files\Avira\AntiVir Desktop\avguard.exe -> [2010/12/09 10:44:57 | 000,267,944 | ---- | M] (Avira GmbH)
mcsacore.exe -> C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -> [2010/11/24 11:07:58 | 000,088,176 | ---- | M] (McAfee, Inc.)
sched.exe -> C:\Program Files\Avira\AntiVir Desktop\sched.exe -> [2010/11/03 07:09:57 | 000,135,336 | ---- | M] (Avira GmbH)
avgnt.exe -> C:\Program Files\Avira\AntiVir Desktop\avgnt.exe -> [2010/11/03 07:09:56 | 000,281,768 | ---- | M] (Avira GmbH)
vivo 3g.exe -> C:\Program Files\VIVO Internet e TV Digital\Vivo 3G.exe -> [2010/08/24 19:49:38 | 008,256,344 | ---- | M] ()
cmupdater.exe -> C:\Program Files\VIVO Internet e TV Digital\CMUpdater.exe -> [2010/08/24 19:48:22 | 000,677,216 | ---- | M] ()
aawservice.exe -> C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -> [2010/02/04 17:14:45 | 001,181,328 | ---- | M] (Lavasoft)
aawtray.exe -> C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe -> [2010/01/27 14:21:36 | 000,788,880 | ---- | M] (Lavasoft)
avshadow.exe -> C:\Program Files\Avira\AntiVir Desktop\avshadow.exe -> [2010/01/14 21:11:00 | 000,076,968 | ---- | M] (Avira GmbH)
explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 03:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
conime.exe -> C:\Windows\System32\conime.exe -> [2009/04/11 03:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation)
sdwinsec.exe -> C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -> [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.)
cmdagent.exe -> C:\Program Files\Comodo\Firewall\cmdagent.exe -> [2008/12/30 09:13:42 | 000,618,232 | ---- | M] ()
cfp.exe -> C:\Program Files\Comodo\Firewall\cfp.exe -> [2008/12/30 08:34:36 | 001,797,880 | ---- | M] ()
aestsrv.exe -> C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe -> [2008/06/27 19:53:08 | 000,077,824 | ---- | M] (Andrea Electronics Corporation)
stacsv.exe -> C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe -> [2008/06/27 19:43:24 | 000,221,273 | ---- | M] (IDT, Inc.)
sttray.exe -> C:\Program Files\IDT\WDM\sttray.exe -> [2008/06/27 19:42:08 | 000,442,467 | ---- | M] (IDT, Inc.)
vfsfpservice.exe -> C:\Windows\System32\vfsFPService.exe -> [2008/03/26 18:27:52 | 000,595,248 | ---- | M] (Validity Sensors, Inc.)
agrsmsvc.exe -> C:\Windows\System32\agrsmsvc.exe -> [2008/03/18 15:27:12 | 000,013,312 | ---- | M] (Agere Systems)
dpagent.exe -> C:\Program Files\DigitalPersona\Bin\DpAgent.exe -> [2008/03/12 19:24:52 | 000,699,456 | ---- | M] (DigitalPersona, Inc.)
dphostw.exe -> C:\Program Files\DigitalPersona\Bin\DpHostW.exe -> [2008/03/12 19:24:52 | 000,302,144 | ---- | M] (DigitalPersona, Inc.)
inetinfo.exe -> C:\Windows\System32\inetsrv\inetinfo.exe -> [2008/01/20 23:25:07 | 000,013,824 | ---- | M] (Microsoft Corporation)

[Modules - Safe List]
ots.exe -> C:\Users\Mário Monteiro\Desktop\OTS.exe -> [2011/01/28 10:36:44 | 000,642,560 | ---- | M] (OldTimer Tools)
sahook.dll -> c:\Program Files\McAfee\SiteAdvisor\sahook.dll -> [2011/01/04 17:38:44 | 000,018,176 | ---- | M] (McAfee, Inc.)
comctl32.dll -> C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll -> [2010/08/31 12:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation)

[Win32 Services - Safe List]
(GbpSv) Gbp Service [unknown | Running] ->  -> File not found
(AntiVirService) Avira AntiVir Guard [Auto | Running] -> C:\Program Files\Avira\AntiVir Desktop\avguard.exe -> [2010/12/09 10:44:57 | 000,267,944 | ---- | M] (Avira GmbH)
(McAfee SiteAdvisor Service) McAfee SiteAdvisor Service [Auto | Running] -> C:\Program Files\McAfee\SiteAdvisor\McSACore.exe -> [2010/11/24 11:07:58 | 000,088,176 | ---- | M] (McAfee, Inc.)
(AntiVirSchedulerService) Avira AntiVir Scheduler [Auto | Running] -> C:\Program Files\Avira\AntiVir Desktop\sched.exe -> [2010/11/03 07:09:57 | 000,135,336 | ---- | M] (Avira GmbH)
(WAS) Serviço de Ativação de Processos do Windows [On_Demand | Running] -> C:\Windows\System32\inetsrv\iisw3adm.dll -> [2010/04/21 14:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation)
(W3SVC) Serviço de Publicação da World Wide Web [Auto | Running] -> C:\Windows\System32\inetsrv\iisw3adm.dll -> [2010/04/21 14:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation)
(WPFFontCache_v0400) Windows Presentation Foundation Font Cache 4.0.0.0 [On_Demand | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -> [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation)
(clr_optimization_v4.0.30319_32) Microsoft .NET Framework NGEN v4.0.30319_X86 [Auto | Stopped] -> C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -> [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation)
(Lavasoft Ad-Aware Service) Lavasoft Ad-Aware Service [Auto | Running] -> C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -> [2010/02/04 17:14:45 | 001,181,328 | ---- | M] (Lavasoft)
(FontCache) Serviço de Cache de Fontes do Windows [On_Demand | Running] -> C:\Windows\System32\FntCache.dll -> [2009/09/24 22:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation)
(AppHostSvc) Serviço Auxiliar de Host do Aplicativo [Auto | Running] -> C:\Windows\System32\inetsrv\apphostsvc.dll -> [2009/04/11 03:28:17 | 000,052,224 | ---- | M] (Microsoft Corporation)
(SBSDWSCService) SBSD Security Center Service [Auto | Running] -> C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -> [2009/01/26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.)
(cmdAgent) COMODO Firewall Pro Helper Service [Auto | Running] -> C:\Program Files\Comodo\Firewall\cmdagent.exe -> [2008/12/30 09:13:42 | 000,618,232 | ---- | M] ()
(AESTFilters) Andrea ST Filters Service [Auto | Running] -> C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\AEstSrv.exe -> [2008/06/27 19:53:08 | 000,077,824 | ---- | M] (Andrea Electronics Corporation)
(STacSV) Audio Service [Auto | Running] -> C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\stacsv.exe -> [2008/06/27 19:43:24 | 000,221,273 | ---- | M] (IDT, Inc.)
(vfsFPService) Validity Fingerprint Service [Auto | Running] -> C:\Windows\System32\vfsFPService.exe -> [2008/03/26 18:27:52 | 000,595,248 | ---- | M] (Validity Sensors, Inc.)
(Recovery Service for Windows) Recovery Service for Windows [Auto | Stopped] -> C:\Windows\SMINST\BLService.exe -> [2008/03/26 15:26:56 | 000,341,328 | ---- | M] ()
(AgereModemAudio) Agere Modem Call Progress Audio [Auto | Running] -> C:\Windows\System32\agrsmsvc.exe -> [2008/03/18 15:27:12 | 000,013,312 | ---- | M] (Agere Systems)
(DpHost) Biometric Authentication Service [Auto | Running] -> C:\Program Files\DigitalPersona\Bin\DpHostW.exe -> [2008/03/12 19:24:52 | 000,302,144 | ---- | M] (DigitalPersona, Inc.)
(WMSvc) Serviço de Gerenciamento da Web [On_Demand | Stopped] -> C:\Windows\System32\inetsrv\WMSvc.exe -> [2008/01/20 23:25:08 | 000,011,264 | ---- | M] (Microsoft Corporation)
(IISADMIN) Serviço de Administração do IIS [Auto | Running] -> C:\Windows\System32\inetsrv\inetinfo.exe -> [2008/01/20 23:25:07 | 000,013,824 | ---- | M] (Microsoft Corporation)
(WinDefend) Windows Defender [Auto | Running] -> C:\Program Files\Windows Defender\MpSvc.dll -> [2008/01/20 23:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation)

