[Resolvido] &nbspInfecção --> lnk:runner

maniagames100% · Janeiro 28, 2011

O avast acusa virus LKN:RUNNER, tal virus parece se espalhar em todas as pastas do disco.

Ja passei malware antimalware, avast, avira, norton, hijakthis, remove trojan, e nada parece resolver!!!

O que eu faço? Please...

segue abaixo o log

HIJACKTHIS

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:31:08, on 28/01/2011

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe

C:\PROGRA~1\GbPlugin\GbpSv.exe

C:\Windows\system32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Windows\Xerox\PanelMgr\SSMMgr.exe

C:\Program Files\Xerox\Xerox WorkCentre 3210\PSU\Scan2pc.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe

C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

C:\nexcafe\NexServ.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe

C:\Windows\system32\svchost.exe

C:\Windows\system32\WUDFHost.exe

C:\ServerLic\GerLicenciamento\GerLicenciamento.exe

C:\Windows\System32\svchost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\ServerLic\GestaoPedagogica\GestaoPedagogica.exe

C:\DKSOFT\dksoft.exe

C:\nexcafe\NexAdmin.exe

C:\Windows\system32\DllHost.exe

C:\Windows\System32\svchost.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Users\TecBits\Downloads\HiJackThis.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GR469A~1.DLL

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files\GbPlugin\gbieh.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Xerox PanelMgr] C:\Windows\Xerox\PanelMgr\SSMMgr.exe /autorun

O4 - HKLM\..\Run: [stanley-L_XRX_S2P] C:\Program Files\Xerox\Xerox WorkCentre 3210\PSU\Scan2pc.exe

O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [Adobe_ID0ENQBO] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O4 - Global Startup: NexCafé NexServ.lnk = C:\nexcafe\NexServ.exe

O8 - Extra context menu item: Anexar a PDF existente - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Anexar destino do link a PDF existente - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Converter destino do link em Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Converter em Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O15 - Trusted Zone: www.bancobrasil.com.br

O15 - Trusted Zone: www14.bancobrasil.com.br

O15 - Trusted Zone: www2.bancobrasil.com.br

O15 - Trusted Zone: www.bb.com.br

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{971EC717-0030-4395-A033-0E213B0E298E}: NameServer = 201.10.128.2,201.10.120.3

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GRA32A~1.DLL

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: GbPluginBb - C:\Program Files\GbPlugin\gbieh.dll

O23 - Service: Adobe Version Cue CS4 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Firebird Guardian - DefaultInstance (FirebirdGuardianDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe

O23 - Service: Firebird Server - DefaultInstance (FirebirdServerDefaultInstance) - Firebird Project - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~1\GbPlugin\GbpSv.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

--

End of file - 10129 bytes

wings · Janeiro 28, 2011

1.

*Baixe o AVZ e salve-o no desktop

*Extraia para o desktop

*Na pasta avz4, execute o avz (usuários com Windows Vista ou Windows 7 clique com o botão direito e selecione "Executar como Administrador")

*Clique [File] > [Database Update] e aguarde o final da atualização.

*Selecione a partição onde o Windows está instalado. Geralmente é:

[] Disco local (C:)

*Clique [File] > [Custom Scripts]

*Cole o código no espaço em branco

begin

ExecuteStdScr(2);

end.

*Ao término, clique [OK] e feche a janela

*Na tela principal do AVZ, clique no botão: e salve o relatório (avz_log) no desktop

*Feche o programa

*Cole o relatório na sua próxima resposta.

maniagames100% · Janeiro 28, 2011

1.

*Baixe o AVZ e salve-o no desktop

*Extraia para o desktop

*Na pasta avz4, execute o avz (usuários com Windows Vista ou Windows 7 clique com o botão direito e selecione "Executar como Administrador")

*Clique [File] > [Database Update] e aguarde o final da atualização.

*Selecione a partição onde o Windows está instalado. Geralmente é:

[] Disco local (C:)

*Clique [File] > [Custom Scripts]

*Cole o código no espaço em branco

begin

ExecuteStdScr(2);

end.

*Ao término, clique [OK] e feche a janela

*Na tela principal do AVZ, clique no botão: e salve o relatório (avz_log) no desktop

*Feche o programa

*Cole o relatório na sua próxima resposta.

Boa Noite!

Wings,

Fiz o download do AVZ, segui os passos indicados, o pc travou três vezes!!

(nao chegou finalizar)

1º - travou ao executar database update

(na segunda tentativa a atualização deu certo!)

2º - travou ao executar o scaneamento

3º - travou com atividades normais

(obs: começou a travar apos abrir o AVZ, será q tem haver? "nao estava assim antes")

O que faço?

wings · Janeiro 29, 2011

1.