[Driver Services - Safe List]
(GbpKm) Gbp KernelMode [Kernel | Boot | Running] -> C:\Windows\system32\drivers\gbpkm.sys -> [2010/12/28 10:46:30 | 000,046,600 | ---- | M] (GAS Tecnologia)
(avipbb) avipbb [Kernel | System | Running] -> C:\Windows\System32\drivers\avipbb.sys -> [2010/12/21 10:12:43 | 000,135,096 | ---- | M] (Avira GmbH)
(avgntflt) avgntflt [File_System | Auto | Running] -> C:\Windows\System32\drivers\avgntflt.sys -> [2010/11/25 07:20:44 | 000,061,960 | ---- | M] (Avira GmbH)
(HPub2521) USB Mouse Low Filter Driver_2521 (WDF Version) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HPub2521.sys -> [2010/10/13 13:39:36 | 000,013,824 | ---- | M] (TPMX Electronics Ltd.)
(HPMo2521) Mouse Suite Driver_2521 (WDF Version) [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HPMo2521.sys -> [2010/10/12 11:41:32 | 000,020,480 | ---- | M] (TPMX Electronics Ltd.)
(RTL8169) Realtek 8169 NT Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\Rtlh86.sys -> [2010/06/23 09:21:32 | 000,259,176 | ---- | M] (Realtek                                            )
(smsbda) SMS Digital Video [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\smsbda.sys -> [2010/06/21 20:30:38 | 000,052,128 | ---- | M] (Siano)
(hpdskflt) HP Filter [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\hpdskflt.sys -> [2010/06/15 16:53:28 | 000,025,656 | ---- | M] (Hewlett-Packard Company)
(Accelerometer) HP Mobile Data Protection Sensor [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\Accelerometer.sys -> [2010/06/15 16:53:12 | 000,033,848 | ---- | M] (Hewlett-Packard Company)
(SynTP) Synaptics TouchPad Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\SynTP.sys -> [2010/05/27 22:32:58 | 000,245,936 | ---- | M] (Synaptics Incorporated)
(Lbd) Lbd [File_System | Boot | Running] -> C:\Windows\system32\DRIVERS\Lbd.sys -> [2009/12/02 10:19:06 | 000,064,288 | ---- | M] (Lavasoft AB)
(ZTEusbser6k) ZTE Diagnostic Port [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\ZTEusbser6k.sys -> [2009/10/28 19:35:30 | 000,105,216 | ---- | M] (ZTE Incorporated)
(ZTEusbnmea) ZTE NMEA Port [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\ZTEusbnmea.sys -> [2009/10/28 19:35:28 | 000,105,216 | ---- | M] (ZTE Incorporated)
(ZTEusbmdm6k) ZTE Proprietary USB Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\ZTEusbmdm6k.sys -> [2009/10/28 19:35:14 | 000,105,216 | ---- | M] (ZTE Incorporated)
(ZTEusbdvbh) ZTE HS-USB DVBH-RF Service [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\ZTEusbdvbh.sys -> [2009/10/28 19:35:12 | 000,105,216 | ---- | M] (ZTE Incorporated)
(athr) Atheros Extensible Wireless LAN device driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\athr.sys -> [2009/09/05 16:55:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.)
(ssmdrv) ssmdrv [Kernel | System | Running] -> C:\Windows\System32\drivers\ssmdrv.sys -> [2009/05/11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH)
(RTSTOR) Realtek USB 2.0 Card Reader [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\RTSTOR.sys -> [2009/03/26 08:00:02 | 000,064,000 | ---- | M] (Realtek Semiconductor Corp.)
(cmdHlp) COMODO Firewall Pro Helper Driver [Kernel | System | Running] -> C:\Windows\System32\drivers\cmdhlp.sys -> [2008/12/30 09:12:30 | 000,025,104 | ---- | M] (COMODO)
(cmdGuard) COMODO Firewall Pro Sandbox Driver [File_System | System | Running] -> C:\Windows\System32\drivers\cmdguard.sys -> [2008/12/30 09:12:12 | 000,099,344 | ---- | M] (COMODO)
(Inspect) Comodo Firewall Network Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\inspect.sys -> [2008/12/29 10:21:43 | 000,073,232 | ---- | M] (COMODO)
(AgereSoftModem) Agere Systems Soft Modem [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\AGRSM.sys -> [2008/11/21 21:53:40 | 001,204,128 | ---- | M] (Agere Systems)
(KMWDFILTER) HIDUASDesc [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\KMWDFILTER.sys -> [2008/10/09 15:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider)
(IDSvix86) Symantec Intrusion Prevention Driver [Kernel | System | Running] -> C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20081126.002\IDSvix86.sys -> [2008/10/03 14:34:54 | 000,270,384 | ---- | M] (Symantec Corporation)
(STHDA) IDT High Definition Audio CODEC [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\stwrt.sys -> [2008/06/27 19:44:18 | 000,380,928 | ---- | M] (IDT, Inc.)
(ahcix86s) ahcix86s [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\ahcix86s.sys -> [2008/04/14 19:56:18 | 000,170,000 | ---- | M] (AMD Technologies Inc.)
(atikmdag) atikmdag [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\atikmdag.sys -> [2008/03/28 08:24:16 | 003,544,064 | ---- | M] (ATI Technologies Inc.)
(vfs101x) vfs101x [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\vfs101x.sys -> [2008/03/26 18:28:08 | 000,040,752 | ---- | M] (Validity Sensors, Inc.)
(SEMCReserved) SEMC Reserved Interface [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\semcreserved.sys -> [2008/02/15 18:04:42 | 000,017,408 | ---- | M] ()
(sembwwan) Sony Ericsson PC300 Mobile Broadband Ethernet Control Drivers (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sembwwan.sys -> [2008/02/06 15:16:32 | 000,337,408 | ---- | M] (MCCI Corporation)
(sembunic) Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sembunic.sys -> [2008/02/06 15:16:10 | 000,344,064 | ---- | M] (MCCI Corporation)
(sembnd5) Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (NDIS) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sembnd5.sys -> [2008/02/06 15:16:02 | 000,024,960 | ---- | M] (MCCI Corporation)
(sembmgmt) Sony Ericsson PC300 Mobile Broadband Device Management Drivers (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sembmgmt.sys -> [2008/02/06 15:15:56 | 000,343,680 | ---- | M] (MCCI Corporation)
(sembmdm2) Sony Ericsson PC300 Wireless Modem Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sembmdm2.sys -> [2008/02/06 15:15:48 | 000,380,672 | ---- | M] (MCCI Corporation)
(sembmdfl2) Sony Ericsson PC300 Wireless Modem Filter [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sembmdfl2.sys -> [2008/02/06 15:15:34 | 000,014,976 | ---- | M] (MCCI Corporation)
(sembcard) Sony Ericsson PC300 Mobile Broadband Command Interface Drivers (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sembcard.sys -> [2008/02/06 15:14:52 | 000,337,408 | ---- | M] (MCCI Corporation)
(sembbus) SEMC WMC Composite Device driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sembbus.sys -> [2008/02/06 15:14:44 | 000,260,992 | ---- | M] (MCCI Corporation)
(btwavdt) Bluetooth AVDT [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\btwavdt.sys -> [2008/02/01 05:41:58 | 000,080,936 | ---- | M] (Broadcom Corporation.)
(btwaudio) Dispositivo de áudio Bluetooth [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\btwaudio.sys -> [2008/02/01 05:41:58 | 000,080,424 | ---- | M] (Broadcom Corporation.)
(btwrchid) btwrchid [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\btwrchid.sys -> [2008/02/01 05:41:58 | 000,016,168 | ---- | M] (Broadcom Corporation.)
(enecir) ENE CIR Receiver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\enecir.sys -> [2008/01/23 18:23:12 | 000,052,736 | ---- | M] (ENE TECHNOLOGY INC.)
(MegaSR) MegaSR [Kernel | Boot | Running] -> C:\Windows\system32\drivers\megasr.sys -> [2008/01/20 23:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.)
(adpu320) adpu320 [Kernel | Boot | Running] -> C:\Windows\system32\drivers\adpu320.sys -> [2008/01/20 23:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.)
(megasas) megasas [Kernel | Boot | Running] -> C:\Windows\system32\drivers\megasas.sys -> [2008/01/20 23:23:27 | 000,031,288 | ---- | M] (LSI Corporation)
(adpu160m) adpu160m [Kernel | Boot | Running] -> C:\Windows\system32\drivers\adpu160m.sys -> [2008/01/20 23:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.)
(SiSRaid4) SiSRaid4 [Kernel | Boot | Running] -> C:\Windows\system32\drivers\sisraid4.sys -> [2008/01/20 23:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems)
(HpCISSs) HpCISSs [Kernel | Boot | Running] -> C:\Windows\system32\drivers\hpcisss.sys -> [2008/01/20 23:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company)
(adpahci) adpahci [Kernel | Boot | Running] -> C:\Windows\system32\drivers\adpahci.sys -> [2008/01/20 23:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.)
(LSI_SAS) LSI_SAS [Kernel | Boot | Running] -> C:\Windows\system32\drivers\lsi_sas.sys -> [2008/01/20 23:23:25 | 000,089,656 | ---- | M] (LSI Logic)
(ql2300) QLogic Fibre Channel Miniport Driver [Kernel | Boot | Running] -> C:\Windows\system32\drivers\ql2300.sys -> [2008/01/20 23:23:24 | 001,122,360 | ---- | M] (QLogic Corporation)
(E1G60) Intel(R) PRO/1000 NDIS 6 Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\E1G60I32.sys -> [2008/01/20 23:23:24 | 000,118,784 | ---- | M] (Intel Corporation)
(arcsas) arcsas [Kernel | Boot | Running] -> C:\Windows\system32\drivers\arcsas.sys -> [2008/01/20 23:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.)
(winachsf) winachsf [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\VSTCNXT3.SYS -> [2008/01/20 23:23:23 | 000,654,336 | ---- | M] (Conexant Systems, Inc.)
(iaStorV) Intel RAID Controller Vista [Kernel | Boot | Running] -> C:\Windows\system32\drivers\iastorv.sys -> [2008/01/20 23:23:23 | 000,235,064 | ---- | M] (Intel Corporation)
(vsmraid) vsmraid [Kernel | Boot | Running] -> C:\Windows\system32\drivers\vsmraid.sys -> [2008/01/20 23:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd)
(ulsata2) ulsata2 [Kernel | Boot | Running] -> C:\Windows\system32\drivers\ulsata2.sys -> [2008/01/20 23:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.)
(LSI_SCSI) LSI_SCSI [Kernel | Boot | Running] -> C:\Windows\system32\drivers\lsi_scsi.sys -> [2008/01/20 23:23:23 | 000,096,312 | ---- | M] (LSI Logic)
(LSI_FC) LSI_FC [Kernel | Boot | Running] -> C:\Windows\system32\drivers\lsi_fc.sys -> [2008/01/20 23:23:23 | 000,096,312 | ---- | M] (LSI Logic)
(arc) arc [Kernel | Boot | Running] -> C:\Windows\system32\drivers\arc.sys -> [2008/01/20 23:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.)
(HSF_DPV) HSF_DPV [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\VSTDPV3.SYS -> [2008/01/20 23:23:22 | 000,987,648 | ---- | M] (Conexant Systems, Inc.)
(elxstor) elxstor [Kernel | Boot | Running] -> C:\Windows\system32\drivers\elxstor.sys -> [2008/01/20 23:23:22 | 000,342,584 | ---- | M] (Emulex)
(HSFHWAZL) HSFHWAZL [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\VSTAZL3.SYS -> [2008/01/20 23:23:22 | 000,200,704 | ---- | M] (Conexant Systems, Inc.)
(adp94xx) adp94xx [Kernel | Boot | Running] -> C:\Windows\system32\drivers\adp94xx.sys -> [2008/01/20 23:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.)
(nvraid) NVIDIA nForce RAID Driver    [Kernel | Boot | Running] -> C:\Windows\system32\drivers\nvraid.sys -> [2008/01/20 23:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation)
(nvstor) nvstor [Kernel | Boot | Running] -> C:\Windows\system32\drivers\nvstor.sys -> [2008/01/20 23:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation)
(uliahci) uliahci [Kernel | Boot | Running] -> C:\Windows\system32\drivers\uliahci.sys -> [2008/01/20 23:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.)
(viaide) viaide [Kernel | Boot | Running] -> C:\Windows\system32\drivers\viaide.sys -> [2008/01/20 23:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.)
(cmdide) cmdide [Kernel | Boot | Running] -> C:\Windows\system32\drivers\cmdide.sys -> [2008/01/20 23:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.)
(aliide) aliide [Kernel | Boot | Running] -> C:\Windows\system32\drivers\aliide.sys -> [2008/01/20 23:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.)
(Amddfltr) Amd Disk Lower Filter Driver [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\Amddfltr.sys -> [2008/01/07 17:42:04 | 000,015,416 | ---- | M] (Advanced Micro Devices)
(Sony_EricssonWWSC) Sony Ericsson SIM Card Reader [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\sesc.sys -> [2007/08/14 09:15:18 | 000,012,672 | ---- | M] (Sony Ericsson)
(HpqKbFiltr) HpqKbFilter Driver [Kernel | On_Demand | Running] -> C:\Windows\System32\drivers\HpqKbFiltr.sys -> [2007/06/18 17:12:04 | 000,016,768 | ---- | M] (Hewlett-Packard Development Company, L.P.)
(ql40xx) QLogic iSCSI Miniport Driver [Kernel | Boot | Running] -> C:\Windows\system32\drivers\ql40xx.sys -> [2006/11/02 06:50:35 | 000,106,088 | ---- | M] (QLogic Corporation)
(UlSata) UlSata [Kernel | Boot | Running] -> C:\Windows\system32\drivers\ulsata.sys -> [2006/11/02 06:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.)
(nfrd960) nfrd960 [Kernel | Boot | Running] -> C:\Windows\system32\drivers\nfrd960.sys -> [2006/11/02 06:50:19 | 000,045,160 | ---- | M] (IBM Corporation)
(iirsp) iirsp [Kernel | Boot | Running] -> C:\Windows\system32\drivers\iirsp.sys -> [2006/11/02 06:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH)
(aic78xx) aic78xx [Kernel | Boot | Running] -> C:\Windows\system32\drivers\djsvs.sys -> [2006/11/02 06:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.)
(iteraid) ITERAID_Service_Install [Kernel | Boot | Running] -> C:\Windows\system32\drivers\iteraid.sys -> [2006/11/02 06:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(iteatapi) ITEATAPI_Service_Install [Kernel | Boot | Running] -> C:\Windows\system32\drivers\iteatapi.sys -> [2006/11/02 06:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.)
(Symc8xx) Symc8xx [Kernel | Boot | Running] -> C:\Windows\system32\drivers\symc8xx.sys -> [2006/11/02 06:50:05 | 000,035,944 | ---- | M] (LSI Logic)
(Sym_u3) Sym_u3 [Kernel | Boot | Running] -> C:\Windows\system32\drivers\sym_u3.sys -> [2006/11/02 06:50:03 | 000,034,920 | ---- | M] (LSI Logic)
(Mraid35x) Mraid35x [Kernel | Boot | Running] -> C:\Windows\system32\drivers\mraid35x.sys -> [2006/11/02 06:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation)
(Sym_hi) Sym_hi [Kernel | Boot | Running] -> C:\Windows\system32\drivers\sym_hi.sys -> [2006/11/02 06:49:56 | 000,031,848 | ---- | M] (LSI Logic)
(Brserid) Brother MFC Serial Port Interface Driver (WDM) [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brserid.sys -> [2006/11/02 05:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.)
(BrUsbSer) Brother MFC USB Serial WDM Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brusbser.sys -> [2006/11/02 05:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.)
(BrFiltUp) Brother USB Mass-Storage Upper Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltup.sys -> [2006/11/02 05:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.)
(BrFiltLo) Brother USB Mass-Storage Lower Filter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brfiltlo.sys -> [2006/11/02 05:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.)
(BrSerWdm) Brother WDM Serial driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brserwdm.sys -> [2006/11/02 05:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.)
(BrUsbMdm) Brother MFC USB Fax Only Modem [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\brusbmdm.sys -> [2006/11/02 05:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.)
(ntrigdigi) N-trig HID Tablet Driver [Kernel | On_Demand | Stopped] -> C:\Windows\system32\drivers\ntrigdigi.sys -> [2006/11/02 04:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies)
(NVENETFD) NVIDIA nForce Networking Controller Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\nvm60x32.sys -> [2006/11/02 04:30:56 | 000,429,056 | ---- | M] (NVIDIA Corporation)
(BCM43XV) Broadcom Extensible 802.11 Network Adapter Driver [Kernel | On_Demand | Stopped] -> C:\Windows\System32\drivers\BCMWL6.SYS -> [2006/11/02 04:30:53 | 000,464,384 | ---- | M] (Broadcom Corporation)
(AtiPcie) ATI PCI Express (3GIO) Filter [Kernel | Boot | Running] -> C:\Windows\system32\DRIVERS\AtiPcie.sys -> [2006/10/29 17:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.)