*Execute o AVZ

*Clique [File] > [Custom Scripts]

*Cole o código no espaço em branco

begin

ExecuteStdScr(6);

RebootWindows(true);

end.

*Clique [Run]

*O PC será reiniciado

*Delete a pasta avz4

2.

Clique com o botão direito do mouse no ícone do Avast ao lado do relógio > Selecione "Pausar a proteção residente" > Confirme.

3.

*Baixe o Kaspersky Virus Removal Tool e salve-o no desktop

*Instale o programa

*Selecione a opção:

[X] Meu Computador

*Clique [iniciar verificação]. Caso encontre algo, clique [ignorar]

*Ao finalizar, clique [Relatório] > [salvar] e salve o arquivo no desktop como log

*Feche a janela, e na tela principal do Kaspersky clique [sair] > [Não]

*Cole o relatório log.txt salvo no desktop

maniagames100% · Janeiro 29, 2011

ok Wings

segue o relatorio

Verificação automática: concluído 12 minutos atrás (eventos: 4, objetos: 1812146, hora: 04:26:03)

29/01/2011 13:00:44 Tarefa iniciada Ação padrão selecionada

29/01/2011 17:11:35 Detectados: HEUR:Trojan.Win32.Generic D:\Aliedne\ManiaGames\outros\intaladores programas\LAN MAXX GERENCIADOR LAN\LanMaxxCliente.exe/Client.exe/ASPack Ação padrão selecionada

29/01/2011 17:14:52 Não neutralizado: HEUR:Trojan.Win32.Generic D:\Aliedne\ManiaGames\outros\intaladores programas\LAN MAXX GERENCIADOR LAN\LanMaxxCliente.exe/Client.exe/ASPack Gravação sem suporte

29/01/2011 17:26:47 Tarefa concluída Ação padrão selecionada

wings · Janeiro 29, 2011

1.

*Abra a pasta Virus Removal Tool, localizada no desktop, execute o atalho Start

*Clique [sair] > [sim] > [sim] > [sim]

*O PC será reiniciado

*Delete os arquivos setup do Kaspersky e o relatório salvo no desktop

2.

*Baixe o OTL e salve-o no desktop

*Execute o OTL e selecione a opção:

[X] Verificar All Users

*Clique [Verificação Rápida]

*Cole o relatório apresentado

Informe também qual a versão do seu Office.

maniagames100% · Janeiro 30, 2011

*Cole o relatório apresentado

Informe também qual a versão do seu Office.

Segue abaixo o log OTL

OTL Extras logfile created on: 29/01/2011 22:42:41 - Run 1

OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\TecBits\Desktop

An unknown product (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 61,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 78,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 100,71 Gb Total Space | 52,47 Gb Free Space | 52,10% Space Free | Partition Type: NTFS

Drive D: | 365,05 Gb Total Space | 276,14 Gb Free Space | 75,64% Space Free | Partition Type: NTFS

Computer Name: SERVIDOR | User Name: TecBits | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"3050:TCP" = 3050:TCP:*:Enabled:Firebird

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

========== Authorized Applications List ==========

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"_{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension

"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW® Graphics Suite X5

"_{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}" = CorelDRAW Graphics Suite X5 - Extra Content

"{0330AFBF-6BE5-4E1C-922E-AD728F5B6D9B}" = Microsoft SQL Server 2005 Tools Express Edition

"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4

"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4

"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler

"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4

"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4

"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4

"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4

"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4

"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4

"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB

"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR

"{1B7C06E1-4888-47A6-992A-0990B9683486}" = Adobe Version Cue CS4 Server

"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4

"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data

"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA

"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications ® Core

"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java 6 Update 23

"{297190A1-4B0D-4CD6-8B9F-3907F15C3FD8}" = Adobe CS4 American English Speech Analysis Models

"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime

"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)

"{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4

"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters

"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4

"{368FCA18-C510-4F87-B60E-192B9BDBAE3D}" = CorelDRAW Graphics Suite X5

"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player

"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4

"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4

"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin

"{428FDF9F-E010-4C4C-A8BB-156960AFCA1C}" = Adobe Fireworks CS4

"{43509E18-076E-40FE-AF38-CA5ED400A5A9}" = Pixel Bender Toolkit

"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials

"{44E240EC-2224-4078-A88B-2CEE0D3016EF}" = Adobe After Effects CS4 Presets

"{45EC816C-0771-4C14-AE6D-72D1B578F4C8}" = Adobe After Effects CS4

"{47C6F987-685A-41AE-B092-E75B277AEE39}" = Adobe Flash CS4 Extension - Flash Lite STI others

"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4

"{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension

"{52232EF4-CC12-4C21-ABCF-ADB79618302D}" = Adobe Soundbooth CS4 Codecs

"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect

"{561968FD-56A1-49FD-9ED0-F55482C7C5BC}" = Adobe Media Encoder CS4 Exporter

"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA

"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist

"{5BA1655E-6CF5-47C7-95F0-311D4F676021}" =

"{60DB5894-B5A1-4B62-B0F3-669A22C0EE5D}" = Adobe Dynamiclink Support

"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant

"{61D6891E-E822-4448-9F9A-0AAAAEB6AF6C}" = Adobe Creative Suite 4 Master Collection

"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw

"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4

"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support

"{67A9747A-E1F5-4E9A-81CC-12B5D5B81B6E}" = Adobe After Effects CS4 Third Party Content

"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4

"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{68EE5C41-2F79-4F36-BE85-22A814F55AF7}" = CorelDRAW Graphics Suite X5 - ES

"{7406DF60-016D-476B-A2C7-55D997592047}" = Adobe OnLocation CS4

"{7635D07D-B727-496F-94CA-8AC60E0C40CE}" = Microsoft Report Viewer Redistributable 2005

"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files

"{8186FF34-D389-4B7E-9A2F-C197585BCFBD}" = Adobe Media Encoder CS4 Importer

"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4

"{8618F932-5FFA-48BE-B39A-2F606761EBDC}" = Arquivos de Suporte da Instalação do Microsoft SQL Server (Inglês)

"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8F18CFF8-8259-4148-AD00-2EE572754E92}" = CorelDRAW Graphics Suite X5 - FR

"{90110416-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edição 2003

"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007

"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

"{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT

"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4

"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95D70ABE-0311-4AB8-B924-FBFE647AC19C}" = Gravador do Microsoft SQL Server VSS

"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT

"{A6EC82A0-1414-475D-8AFD-469089F3080D}" = Adobe Contribute CS4

"{A8D93648-9F7F-407D-915C-62044644C3DA}" = MSI to redistribute MS VS2005 CRT libraries

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU

"{AC76BA86-1040-7D70-7760-000000000004}" = Adobe Acrobat 9 Pro - Italiano, Español, Nederlands, Português

"{AC76BA86-7AD7-1046-7B44-A94000000001}" = Adobe Reader 9.4.1 - Português

"{B05DE7B7-0B40-4411-BD4B-222CAE2D8F15}" = Adobe MotionPicture Color Files CS4

"{B15381DD-FF97-4FCD-A881-ED4DB0975500}" = Adobe Color Video Profiles AE CS4

"{B169BC97-B8AA-4ACA-9CF2-9D0FF5BABDF7}" = Adobe Premiere Pro CS4 Functional Content

"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect

"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common

"{B4002E0F-AF82-40C0-9EAB-F1D05C072F31}" = Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)

"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4

"{B9F4561A-924D-4510-A85A-BB0960C338CB}" = Adobe Asset Services CS4

"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module

"{BD3374D3-C2E6-42B7-A80B-E850B6886246}" = Adobe Flash CS4 STI-other

"{BE9CEAAA-F069-4331-BF2F-8D350F6504F4}" = Adobe Media Encoder CS4 Additional Exporter

"{BFE9A442-5D4B-4372-B994-FB4BCEA78662}" = CorelDRAW Graphics Suite X5 - NL

"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4

"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com

"{C938BE91-3BB5-4B84-9EF6-88F0505D0038}" = Adobe Premiere Pro CS4 Third Party Content

"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common

"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw

"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars

"{CDD28E51-0FC3-4C49-B935-D6C811A0C5BD}" = Microsoft SQL Server Native Client

"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0291D38-D7AE-47B6-AD64-4FAB908FDB9F}" = CorelDRAW Graphics Suite X5 - Extra Content

"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D54A52A8-DF24-4CE8-850B-074CA47DFA74}" = Windows Live Messenger

"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications ® Core - English

"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin

"{DC43FBD3-3E5D-419D-A981-519F1A3E6F53}" = CorelDRAW Graphics Suite X5 - IT

"{DCF22E37-A8B6-4F78-9D61-3BCB5ED38A50}" = CorelDRAW Graphics Suite X5 - DE

"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM

"{DEB90B8E-0DCB-48CE-B90E-8842A2BD643E}" = Adobe Media Encoder CS4

"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E29D8938-2E48-498C-832D-9663DCABD55F}" = Visual Basic for Applications ® Core - Portuguese (Brazil)

"{E34C6AA4-AE8E-4677-912A-92FC2E039DD9}" = CorelDRAW Graphics Suite X5 - EN

"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.1

"{E8EE9410-8AC4-4F43-A626-DDECA75C79F3}" = Adobe Setup

"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger

"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture

"{EE353798-E875-42E0-B58D-7E6696182EA8}" = Adobe Media Encoder CS4 Dolby

"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help

"{F6E99614-F042-4459-82B7-8B38B2601356}" = Adobe Flash CS4

"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4

"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4

"{FB2A5FCC-B81B-48C2-A009-7804694D83E9}" = Adobe Encore CS4 Codecs

"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All

"{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}" = CorelDRAW Graphics Suite X5 - BR