[Registry - Safe List]
< Internet Explorer Settings [HKEY_LOCAL_MACHINE\] > -> -> 
HKEY_LOCAL_MACHINE\: Main\\"Start Page" -> http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_br&c=83&bd=Pavilion&pf=cnnb -> 
< Internet Explorer Settings [HKEY_USERS\.DEFAULT\] > -> -> 
HKEY_USERS\.DEFAULT\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-18\] > -> -> 
HKEY_USERS\S-1-5-18\: "ProxyEnable" -> 0 -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-19\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-20\] > -> -> 
< Internet Explorer Settings [HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\] > -> -> 
HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\: Main\\"Start Page" -> http://www.orkut.com.br/Main#Application?uid=17360339365536149156&appId=999787414856&rl=ls -> 
HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\: Main\\"StartPageCache" -> 2 -> 
HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\: URLSearchHooks\\"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}" [HKLM] -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor Toolbar] -> [2011/01/04 19:23:34 | 000,251,416 | ---- | M] (McAfee, Inc.)
HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\: "ProxyEnable" -> 0 -> 
< FireFox Settings [Prefs.js] > -> C:\Users\Mário Monteiro\AppData\Roaming\Mozilla\FireFox\Profiles\ldnkfl42.default\prefs.js -> 
browser.search.useDBForOrder -> true ->
browser.startup.homepage -> "about:blank" ->
extensions.enabledItems -> bitlypreview@jay.ridgeway:1.272 ->
extensions.enabledItems -> {87F8774F-B485-47E2-A755-A40A8A5E886C}:1.0.16.6 ->
extensions.enabledItems -> ShortenURL@loucypher:0.3.6 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 ->
extensions.enabledItems -> {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 ->
extensions.enabledItems -> twitternotifier@naan.net:1.9.7.3 ->
extensions.enabledItems -> pt-BR@dellalibera.sf.net:1.6 ->
< FireFox Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla
HKLM\software\mozilla\Firefox\Extensions ->  -> 
HKLM\software\mozilla\Firefox\Extensions\\{B7082FAA-CB62-4872-9106-E42DD88EDE45} -> C:\Program Files\McAfee\SiteAdvisor [C:\PROGRAM FILES\MCAFEE\SITEADVISOR] -> [2011/01/16 05:38:26 | 000,000,000 | ---D | M]
HKLM\software\mozilla\Mozilla Firefox 4.0b10\extensions ->  -> 
HKLM\software\mozilla\Mozilla Firefox 4.0b10\extensions\\Components -> C:\Program Files\Mozilla Firefox 4.0 Beta 7\components [C:\PROGRAM FILES\MOZILLA FIREFOX 4.0 BETA 7\COMPONENTS] -> [2011/01/26 13:03:59 | 000,000,000 | ---D | M]
< FireFox Extensions [user Folders] > -> 
 -> C:\Users\Mário Monteiro\AppData\Roaming\mozilla\Extensions -> [2008/11/14 14:27:58 | 000,000,000 | ---D | M]
 -> C:\Users\Mário Monteiro\AppData\Roaming\mozilla\Firefox\Profiles\ldnkfl42.default\extensions -> [2011/01/26 13:04:15 | 000,000,000 | ---D | M]
WebMail Notifier   -> C:\Users\Mário Monteiro\AppData\Roaming\mozilla\Firefox\Profiles\ldnkfl42.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}(114) -> [2010/06/08 20:47:53 | 000,000,000 | ---D | M]
WebMail Notifier   -> C:\Users\Mário Monteiro\AppData\Roaming\mozilla\Firefox\Profiles\ldnkfl42.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}(56) -> [2009/12/30 06:02:42 | 000,000,000 | ---D | M]
WebMail Notifier   -> C:\Users\Mário Monteiro\AppData\Roaming\mozilla\Firefox\Profiles\ldnkfl42.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}(68) -> [2009/12/04 06:26:53 | 000,000,000 | ---D | M]
WebMail Notifier   -> C:\Users\Mário Monteiro\AppData\Roaming\mozilla\Firefox\Profiles\ldnkfl42.default\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}(99) -> [2010/05/07 00:01:33 | 000,000,000 | ---D | M]
NoScript   -> C:\Users\Mário Monteiro\AppData\Roaming\mozilla\Firefox\Profiles\ldnkfl42.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}(100) -> [2010/05/07 00:01:33 | 000,000,000 | ---D | M]
"Módulo de Segurança - Banco do Brasil"   -> C:\Users\Mário Monteiro\AppData\Roaming\mozilla\Firefox\Profiles\ldnkfl42.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C} -> [2011/01/06 19:34:57 | 000,000,000 | ---D | M]
UntinyFox   -> C:\Users\Mário Monteiro\AppData\Roaming\mozilla\Firefox\Profiles\ldnkfl42.default\extensions\{e08e1b95-040c-462d-83b3-be286dad7e36} -> [2011/01/04 17:50:40 | 000,000,000 | ---D | M]
 -> C:\Users\Mário Monteiro\AppData\Roaming\mozilla\Firefox\Profiles\ldnkfl42.default\extensions\bitlypreview@jay.ridgeway -> [2011/01/04 17:50:40 | 000,000,000 | ---D | M]
 -> C:\Users\Mário Monteiro\AppData\Roaming\mozilla\Firefox\Profiles\ldnkfl42.default\extensions\pt-BR@dellalibera.sf.net -> [2011/01/04 17:50:40 | 000,000,000 | ---D | M]
 -> C:\Users\Mário Monteiro\AppData\Roaming\mozilla\Firefox\Profiles\ldnkfl42.default\extensions\ShortenURL@loucypher -> [2011/01/04 17:50:40 | 000,000,000 | ---D | M]
 -> C:\Users\Mário Monteiro\AppData\Roaming\mozilla\Firefox\Profiles\ldnkfl42.default\extensions\twitternotifier@naan(39).net -> [2010/01/21 20:48:47 | 000,000,000 | ---D | M]
 -> C:\Users\Mário Monteiro\AppData\Roaming\mozilla\Firefox\Profiles\ldnkfl42.default\extensions\twitternotifier@naan(89).net -> [2010/04/22 06:33:53 | 000,000,000 | ---D | M]
 -> C:\Users\Mário Monteiro\AppData\Roaming\mozilla\Firefox\Profiles\ldnkfl42.default\extensions\twitternotifier@naan.net -> [2011/01/04 17:50:40 | 000,000,000 | ---D | M]
< FireFox SearchPlugins [user Folders] > -> 
wikipedia-pt-1.xml -> C:\Users\Mário Monteiro\AppData\Roaming\Mozilla\FireFox\Profiles\ldnkfl42.default\searchplugins\wikipedia-pt-1.xml -> [2009/11/20 08:19:10 | 000,001,340 | ---- | M] ()
< FireFox Extensions [Program Folders] > -> 
 -> C:\Program Files\Mozilla Firefox\extensions -> [2010/12/20 22:40:20 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} -> [2010/07/14 17:19:01 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} -> [2010/09/09 09:55:32 | 000,000,000 | ---D | M]
Java Console   -> C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} -> [2010/11/05 13:32:55 | 000,000,000 | ---D | M]
No name found ->  -> File not found
Java Console -> C:\PROGRAM FILES\MOZILLA FIREFOX 4.0 BETA 7\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} -> [2011/01/06 09:26:53 | 000,000,000 | ---D | M]
No name found -> C:\USERS\MÃ¡RIO MONTEIRO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LDNKFL42.DEFAULT\EXTENSIONS\{37FA1426-B82D-11DB-8314-0800200C9A66}.XPI -> File not found
No name found -> C:\USERS\MÃ¡RIO MONTEIRO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LDNKFL42.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI -> File not found
No name found -> C:\USERS\MÃ¡RIO MONTEIRO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LDNKFL42.DEFAULT\EXTENSIONS\PT-BR@DELLALIBERA.SF.NET -> File not found
No name found -> C:\USERS\MÃ¡RIO MONTEIRO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LDNKFL42.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI -> File not found
No name found -> C:\USERS\MÃ¡RIO MONTEIRO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LDNKFL42.DEFAULT\EXTENSIONS\TWITTERNOTIFIER@NAAN.NET -> File not found
Microsoft .NET Framework Assistant -> C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION -> [2009/07/04 08:12:49 | 000,000,000 | ---D | M]
< HOSTS File > ([2011/01/08 09:34:26 | 000,371,251 | ---- | M] - 12849 lines) -> C:\Windows\System32\drivers\etc\hosts -> 
First 25 entries...
Reset Hosts
127.0.0.1       localhost
127.0.0.1	007guard.com
127.0.0.1	www.007guard.com
127.0.0.1	008i.com
127.0.0.1	008k.com
127.0.0.1	www.008k.com
127.0.0.1	00hq.com
127.0.0.1	www.00hq.com
127.0.0.1	010402.com
127.0.0.1	032439.com
127.0.0.1	www.032439.com
127.0.0.1	0scan.com
127.0.0.1	www.0scan.com
127.0.0.1	1-2005-search.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-domains-registrations.com
127.0.0.1	www.1-domains-registrations.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	100sexlinks.com
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ -> 
{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [spybot-S&D IE Protection] -> [2008/09/15 13:25:44 | 001,562,960 | RHS- | M] (Safer Networking Limited)
{B164E929-A1B6-4A06-B104-2CD0E90A88FF} [HKLM] -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor BHO] -> [2011/01/04 19:23:34 | 000,251,416 | ---- | M] (McAfee, Inc.)
{C41A1C0E-EA6C-11D4-B1B8-444553540000} [HKLM] -> C:\Program Files\GbPlugin\gbieh.dll [GbIehObj Class] -> [2010/12/28 10:42:04 | 000,351,624 | ---- | M] (Banco do Brasil)
< Internet Explorer ToolBars [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar -> 
"{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}" [HKLM] -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [McAfee SiteAdvisor Toolbar] -> [2011/01/04 19:23:34 | 000,251,416 | ---- | M] (McAfee, Inc.)
< Run [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"avgnt" -> C:\Program Files\Avira\AntiVir Desktop\avgnt.exe ["C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min] -> [2010/11/03 07:09:56 | 000,281,768 | ---- | M] (Avira GmbH)
"COMODO Firewall Pro" -> C:\Program Files\Comodo\Firewall\cfp.exe ["C:\Program Files\Comodo\Firewall\cfp.exe" -h] -> [2008/12/30 08:34:36 | 001,797,880 | ---- | M] ()
"DpAgent" -> C:\Program Files\DigitalPersona\Bin\DpAgent.exe [C:\Program Files\DigitalPersona\Bin\dpagent.exe] -> [2008/03/12 19:24:52 | 000,699,456 | ---- | M] (DigitalPersona, Inc.)
"StartCCC" -> C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ["C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"] -> [2008/01/21 12:17:18 | 000,061,440 | ---- | M] (Advanced Micro Devices, Inc.)
"SysTrayApp" -> C:\Program Files\IDT\WDM\sttray.exe [%ProgramFiles%\IDT\WDM\sttray.exe] -> [2008/06/27 19:42:08 | 000,442,467 | ---- | M] (IDT, Inc.)
"UCam_Menu" -> C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe ["C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"] -> [2008/06/13 18:11:32 | 000,210,216 | ---- | M] (CyberLink Corp.)
< RunOnce [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce -> 
"" ->  [] -> File not found
< Run [HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\] > -> HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run -> 
"" ->  [] -> File not found
< Software Policy Settings [HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000] > -> HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\SOFTWARE\Policies\Microsoft\Internet Explorer -> 
< CurrentVersion Policy Settings - Explorer [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveAutoRun" ->  [3] -> File not found
\\"NoDriveTypeAutoRun" ->  [0] -> File not found
< CurrentVersion Policy Settings - System [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
< CurrentVersion Policy Settings [HKEY_USERS\.DEFAULT] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-18] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000] > -> HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer -> 
HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer
\\"NoDriveAutoRun" ->  [3] -> File not found
\\"NoDriveTypeAutoRun" ->  [0] -> File not found
< CurrentVersion Policy Settings [HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000] > -> HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System -> 
< Internet Explorer Menu Extensions [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\MenuExt\ -> 
E&xportar para o Microsoft Excel -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\MenuExt\ -> 
E&xportar para o Microsoft Excel -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
< Internet Explorer Menu Extensions [HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\] > -> HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\Software\Microsoft\Internet Explorer\MenuExt\ -> 
E&xportar para o Microsoft Excel -> Reg Error: Value error. [Reg Error: Value error.] -> File not found
Enviar imagem para Dispositivo &Bluetooth... -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] -> [2007/01/23 11:57:50 | 000,001,199 | ---- | M] ()
Enviar página para Dispositivo &Bluetooth ... -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm] -> [2007/01/23 11:57:52 | 000,002,758 | ---- | M] ()
< Internet Explorer Extensions [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\ -> 
{CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [button: @btrez.dll,-4015] -> [2007/01/23 11:57:52 | 000,002,758 | ---- | M] ()
{CCA281CA-C863-46ef-9331-5C8D4460577F}:C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [HKLM] -> C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm [Menu: @btrez.dll,-12650] -> [2007/01/23 11:57:52 | 000,002,758 | ---- | M] ()
{DFB852A3-47F8-48C4-A200-58CAB36FD2A2}:{53707962-6F74-2D53-2644-206D7942484F} [HKLM] -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [Menu: Spybot - Search & Destroy Configuration] -> [2008/09/15 13:25:44 | 001,562,960 | RHS- | M] (Safer Networking Limited)
< Internet Explorer Extensions [HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\] > -> HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\Software\Microsoft\Internet Explorer\Extensions\ -> 
CmdMapping\\"{CCA281CA-C863-46ef-9331-5C8D4460577F}" [HKLM] ->  [@btrez.dll,-4015] -> File not found
< Default Prefix > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix
"" -> http://
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6628 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6332 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\.DEFAULT\] > -> HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6332 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-18\] > -> HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5071 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-19\] > -> HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 5261 domain(s) found. -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-20\] > -> HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Trusted Sites Domains [HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\] > -> HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> 
HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6433 domain(s) found. -> 
www_bancobrasil.com.br [*] -> Sites confiáveis -> 
www14_bancobrasil.com.br [*] -> Sites confiáveis -> 
www2_bancobrasil.com.br [*] -> Sites confiáveis -> 
www_bb.com.br [*] -> Sites confiáveis -> 
www2_infoseg.gov.br [https] -> Sites confiáveis -> 
< Trusted Sites Ranges [HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\] > -> HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> 
HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found. -> 
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\ -> 
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [HKLM] -> http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab [Java Plug-in 1.6.0_23] -> 
< Winlogon settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 03:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Winlogon settings [HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000] > -> HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon -> 
*Shell* -> HKEY_USERS\S-1-5-21-1330734708-2192215675-4224272535-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell -> 
Explorer.exe -> C:\Windows\explorer.exe -> [2009/04/11 03:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation)
*MultiFile Done* -> -> 
< Winlogon\Notify settings [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ -> 
GbPluginBb -> C:\Program Files\GbPlugin\gbieh.dll -> [2010/12/28 10:42:04 | 000,351,624 | ---- | M] (Banco do Brasil)
< ShellExecuteHooks [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks -> 
"{E37CB5F0-51F5-4395-A808-5FA49E399F83}" [HKLM] -> C:\Program Files\GbPlugin\gbieh.dll [GbPlugin ShlObj] -> [2010/12/28 10:42:04 | 000,351,624 | ---- | M] (Banco do Brasil)
< Standard Profile Authorized Applications List > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List -> 
< SafeBoot AlternateShell [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot -> 
< CDROM Autorun Setting [HKEY_LOCAL_MACHINE]> -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom ->
"AutoRun" -> 1 -> 
"DisplayName" -> Driver de CD-ROM -> 
"ImagePath" ->  [system32\DRIVERS\cdrom.sys] -> File not found
< Drives with AutoRun files > ->  -> 
C:\autoexec.bat [REM Dummy file for NTVDMPATH=%PATH%;C:\PROGRA~1\COMMON~1\MUVEET~1\030625 | ] -> C:\autoexec.bat [ NTFS ] -> [2008/09/12 19:10:28 | 000,000,074 | ---- | M] ()
C:\Autorun.inf [] -> C:\Autorun.inf [ NTFS ] -> [2011/01/26 10:45:45 | 000,000,000 | ---D | M]
D:\Autorun.inf [] -> D:\Autorun.inf [ NTFS ] -> [2011/01/26 10:45:51 | 000,000,000 | ---D | M]
< MountPoints2 [HKEY_CURRENT_USER] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2 -> 
\{169ab6aa-0397-11de-9917-a4e28f6621d9}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{169ab6aa-0397-11de-9917-a4e28f6621d9}\shell
\{169ab6aa-0397-11de-9917-a4e28f6621d9}\shell\\"" ->  [AutoRun] -> File not found
\{76dac045-098a-11de-aa64-d4e544e6b943}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{76dac045-098a-11de-aa64-d4e544e6b943}\shell
\{76dac045-098a-11de-aa64-d4e544e6b943}\shell\\"" ->  [AutoRun] -> File not found
\{89f8e160-bd68-11dd-a08c-0021866b5780}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{89f8e160-bd68-11dd-a08c-0021866b5780}\shell
\{89f8e160-bd68-11dd-a08c-0021866b5780}\shell\\"" ->  [AutoRun] -> File not found
\{a3fb6a43-bc65-11dd-873f-0021866b5780}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{a3fb6a43-bc65-11dd-873f-0021866b5780}\shell
\{a3fb6a43-bc65-11dd-873f-0021866b5780}\shell\\"" ->  [AutoRun] -> File not found
\{bb505e99-052b-11de-85bb-b0686db75fd9}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bb505e99-052b-11de-85bb-b0686db75fd9}\shell
\{bb505e99-052b-11de-85bb-b0686db75fd9}\shell\\"" ->  [AutoRun] -> File not found
\{cb4337a4-0588-11de-95da-e598bc7673b9}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb4337a4-0588-11de-95da-e598bc7673b9}\shell
\{cb4337a4-0588-11de-95da-e598bc7673b9}\shell\\"" ->  [AutoRun] -> File not found
\{cb433835-0588-11de-95da-e598bc7673b9}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cb433835-0588-11de-95da-e598bc7673b9}\shell
\{cb433835-0588-11de-95da-e598bc7673b9}\shell\\"" ->  [AutoRun] -> File not found
\{d443e61f-0d5d-11de-b089-e9e03e2b193a}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d443e61f-0d5d-11de-b089-e9e03e2b193a}\shell
\{d443e61f-0d5d-11de-b089-e9e03e2b193a}\shell\\"" ->  [AutoRun] -> File not found
\{dc2fb7ff-0398-11de-8941-ace55707e6d2}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc2fb7ff-0398-11de-8941-ace55707e6d2}\shell
\{dc2fb7ff-0398-11de-8941-ace55707e6d2}\shell\\"" ->  [AutoRun] -> File not found
\{ef733f67-bc88-11dd-af7a-806e6f6e6963}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ef733f67-bc88-11dd-af7a-806e6f6e6963}\shell
\{ef733f67-bc88-11dd-af7a-806e6f6e6963}\shell\\"" ->  [AutoRun] -> File not found
\{f3bc5243-04c3-11de-a614-bb087638b3d2}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3bc5243-04c3-11de-a614-bb087638b3d2}\shell
\{f3bc5243-04c3-11de-a614-bb087638b3d2}\shell\\"" ->  [AutoRun] -> File not found
\{f3bc525f-04c3-11de-a614-bb087638b3d2}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3bc525f-04c3-11de-a614-bb087638b3d2}\shell
\{f3bc525f-04c3-11de-a614-bb087638b3d2}\shell\\"" ->  [AutoRun] -> File not found
\{f3bc526d-04c3-11de-a614-bb087638b3d2}
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f3bc526d-04c3-11de-a614-bb087638b3d2}\shell
\{f3bc526d-04c3-11de-a614-bb087638b3d2}\shell\\"" ->  [AutoRun] -> File not found
< Registry Shell Spawning - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command -> 
comfile [open] -> "%1" %* -> 
exefile [open] -> "%1" %* -> 
< File Associations - Select to Repair > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\ -> 
.com [@ = ComFile] -> "%1" %* -> 
.exe [@ = exefile] -> "%1" %* -> 


[Files/Folders - Created Within 30 Days]
OTS.exe -> C:\Users\Mário Monteiro\Desktop\OTS.exe -> [2011/01/28 10:40:19 | 000,642,560 | ---- | C] (OldTimer Tools)
UsbFix -> C:\UsbFix -> [2011/01/28 10:01:05 | 000,000,000 | ---D | C]
Marcos Velasco Security -> C:\ProgramData\Microsoft\Windows\Start Menu\Programas\Marcos Velasco Security -> [2011/01/27 11:54:02 | 000,000,000 | ---D | C]
Marcos Velasco Security -> C:\Program Files\Marcos Velasco Security -> [2011/01/27 11:54:01 | 000,000,000 | ---D | C]
Autorun.inf -> C:\Autorun.inf -> [2011/01/26 10:45:45 | 000,000,000 | ---D | C]
T55 -> C:\Program Files\T55 -> [2011/01/26 10:35:45 | 000,000,000 | ---D | C]
T55 -> C:\Users\Mário Monteiro\AppData\Roaming\T55 -> [2011/01/26 10:34:25 | 000,000,000 | ---D | C]
ISDBT_Assist_Driver -> C:\Program Files\ISDBT_Assist_Driver -> [2011/01/24 18:07:04 | 000,000,000 | ---D | C]
InstallInfo -> C:\Program Files\InstallInfo -> [2011/01/24 18:05:56 | 000,000,000 | ---D | C]
smsbda.sys -> C:\Windows\System32\drivers\smsbda.sys -> [2011/01/24 18:05:45 | 000,052,128 | ---- | C] (Siano)
ZTEusbser6k.sys -> C:\Windows\System32\drivers\ZTEusbser6k.sys -> [2011/01/24 18:05:37 | 000,105,216 | ---- | C] (ZTE Incorporated)
ZTEusbnmea.sys -> C:\Windows\System32\drivers\ZTEusbnmea.sys -> [2011/01/24 18:05:37 | 000,105,216 | ---- | C] (ZTE Incorporated)
ZTEusbmdm6k.sys -> C:\Windows\System32\drivers\ZTEusbmdm6k.sys -> [2011/01/24 18:05:37 | 000,105,216 | ---- | C] (ZTE Incorporated)
ZTEusbdvbh.sys -> C:\Windows\System32\drivers\ZTEusbdvbh.sys -> [2011/01/24 18:05:37 | 000,105,216 | ---- | C] (ZTE Incorporated)
VIVO Internet e TV Digital -> C:\Program Files\VIVO Internet e TV Digital -> [2011/01/24 18:05:33 | 000,000,000 | ---D | C]
VIVO Internet e TV Digital -> C:\ProgramData\Microsoft\Windows\Start Menu\Programas\VIVO Internet e TV Digital -> [2011/01/24 18:05:32 | 000,000,000 | ---D | C]
OI -> C:\Users\Mário Monteiro\Documents\OI -> [2011/01/24 17:57:28 | 000,000,000 | ---D | C]
PDFRider -> C:\Program Files\PDFRider -> [2011/01/22 13:05:35 | 000,000,000 | ---D | C]
HPMo2521.sys -> C:\Windows\System32\drivers\HPMo2521.sys -> [2011/01/19 19:10:15 | 000,020,480 | ---- | C] (TPMX Electronics Ltd.)
HPub2521.sys -> C:\Windows\System32\drivers\HPub2521.sys -> [2011/01/19 19:10:15 | 000,013,824 | ---- | C] (TPMX Electronics Ltd.)
Application Data -> C:\Users\Mário Monteiro\Application Data -> [2011/01/08 08:19:49 | 000,000,000 | ---D | C]
ESET -> C:\Program Files\ESET -> [2011/01/04 10:50:35 | 000,000,000 | ---D | C]
32788R22FWJFW -> C:\32788R22FWJFW -> [2011/01/04 08:58:51 | 000,000,000 | ---D | C]
CCleaner -> C:\ProgramData\Microsoft\Windows\Start Menu\Programas\CCleaner -> [2011/01/03 14:36:27 | 000,000,000 | ---D | C]
53 C:\Users\Mário Monteiro\Desktop\*.tmp files -> C:\Users\Mário Monteiro\Desktop\*.tmp -> 

[Files/Folders - Modified Within 30 Days]
User_Feed_Synchronization-{FE44F8E1-18AF-43EE-BB19-89F7E3DBB9D0}.job -> C:\Windows\tasks\User_Feed_Synchronization-{FE44F8E1-18AF-43EE-BB19-89F7E3DBB9D0}.job -> [2011/01/28 10:55:29 | 000,000,436 | -H-- | M] ()
ntuser.dat -> C:\Users\Mário Monteiro\ntuser.dat -> [2011/01/28 10:53:13 | 006,553,600 | -HS- | M] ()
GoogleUpdateTaskUserS-1-5-21-1330734708-2192215675-4224272535-1000UA.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1330734708-2192215675-4224272535-1000UA.job -> [2011/01/28 10:53:04 | 000,001,090 | ---- | M] ()
OTS.exe -> C:\Users\Mário Monteiro\Desktop\OTS.exe -> [2011/01/28 10:36:44 | 000,642,560 | ---- | M] (OldTimer Tools)
COLHEITA FELIZ.xls -> C:\Users\Mário Monteiro\Documents\COLHEITA FELIZ.xls -> [2011/01/28 10:28:35 | 000,040,448 | ---- | M] ()
GoogleUpdateTaskMachineUA.job -> C:\Windows\tasks\GoogleUpdateTaskMachineUA.job -> [2011/01/28 10:20:07 | 000,001,048 | ---- | M] ()
PerfStringBackup.INI -> C:\Windows\System32\PerfStringBackup.INI -> [2011/01/28 10:07:25 | 001,664,822 | ---- | M] ()
prfh0416.dat -> C:\Windows\System32\prfh0416.dat -> [2011/01/28 10:07:25 | 000,717,362 | ---- | M] ()
perfh009.dat -> C:\Windows\System32\perfh009.dat -> [2011/01/28 10:07:25 | 000,663,588 | ---- | M] ()
prfc0416.dat -> C:\Windows\System32\prfc0416.dat -> [2011/01/28 10:07:25 | 000,151,052 | ---- | M] ()
perfc009.dat -> C:\Windows\System32\perfc009.dat -> [2011/01/28 10:07:25 | 000,127,282 | ---- | M] ()
GoogleUpdateTaskUserS-1-5-21-1330734708-2192215675-4224272535-1000Core.job -> C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1330734708-2192215675-4224272535-1000Core.job -> [2011/01/28 10:00:08 | 000,001,038 | ---- | M] ()
GoogleUpdateTaskMachineCore.job -> C:\Windows\tasks\GoogleUpdateTaskMachineCore.job -> [2011/01/28 09:20:01 | 000,001,044 | ---- | M] ()
Ad-Aware Update (Weekly).job -> C:\Windows\tasks\Ad-Aware Update (Weekly).job -> [2011/01/28 09:06:47 | 000,000,370 | ---- | M] ()
Ad-Aware Update (Daily 4).job -> C:\Windows\tasks\Ad-Aware Update (Daily 4).job -> [2011/01/28 09:06:46 | 000,000,370 | ---- | M] ()
Ad-Aware Update (Daily 3).job -> C:\Windows\tasks\Ad-Aware Update (Daily 3).job -> [2011/01/28 09:06:45 | 000,000,370 | ---- | M] ()
Ad-Aware Update (Daily 2).job -> C:\Windows\tasks\Ad-Aware Update (Daily 2).job -> [2011/01/28 09:06:43 | 000,000,370 | ---- | M] ()
Ad-Aware Update (Daily 1).job -> C:\Windows\tasks\Ad-Aware Update (Daily 1).job -> [2011/01/28 09:06:42 | 000,000,370 | ---- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 -> [2011/01/28 09:03:15 | 000,003,344 | -H-- | M] ()
7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 -> [2011/01/28 09:03:15 | 000,003,344 | -H-- | M] ()
SA.DAT -> C:\Windows\tasks\SA.DAT -> [2011/01/28 09:03:07 | 000,000,006 | -H-- | M] ()
FNTCACHE.DAT -> C:\Windows\System32\FNTCACHE.DAT -> [2011/01/28 09:03:02 | 000,314,816 | ---- | M] ()
bootstat.dat -> C:\Windows\bootstat.dat -> [2011/01/28 09:02:40 | 000,067,584 | --S- | M] ()
bthservsdp.dat -> C:\Windows\bthservsdp.dat -> [2011/01/27 19:53:47 | 000,002,938 | ---- | M] ()
ntuser.dat{76b48554-68b9-11df-9189-d4e2627abba1}.TMContainer00000000000000000001.regtrans-ms -> C:\Users\Mário Monteiro\ntuser.dat{76b48554-68b9-11df-9189-d4e2627abba1}.TMContainer00000000000000000001.regtrans-ms -> [2011/01/27 19:53:14 | 000,524,288 | -HS- | M] ()
ntuser.dat{76b48554-68b9-11df-9189-d4e2627abba1}.TM.blf -> C:\Users\Mário Monteiro\ntuser.dat{76b48554-68b9-11df-9189-d4e2627abba1}.TM.blf -> [2011/01/27 19:53:14 | 000,065,536 | -HS- | M] ()
IconCache.db -> C:\Users\Mário Monteiro\AppData\Local\IconCache.db -> [2011/01/27 19:52:57 | 002,677,262 | -H-- | M] ()
GDIPFONTCACHEV1.DAT -> C:\Users\Mário Monteiro\AppData\Local\GDIPFONTCACHEV1.DAT -> [2011/01/27 11:06:29 | 000,076,928 | ---- | M] ()
wmstartuptick -> C:\Windows\System32\wmstartuptick -> [2011/01/27 09:22:06 | 000,000,005 | ---- | M] ()
WEB_OI_3GG.mdb -> C:\Users\Mário Monteiro\Documents\WEB_OI_3GG.mdb -> [2011/01/25 05:23:51 | 000,327,680 | ---- | M] ()
~$OTOCOLOS WEB OI - 88100868.doc -> C:\Users\Mário Monteiro\Documents\~$OTOCOLOS WEB OI - 88100868.doc -> [2011/01/24 12:41:04 | 000,000,162 | -H-- | M] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Mário Monteiro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2011/01/20 10:03:58 | 000,150,528 | ---- | M] ()
Msft_Kernel_HPub2521_01009.Wdf -> C:\Windows\System32\drivers\Msft_Kernel_HPub2521_01009.Wdf -> [2011/01/19 19:10:56 | 000,000,000 | -H-- | M] ()
hosts -> C:\Windows\System32\drivers\etc\hosts -> [2011/01/08 09:34:26 | 000,371,251 | ---- | M] ()
TEMPO_ORKUT.mdb -> C:\Users\Mário Monteiro\Documents\TEMPO_ORKUT.mdb -> [2010/12/29 13:11:37 | 000,372,736 | ---- | M] ()
53 C:\Users\Mário Monteiro\Desktop\*.tmp files -> C:\Users\Mário Monteiro\Desktop\*.tmp -> 

[Files - No Company Name]
Ad-Aware Update (Weekly).job -> C:\Windows\tasks\Ad-Aware Update (Weekly).job -> [2011/01/28 09:06:46 | 000,000,370 | ---- | C] ()
Ad-Aware Update (Daily 4).job -> C:\Windows\tasks\Ad-Aware Update (Daily 4).job -> [2011/01/28 09:06:45 | 000,000,370 | ---- | C] ()
Ad-Aware Update (Daily 3).job -> C:\Windows\tasks\Ad-Aware Update (Daily 3).job -> [2011/01/28 09:06:43 | 000,000,370 | ---- | C] ()
Ad-Aware Update (Daily 2).job -> C:\Windows\tasks\Ad-Aware Update (Daily 2).job -> [2011/01/28 09:06:42 | 000,000,370 | ---- | C] ()
Ad-Aware Update (Daily 1).job -> C:\Windows\tasks\Ad-Aware Update (Daily 1).job -> [2011/01/28 09:06:40 | 000,000,370 | ---- | C] ()
desktop.ini -> C:\Users\Mário Monteiro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini -> [2011/01/27 10:47:58 | 000,000,174 | -HS- | C] ()
wmstartuptick -> C:\Windows\System32\wmstartuptick -> [2011/01/26 18:54:53 | 000,000,005 | ---- | C] ()
Mozilla Firefox 4.0 Beta 10.lnk -> C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox 4.0 Beta 10.lnk -> [2011/01/26 13:04:01 | 000,001,904 | ---- | C] ()
~$OTOCOLOS WEB OI - 88100868.doc -> C:\Users\Mário Monteiro\Documents\~$OTOCOLOS WEB OI - 88100868.doc -> [2011/01/24 12:41:04 | 000,000,162 | -H-- | C] ()
Msft_Kernel_HPub2521_01009.Wdf -> C:\Windows\System32\drivers\Msft_Kernel_HPub2521_01009.Wdf -> [2011/01/19 19:10:56 | 000,000,000 | -H-- | C] ()
IconCache.db -> C:\Users\Mário Monteiro\AppData\Local\IconCache.db -> [2011/01/04 17:35:53 | 002,677,262 | -H-- | C] ()
keyfile3.drm -> C:\Users\Mário Monteiro\AppData\Local\keyfile3.drm -> [2010/11/08 14:55:22 | 000,004,096 | -H-- | C] ()
cpwmon2k.dll -> C:\Windows\System32\cpwmon2k.dll -> [2010/11/04 20:02:38 | 000,087,552 | ---- | C] ()
RtNicProp32.dll -> C:\Windows\System32\RtNicProp32.dll -> [2009/12/03 09:27:30 | 000,080,416 | ---- | C] ()
AVSredirect.dll -> C:\Windows\System32\AVSredirect.dll -> [2009/09/23 12:41:09 | 000,027,648 | ---- | C] ()
OGACheckControl.dll -> C:\Windows\System32\OGACheckControl.dll -> [2009/08/03 15:07:42 | 000,403,816 | ---- | C] ()
EhStorAuthn.dll -> C:\Windows\System32\EhStorAuthn.dll -> [2009/07/15 22:31:55 | 000,117,248 | ---- | C] ()
msjetoledb40.dll -> C:\Windows\System32\msjetoledb40.dll -> [2009/07/15 22:28:09 | 000,368,640 | ---- | C] ()
semcreserved.sys -> C:\Windows\System32\drivers\semcreserved.sys -> [2009/05/23 20:26:21 | 000,017,408 | ---- | C] ()
desktop.ini -> C:\Users\Mário Monteiro\AppData\Roaming\desktop.ini -> [2009/04/27 23:48:38 | 000,000,006 | -HS- | C] ()
desktop.ini -> C:\Users\Mário Monteiro\AppData\Local\desktop.ini -> [2009/04/27 23:48:38 | 000,000,006 | -HS- | C] ()
winconfsam.cfg -> C:\Users\Mário Monteiro\AppData\Local\winconfsam.cfg -> [2009/04/05 14:32:45 | 000,000,142 | ---- | C] ()
qt-dx331.dll -> C:\Windows\System32\qt-dx331.dll -> [2009/01/27 12:17:27 | 003,596,288 | ---- | C] ()
ff_vfw.dll.manifest -> C:\Windows\System32\ff_vfw.dll.manifest -> [2009/01/27 12:15:20 | 000,000,547 | ---- | C] ()
upbunk.txt -> C:\Program Files\upbunk.txt -> [2009/01/07 17:21:22 | 000,000,116 | ---- | C] ()
PICSDK.ini -> C:\Windows\System32\PICSDK.ini -> [2009/01/04 14:09:05 | 000,000,097 | ---- | C] ()
guard32.dll -> C:\Windows\System32\guard32.dll -> [2008/12/29 10:21:45 | 000,147,192 | ---- | C] ()
d3d9caps.dat -> C:\Users\Mário Monteiro\AppData\Local\d3d9caps.dat -> [2008/11/15 08:49:01 | 000,007,620 | ---- | C] ()
DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> C:\Users\Mário Monteiro\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini -> [2008/11/14 21:57:43 | 000,150,528 | ---- | C] ()
ODBC.INI -> C:\Windows\ODBC.INI -> [2008/11/14 21:55:44 | 000,000,418 | ---- | C] ()
QSwitch.txt -> C:\Users\Mário Monteiro\AppData\Local\QSwitch.txt -> [2008/11/14 12:31:42 | 000,000,000 | ---- | C] ()
DSwitch.txt -> C:\Users\Mário Monteiro\AppData\Local\DSwitch.txt -> [2008/11/14 12:31:42 | 000,000,000 | ---- | C] ()
AtStart.txt -> C:\Users\Mário Monteiro\AppData\Local\AtStart.txt -> [2008/11/14 12:31:42 | 000,000,000 | ---- | C] ()
GDIPFONTCACHEV1.DAT -> C:\Users\Mário Monteiro\AppData\Local\GDIPFONTCACHEV1.DAT -> [2008/11/14 12:31:11 | 000,076,928 | ---- | C] ()
hpzinstall.log -> C:\ProgramData\hpzinstall.log -> [2008/09/12 19:24:41 | 000,000,368 | ---- | C] ()
atitmmxx.dll -> C:\Windows\System32\atitmmxx.dll -> [2008/03/28 06:19:10 | 000,159,744 | ---- | C] ()
tcpmon.ini -> C:\Windows\System32\tcpmon.ini -> [2008/01/20 23:24:38 | 000,060,124 | ---- | C] ()
CogentBioSDK.dll -> C:\Windows\System32\CogentBioSDK.dll -> [2007/11/14 16:17:34 | 000,204,800 | ---- | C] ()
desktop.ini -> C:\Program Files\desktop.ini -> [2006/11/02 09:50:50 | 000,000,174 | -HS- | C] ()
GlobalUserInterface.CompositeFont -> C:\Windows\Fonts\GlobalUserInterface.CompositeFont -> [2006/11/02 09:37:35 | 000,037,665 | ---- | C] ()
GlobalSerif.CompositeFont -> C:\Windows\Fonts\GlobalSerif.CompositeFont -> [2006/11/02 09:37:35 | 000,029,779 | ---- | C] ()
GlobalSansSerif.CompositeFont -> C:\Windows\Fonts\GlobalSansSerif.CompositeFont -> [2006/11/02 09:37:35 | 000,026,489 | ---- | C] ()
GlobalMonospace.CompositeFont -> C:\Windows\Fonts\GlobalMonospace.CompositeFont -> [2006/11/02 09:37:35 | 000,026,040 | ---- | C] ()
sysprepMCE.dll -> C:\Windows\System32\sysprepMCE.dll -> [2006/11/02 09:35:32 | 000,005,632 | ---- | C] ()
PerfStringBackup.INI -> C:\Windows\System32\PerfStringBackup.INI -> [2006/11/02 07:33:01 | 001,664,822 | ---- | C] ()
msdfmap.ini -> C:\Windows\msdfmap.ini -> [2006/11/02 07:24:31 | 000,001,405 | ---- | C] ()
system.ini -> C:\Windows\system.ini -> [2006/11/02 07:23:31 | 000,000,215 | ---- | C] ()
win.ini -> C:\Windows\win.ini -> [2006/11/02 07:23:31 | 000,000,144 | ---- | C] ()
pacerprf.ini -> C:\Windows\System32\pacerprf.ini -> [2006/11/02 04:40:29 | 000,013,750 | ---- | C] ()
country.sys -> C:\Windows\System32\country.sys -> [2006/11/02 04:09:45 | 000,027,097 | ---- | C] ()
KEY01.SYS -> C:\Windows\System32\KEY01.SYS -> [2006/11/02 04:09:44 | 000,042,809 | ---- | C] ()
KEYBOARD.SYS -> C:\Windows\System32\KEYBOARD.SYS -> [2006/11/02 04:09:44 | 000,042,537 | ---- | C] ()
ANSI.SYS -> C:\Windows\System32\ANSI.SYS -> [2006/11/02 04:09:42 | 000,009,029 | ---- | C] ()
HIMEM.SYS -> C:\Windows\System32\HIMEM.SYS -> [2006/11/02 04:09:41 | 000,004,768 | ---- | C] ()
NTDOS412.SYS -> C:\Windows\System32\NTDOS412.SYS -> [2006/11/02 04:09:40 | 000,029,274 | ---- | C] ()
NTDOS411.SYS -> C:\Windows\System32\NTDOS411.SYS -> [2006/11/02 04:09:38 | 000,029,370 | ---- | C] ()
NTDOS404.SYS -> C:\Windows\System32\NTDOS404.SYS -> [2006/11/02 04:09:35 | 000,029,146 | ---- | C] ()
NTDOS804.SYS -> C:\Windows\System32\NTDOS804.SYS -> [2006/11/02 04:09:31 | 000,029,146 | ---- | C] ()
NTDOS.SYS -> C:\Windows\System32\NTDOS.SYS -> [2006/11/02 04:09:29 | 000,027,866 | ---- | C] ()
NTIO412.SYS -> C:\Windows\System32\NTIO412.SYS -> [2006/11/02 04:09:26 | 000,035,536 | ---- | C] ()
NTIO411.SYS -> C:\Windows\System32\NTIO411.SYS -> [2006/11/02 04:09:24 | 000,035,776 | ---- | C] ()
NTIO404.SYS -> C:\Windows\System32\NTIO404.SYS -> [2006/11/02 04:09:23 | 000,034,672 | ---- | C] ()
NTIO804.SYS -> C:\Windows\System32\NTIO804.SYS -> [2006/11/02 04:09:22 | 000,034,672 | ---- | C] ()
NTIO.SYS -> C:\Windows\System32\NTIO.SYS -> [2006/11/02 04:09:20 | 000,033,952 | ---- | C] ()
win87em.dll -> C:\Windows\System32\win87em.dll -> [2006/11/02 03:25:08 | 000,013,312 | ---- | C] ()
WdfCoInstaller01000.dll -> C:\Windows\System32\WdfCoInstaller01000.dll -> [2006/03/08 14:58:00 | 001,060,424 | ---- | C] ()
EPSPTDV.DLL -> C:\Windows\System32\EPSPTDV.DLL -> [2005/02/25 06:15:00 | 000,159,744 | ---- | C] ()
unrar.dll -> C:\Windows\System32\unrar.dll -> [2002/10/15 19:54:04 | 000,153,088 | ---- | C] ()
lcppn21.dll -> C:\Windows\System32\lcppn21.dll -> [2001/11/14 12:56:00 | 001,802,240 | ---- | C] ()
[Custom Scans]
< %SYSTEMDRIVE%\*.* >
aaw7boot.log -> C:\aaw7boot.log -> [2011/01/28 09:02:14 | 000,027,324 | ---- | M] ()
autoexec.bat -> C:\autoexec.bat -> [2008/09/12 19:10:28 | 000,000,074 | ---- | M] ()
bootmgr -> C:\bootmgr -> [2009/04/11 03:36:36 | 000,333,257 | RHS- | M] ()
config.sys -> C:\config.sys -> [2006/09/18 18:43:37 | 000,000,010 | ---- | M] ()
hiberfil.sys -> C:\hiberfil.sys -> [2010/02/03 18:28:41 | 2950,520,832 | -HS- | M] ()
pagefile.sys -> C:\pagefile.sys -> [2011/01/28 09:02:14 | 3264,307,200 | -HS- | M] ()
UsbFix.txt -> C:\UsbFix.txt -> [2011/01/28 10:14:18 | 000,001,049 | ---- | M] ()

[Alternate Data Streams]
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:0CE7F3C9
@Alternate Data Stream - 2 bytes -> C:\Windows\System32:31B8719B_Bb.gbp
@Alternate Data Stream - 304 bytes -> C:\Windows\System32\drivers:GbpKmAp.lst
< End of report >

wings · Janeiro 28, 2011

1.

*Execute o OTS

*Clique no espaço abaixo de "Paste Fix Here", e cole o código

[unregister Dlls]

[Files/Folders - Created Within 30 Days]

NY -> Autorun.inf -> C:\Autorun.inf

[Empty Temp Folders]

*Clique [Run Fix]

*Cole o relatório apresentado após a reinicialização (C:\_OTS\MovedFiles\MDA_HMS.txt onde MDA é mês dia ano e HMS é hora minuto segundo)

Mário Monteiro · Janeiro 28, 2011

All Processes Killed
[Files/Folders - Created Within 30 Days]

Folder move failed. C:\Autorun.inf\NoKill... scheduled to be moved on reboot.

Folder move failed. C:\Autorun.inf scheduled to be moved on reboot.

[Empty Temp Folders]

User: All Users

User: Defaulta

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 402 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

User: Fernando Luigi

->Temp folder emptied: 894 bytes

->Temporary Internet Files folder emptied: 402 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 51257216 bytes

->Flash cache emptied: 697 bytes

User: Mário Monteiro

->Temp folder emptied: 750847 bytes

->Temporary Internet Files folder emptied: 918583 bytes

->Java cache emptied: 210968659 bytes

->FireFox cache emptied: 187595859 bytes

->Google Chrome cache emptied: 164220017 bytes

->Apple Safari cache emptied: 38376448 bytes

->Opera cache emptied: 21433813 bytes

->Flash cache emptied: 21396 bytes

User: Public

->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 69215 bytes

%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 40534 bytes

%systemroot%\system32\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 36748998 bytes

RecycleBin emptied: 8467 bytes

Total Files Cleaned = 679,00 mb

< End of fix log >

OTS by OldTimer - Version 3.1.41.4 fix logfile created on 01282011_113826

Files\Folders moved on Reboot...

File\Folder C:\Autorun.inf\NoKill... not found!

Folder move failed. C:\Autorun.inf\NoKill... scheduled to be moved on reboot.

Folder move failed. C:\Autorun.inf scheduled to be moved on reboot.

File\Folder C:\Users\Mário Monteiro\AppData\Local\Temp\~DF25B6.tmp not found!

Registry entries deleted on Reboot...

wings · Janeiro 28, 2011

OK

Reinicie o PC e informe se o Avira ainda acusa algo.

Mário Monteiro · Janeiro 28, 2011

Segue acusando

E a pasta C:\Autorun.inf\ segue na raiz do C

wings · Janeiro 28, 2011

Esta pasta não é maliciosa. Ela foi criada para prevenção de futuras contaminações via USB.

Veja a assinatura, em negrito, no log:

C:\Autorun.inf [] -> C:\Autorun.inf [ NTFS ] -> [2011/01/26 10:45:45 | 000,000,000 | ---D | M]
D:\Autorun.inf [] -> D:\Autorun.inf [ NTFS ] -> [2011/01/26 10:45:51 | 000,000,000 | ---D | M]

A mesma pasta existe em D:\

1.

*Execute o UsbFix

*Clique [uninstall]

2.

*Execute o OTS

*Clique [CleanUp] > [Yes]

*O PC será reiniciado

3.

*Baixe o ComboFix e salve-o no desktop

*Execute-o e aceite o contrato

*Aguarde a conclusão de todas as etapas

*Não use o mouse nem o teclado durante a execução das etapas!!

*Para interromper o procedimento tecle [N] > [ENTER]

*Cole o relatório C:\combofix.txt

Quando o Avira acusar, marque a opção para ignorar.

Mário Monteiro · Janeiro 28, 2011

ComboFix 11-01-27.05 - Mário Monteiro 28/01/2011 13:05:36.3.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.55.1046.18.2813.1399 [GMT -3:00]

Executando de: c:\users\Mário Monteiro\Desktop\ComboFix.exe

AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}

SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

ADS - system32: deleted 2 bytes in 1 streams.

ADS - drivers: deleted 304 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_GbpSv

(((((((((((((((( Arquivos/Ficheiros criados de 2010-12-28 to 2011-01-28 ))))))))))))))))))))))))))))

.

2011-01-28 16:19 . 2011-01-28 16:25 -------- d-----w- c:\users\Mário Monteiro\AppData\Local\temp

2011-01-28 16:19 . 2011-01-28 16:19 -------- d-----w- c:\users\Fernando Luigi\AppData\Local\temp

2011-01-28 16:19 . 2011-01-28 16:19 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-01-28 13:01 . 2011-01-28 15:44 -------- d-----w- C:\UsbFix

2011-01-28 13:00 . 2011-01-13 09:41 5890896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{256E9C01-ADCD-431A-B10F-35D1059F5328}\mpengine.dll

2011-01-27 14:54 . 2011-01-27 14:57 -------- d-----w- c:\program files\Marcos Velasco Security

2011-01-26 13:35 . 2011-01-26 13:35 -------- d-----w- c:\program files\T55

2011-01-26 13:34 . 2011-01-26 13:34 -------- d-----w- c:\users\Mário Monteiro\AppData\Roaming\T55

2011-01-24 21:07 . 2011-01-24 21:07 -------- d-----w- c:\program files\ISDBT_Assist_Driver

2011-01-24 21:05 . 2011-01-24 21:07 -------- d-----w- c:\program files\InstallInfo

2011-01-24 21:05 . 2010-06-21 23:30 52128 ----a-w- c:\windows\system32\drivers\smsbda.sys

2011-01-24 21:05 . 2009-10-28 22:35 105216 ----a-w- c:\windows\system32\drivers\ZTEusbser6k.sys

2011-01-24 21:05 . 2009-10-28 22:35 105216 ----a-w- c:\windows\system32\drivers\ZTEusbnmea.sys

2011-01-24 21:05 . 2009-10-28 22:35 105216 ----a-w- c:\windows\system32\drivers\ZTEusbmdm6k.sys

2011-01-24 21:05 . 2009-10-28 22:35 105216 ----a-w- c:\windows\system32\drivers\ZTEusbdvbh.sys

2011-01-24 21:05 . 2011-01-28 15:46 -------- d-----w- c:\program files\VIVO Internet e TV Digital

2011-01-22 16:05 . 2011-01-22 16:08 -------- d-----w- c:\program files\PDFRider

2011-01-19 22:10 . 2010-10-13 16:39 13824 ----a-w- c:\windows\system32\drivers\HPub2521.sys

2011-01-19 22:10 . 2010-10-12 14:41 20480 ----a-w- c:\windows\system32\drivers\HPMo2521.sys

2011-01-12 09:48 . 2010-12-28 15:55 413696 ----a-w- c:\windows\system32\odbc32.dll

2011-01-12 09:48 . 2010-12-28 15:53 708608 ----a-w- c:\program files\Common Files\System\ado\msado15.dll

2011-01-12 09:48 . 2010-12-28 15:53 253952 ----a-w- c:\program files\Common Files\System\ado\msadox.dll

2011-01-12 09:48 . 2010-12-28 15:53 241664 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll

2011-01-12 09:48 . 2010-12-28 15:53 57344 ----a-w- c:\program files\Common Files\System\msadc\msadcs.dll

2011-01-12 09:48 . 2010-12-28 15:53 180224 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll

2011-01-12 09:48 . 2010-12-14 14:49 1169408 ----a-w- c:\windows\system32\sdclt.exe

2011-01-08 11:19 . 2011-01-08 11:19 -------- d-----w- c:\users\Mário Monteiro\Application Data

2011-01-04 13:50 . 2011-01-04 13:50 -------- d-----w- c:\program files\ESET

2011-01-04 05:15 . 2011-01-04 05:15 -------- d-----w- c:\users\Fernando Luigi\AppData\Local\Temp(803)

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-12-28 13:46 . 2010-11-18 13:35 46600 ----a-w- c:\windows\system32\drivers\gbpkm.sys

2010-12-21 13:12 . 2010-09-22 11:44 135096 ----a-w- c:\windows\system32\drivers\avipbb.sys

2010-12-20 21:09 . 2008-12-24 21:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-12-20 21:08 . 2008-12-24 21:07 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-12-04 01:03 . 2010-12-04 01:03 45056 ----a-r- c:\users\Mário Monteiro\AppData\Roaming\Microsoft\Installer\{37964A88-DAA1-488B-AE88-A5B6DDC6E9A6}\NewShortcut31_D6F61FA1540C43A0936BD1F3A5C07B72.exe

2010-12-04 01:03 . 2010-12-04 01:03 45056 ----a-r- c:\users\Mário Monteiro\AppData\Roaming\Microsoft\Installer\{37964A88-DAA1-488B-AE88-A5B6DDC6E9A6}\NewShortcut31_D6F61FA1540C43A0936BD1F3A5C07B72.exe

2010-12-04 01:03 . 2010-12-04 01:03 45056 ----a-r- c:\users\Mário Monteiro\AppData\Roaming\Microsoft\Installer\{37964A88-DAA1-488B-AE88-A5B6DDC6E9A6}\NewShortcut3_ED20EFD339C84018B601E634FD7339F2.exe

2010-12-04 01:03 . 2010-12-04 01:03 45056 ----a-r- c:\users\Mário Monteiro\AppData\Roaming\Microsoft\Installer\{37964A88-DAA1-488B-AE88-A5B6DDC6E9A6}\NewShortcut3_ED20EFD339C84018B601E634FD7339F2.exe

2010-11-25 10:20 . 2010-09-22 11:44 61960 ----a-w- c:\windows\system32\drivers\avgntflt.sys

2010-11-12 21:53 . 2010-07-14 20:18 472808 ----a-w- c:\windows\system32\deployJava1.dll

2010-11-04 18:56 . 2010-12-15 23:57 345600 ----a-w- c:\windows\system32\wmicmiplugin.dll

2010-11-04 18:55 . 2010-12-15 23:57 352768 ----a-w- c:\windows\system32\taskschd.dll

2010-11-04 18:55 . 2010-12-15 23:57 270336 ----a-w- c:\windows\system32\taskcomp.dll

2010-11-04 18:55 . 2010-12-15 23:57 601600 ----a-w- c:\windows\system32\schedsvc.dll

2010-11-04 16:34 . 2010-12-15 23:57 171520 ----a-w- c:\windows\system32\taskeng.exe

2010-11-02 06:01 . 2010-12-15 23:50 916480 ----a-w- c:\windows\system32\wininet.dll

2010-11-02 05:57 . 2010-12-15 23:50 43520 ----a-w- c:\windows\system32\licmgr10.dll

2010-11-02 05:57 . 2010-12-15 23:50 1469440 ----a-w- c:\windows\system32\inetcpl.cpl

2010-11-02 05:57 . 2010-12-15 23:50 71680 ----a-w- c:\windows\system32\iesetup.dll

2010-11-02 05:57 . 2010-12-15 23:50 109056 ----a-w- c:\windows\system32\iesysprep.dll

2010-11-02 05:01 . 2010-12-15 23:50 385024 ----a-w- c:\windows\system32\html.iec

2010-11-02 04:26 . 2010-12-15 23:50 133632 ----a-w- c:\windows\system32\ieUnatt.exe

2010-11-02 04:24 . 2010-12-15 23:50 1638912 ----a-w- c:\windows\system32\mshtml.tlb

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"LightScribe Control Panel"="c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-02-26 2289664]

"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]

"COMODO Firewall Pro"="c:\program files\Comodo\Firewall\cfp.exe" [2008-12-30 1797880]

"DpAgent"="c:\program files\DigitalPersona\Bin\dpagent.exe" [2008-03-12 699456]

"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288]

"HP Software Update"="c:\program files\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]

2010-12-28 13:42 351624 ------w- c:\program files\GbPlugin\gbieh.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]

backup=c:\windows\pss\BTTray.lnk.CommonStartup

backupExtension=.CommonStartup

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]

2008-11-22 23:51 133104 ----atw- c:\users\Mário Monteiro\AppData\Local\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpWirelessAssistant]

2007-11-20 10:44 488752 ----a-w- c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnScreenDisplay]

2007-11-01 21:42 554288 ----a-w- c:\program files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]

2008-03-14 11:45 202032 ----a-w- c:\program files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QPService]

2008-05-15 01:56 468264 ----a-w- c:\program files\HP\QuickPlay\QPService.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UCam_Menu]

2008-06-13 21:11 210216 ------w- c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]

2008-01-21 02:25 202240 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]

"AntiVirusOverride"=dword:00000001

"FirewallOverride"=dword:00000001

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-12-17 135664]

R2 Recovery Service for Windows;Recovery Service for Windows;c:\windows\SMINST\BLService.exe [2008-03-26 341328]

R3 Com4QLBEx;Com4QLBEx;c:\program files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-04-03 193840]

R3 NDISKIO;NDISKIO; [x]

R3 ONDAusbmdm6k;ONDA Proprietary USB Driver;c:\windows\system32\DRIVERS\ONDAusbmdm6k.sys [x]

R3 ONDAusbnmea;ONDA NMEA Port;c:\windows\system32\DRIVERS\ONDAusbnmea.sys [x]

R3 ONDAusbser6k;ONDA Diagnostic Port;c:\windows\system32\DRIVERS\ONDAusbser6k.sys [x]

R3 sembbus;SEMC WMC Composite Device driver (WDM);c:\windows\system32\DRIVERS\sembbus.sys [2008-02-06 260992]

R3 sembcard;Sony Ericsson PC300 Mobile Broadband Command Interface Drivers (WDM);c:\windows\system32\DRIVERS\sembcard.sys [2008-02-06 337408]

R3 sembmdfl2;Sony Ericsson PC300 Wireless Modem Filter;c:\windows\system32\DRIVERS\sembmdfl2.sys [2008-02-06 14976]

R3 sembmdm2;Sony Ericsson PC300 Wireless Modem Driver;c:\windows\system32\DRIVERS\sembmdm2.sys [2008-02-06 380672]

R3 sembmgmt;Sony Ericsson PC300 Mobile Broadband Device Management Drivers (WDM);c:\windows\system32\DRIVERS\sembmgmt.sys [2008-02-06 343680]

R3 sembnd5;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (NDIS);c:\windows\system32\DRIVERS\sembnd5.sys [2008-02-06 24960]

R3 sembunic;Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (WDM);c:\windows\system32\DRIVERS\sembunic.sys [2008-02-06 344064]

R3 sembwwan;Sony Ericsson PC300 Mobile Broadband Ethernet Control Drivers (WDM);c:\windows\system32\DRIVERS\sembwwan.sys [2008-02-06 337408]

R3 SEMCReserved;SEMC Reserved Interface;c:\windows\system32\DRIVERS\semcreserved.sys [2008-02-15 17408]

R3 Sony_EricssonWWSC;Sony Ericsson SIM Card Reader;c:\windows\system32\DRIVERS\sesc.sys [2007-08-14 12672]

R3 utcwmzq0;AVZ Kernel Driver; [x]

R3 WMSvc;Serviço de Gerenciamento da Web;c:\windows\system32\inetsrv\wmsvc.exe [2008-01-21 11264]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S0 Amddfltr;Amd Disk Lower Filter Driver;c:\windows\system32\DRIVERS\Amddfltr.sys [2008-01-07 15416]

S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2010-12-28 46600]

S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [2009-12-02 64288]

S1 cmdGuard;COMODO Firewall Pro Sandbox Driver;c:\windows\system32\DRIVERS\cmdguard.sys [2008-12-30 99344]

S1 cmdHlp;COMODO Firewall Pro Helper Driver;c:\windows\system32\DRIVERS\cmdhlp.sys [2008-12-30 25104]

S1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\Symantec\DEFINI~1\SymcData\ipsdefs\20081126.002\IDSvix86.sys [2008-10-03 270384]

S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\aestsrv.exe [2008-06-27 77824]

S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-11-03 135336]

S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe [2010-06-15 26168]

S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-04 1181328]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\McAfee\SiteAdvisor\McSACore.exe [2010-11-24 88176]

S2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]

S2 vfsFPService;Validity Fingerprint Service;c:\windows\system32\vfsFPService.exe [2008-03-26 595248]

S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-01-23 52736]

S3 HPMo2521;Mouse Suite Driver_2521 (WDF Version);c:\windows\system32\DRIVERS\HPMo2521.sys [2010-10-12 20480]

S3 HPub2521;USB Mouse Low Filter Driver_2521 (WDF Version);c:\windows\system32\Drivers\HPub2521.sys [2010-10-13 13824]

S3 smsbda;SMS Digital Video;c:\windows\system32\drivers\smsbda.sys [2010-06-21 52128]

S3 vfs101x;vfs101x;c:\windows\system32\drivers\vfs101x.sys [2008-03-26 40752]

S3 ZTEusbdvbh;ZTE HS-USB DVBH-RF Service;c:\windows\system32\DRIVERS\ZTEusbdvbh.sys [2009-10-28 105216]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

bthsvcs REG_MULTI_SZ BthServ

LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2008-02-26 17:06 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe

.

Conteúdo da pasta 'Tarefas Agendadas'

2011-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-17 10:38]

2011-01-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2009-12-17 10:38]

2010-01-03 c:\windows\Tasks\HPCeeScheduleForMário Monteiro.job

- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2008-09-12 18:14]

2011-01-28 c:\windows\Tasks\User_Feed_Synchronization-{FE44F8E1-18AF-43EE-BB19-89F7E3DBB9D0}.job

- c:\windows\system32\msfeedssync.exe [2010-12-15 04:25]

.

.

------- Scan Suplementar -------

.

uStart Page = hxxp://www.orkut.com.br/Main#Application?uid=17360339365536149156&appId=999787414856&rl=ls

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pt_br&c=83&bd=Pavilion&pf=cnnb

IE: E&xportar para o Microsoft Excel

IE: Enviar imagem para Dispositivo &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Enviar página para Dispositivo &Bluetooth ... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

Trusted Zone: bancobrasil.com.br\www

Trusted Zone: bancobrasil.com.br\www14

Trusted Zone: bancobrasil.com.br\www2

Trusted Zone: bb.com.br\www

Trusted Zone: infoseg.gov.br\www2

TCP: {F23D74C9-A8F0-4E6B-A94F-CA09C9A6A55D} = 200.202.193.75 200.223.0.83

FF - ProfilePath - c:\users\Mário Monteiro\AppData\Roaming\Mozilla\Firefox\Profiles\ldnkfl42.default\

FF - prefs.js: browser.startup.homepage - about:blank

.

- - - - ORFÃOS REMOVIDOS - - - -

HKLM-Run-SynTPEnh - %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

HKLM-Run-SysTrayApp - %ProgramFiles%\IDT\WDM\sttray.exe

AddRemove-Agere Systems Soft Modem - c:\windows\agrsmdel

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-01-28 13:26

Windows 6.0.6002 Service Pack 2 NTFS

Procurando processos ocultos ...

Procurando entradas auto inicializáveis ocultas ...

Procurando ficheiros/arquivos ocultos ...

Varredura completada com sucesso

arquivos/ficheiros ocultos: 0

**************************************************************************

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

Windows 6.0.6002

CreateFile("\\.\PHYSICALDRIVE0"): O arquivo já está sendo usado por outro processo.

device: opened successfully

user: error reading MBR

kernel: MBR read successfully

user != kernel MBR !!!

**************************************************************************

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

--------------------- DLLs Carregadas Sob os Processos em Execução ---------------------

- - - - - - - > 'Explorer.exe'(5584)

c:\progra~1\mcafee\SITEAD~1\saHook.dll

c:\program files\DigitalPersona\Bin\DpoFeedb.dll

c:\windows\system32\btncopy.dll

.

------------------------ Outros Processos em Execução ------------------------

.

c:\windows\system32\Ati2evxx.exe

c:\windows\System32\DriverStore\FileRepository\stwrt.inf_a7e996cd\STacSV.exe

c:\windows\system32\Ati2evxx.exe

c:\program files\DigitalPersona\Bin\DpHostW.exe

c:\windows\system32\agrsmsvc.exe

c:\program files\Avira\AntiVir Desktop\avguard.exe

c:\program files\Comodo\Firewall\cmdagent.exe

c:\windows\system32\inetsrv\inetinfo.exe

c:\program files\Common Files\LightScribe\LSSrvc.exe

c:\program files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe

c:\program files\HP\QuickPlay\Kernel\TV\QPSched.exe

c:\program files\CyberLink\Shared Files\RichVideo.exe

c:\windows\system32\rundll32.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\WUDFHost.exe

c:\program files\Avira\AntiVir Desktop\avshadow.exe

c:\windows\system32\wbem\unsecapp.exe

c:\windows\system32\conime.exe

c:\windows\System32\vds.exe

c:\program files\Hewlett-Packard\HP Health Check\hphc_service.exe

c:\windows\system32\UI0Detect.exe

c:\windows\system32\wermgr.exe

.

**************************************************************************

.

Tempo para conclusão: 2011-01-28 13:34:17 - Máquina reiniciou

ComboFix-quarantined-files.txt 2011-01-28 16:34

Pré-execução: 61.447.954.432 bytes disponíveis

Pós execução: 61.075.496.960 bytes disponíveis

- - End Of File - - A70F0E8C947A8B8CA4C668917194AFC4

wings · Janeiro 28, 2011

O log está limpo.

Conforme descrevi antes, a pasta não é maliciosa.

*Clique [iniciar] > [Executar] > copie e cole: Combofix /uninstall

*Clique [OK] > [Executar]

*Aguarde surgir a mensagem: "ComboFix está desinstalado"

*Clique [OK]

Um abraço.

Mário Monteiro · Janeiro 28, 2011

Que bom então

O Avira deu um tempo nos avisos

mas se voltar a mostrar posso ignorar então?

Após desinstalar o combofix habilitei o avira novamente

wings · Janeiro 28, 2011

Sim pode ignorar os avisos.

O PC está limpinho.

Fique tranquilo!

Um abraço.

wings · Janeiro 28, 2011

PROBLEMA RESOLVIDO

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Arquivado

[Resolvido] &nbspAvira informando freneticamente mensagem de bloqueio

Recommended Posts

Mário Monteiro 179

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

Mário Monteiro 179

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

Mário Monteiro 179

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

Mário Monteiro 179

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

Mário Monteiro 179

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

Mário Monteiro 179

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

Mário Monteiro 179

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

Mário Monteiro 179

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

Mário Monteiro 179

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

Fixar div até atingir uma certa altura