"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Adobe_b2d6abde968e6f277ddbfd501383e02" = Adobe Creative Suite 4 Master Collection

"avast5" = avast! Free Antivirus

"CCleaner" = CCleaner

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com

"ENTERPRISE" = Microsoft Office Enterprise 2007

"FBDBServer_2_1_is1" = Firebird 2.1.1.17910 (Win32)

"IRPF2010 - Declaração de Ajuste Anual e Final de Espólio" = IRPF2010 - Declaração de Ajuste Anual e Final de Espólio

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"Microsoft Report Viewer Redistributable 2005" = Microsoft Report Viewer Redistributable 2005

"Microsoft SQL Server 2005" = Microsoft SQL Server 2005

"Mozilla Firefox (3.6.13)" = Mozilla Firefox (3.6.13)

"NexCafé NexAdmin_is1" = NexAdmin 4.0.0.138

"NexCafé NexServ_is1" = NexServ 4.0.0.138

"Receitanet Java 2010.02b" = Receitanet Java 2010.02b

"Sistema Interativo de Ensino5.02" = Sistema Interativo de Ensino

"UltraISO_is1" = UltraISO Premium V8.62

"uTorrent" = µTorrent

"WinLiveSuite" = Windows Live Essentials

"WinRAR archiver" = Arquivo do WinRAR

"Xerox WorkCentre 3210" = Xerox WorkCentre 3210

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 27/01/2011 17:45:41 | Computer Name = SERVIDOR | Source = SideBySide | ID = 16842815

Description = Falha na geração de contexto de ativação para "C:\Program Files\Common

Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Erro no arquivo de manifesto ou de

diretiva C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll", na

linha 3. O valor "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

do atributo version no elemento assemblyIdentity é inválido.

Error - 27/01/2011 18:04:54 | Computer Name = SERVIDOR | Source = SideBySide | ID = 16842815

Description = Falha na geração de contexto de ativação para "C:\Program Files\Common

Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Erro no arquivo de manifesto ou de

diretiva C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll", na

linha 3. O valor "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

do atributo version no elemento assemblyIdentity é inválido.

Error - 27/01/2011 18:11:09 | Computer Name = SERVIDOR | Source = Application Error | ID = 1000

Description = Nome de aplicativo com falha: lpksetup.exe, versão: 6.1.7600.16385,

carimbo de hora: 0x4a5bc613 Nome do módulo de falhas: msvcrt.dll, versão: 7.0.7600.16385,

carimbo de hora: 0x4a5bda6f Código de exceção: 0x40000015 Deslocamento com falha:

0x00056202 Identificação do processo com falha: 0xc4 Hora de início do aplicativo

com falha: 0x01cbbe6f17ee902b Caminho do aplicativo com falha: C:\Windows\system32\lpksetup.exe

FCaminho

do módulo de falhas: C:\Windows\system32\msvcrt.dll Identificação do Relatório:

5780b3c3-2a62-11e0-a9c2-00e04cd14390

Error - 28/01/2011 08:11:39 | Computer Name = SERVIDOR | Source = SideBySide | ID = 16842815

Description = Falha na geração de contexto de ativação para "C:\Program Files\Common

Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Erro no arquivo de manifesto ou de

diretiva C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll", na

linha 3. O valor "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

do atributo version no elemento assemblyIdentity é inválido.

Error - 28/01/2011 08:17:52 | Computer Name = SERVIDOR | Source = Application Error | ID = 1000

Description = Nome de aplicativo com falha: lpksetup.exe, versão: 6.1.7600.16385,

carimbo de hora: 0x4a5bc613 Nome do módulo de falhas: msvcrt.dll, versão: 7.0.7600.16385,

carimbo de hora: 0x4a5bda6f Código de exceção: 0x40000015 Deslocamento com falha:

0x00056202 Identificação do processo com falha: 0xd40 Hora de início do aplicativo

com falha: 0x01cbbee56060c4ae Caminho do aplicativo com falha: C:\Windows\system32\lpksetup.exe

FCaminho

do módulo de falhas: C:\Windows\system32\msvcrt.dll Identificação do Relatório:

a0737295-2ad8-11e0-ae12-00e04cd14390

Error - 28/01/2011 18:45:52 | Computer Name = SERVIDOR | Source = Application Error | ID = 1000

Description = Nome de aplicativo com falha: mbam.exe, versão: 1.50.1.3, carimbo

de hora: 0x4d0fe807 Nome do módulo de falhas: ntdll.dll, versão: 6.1.7600.16385,

carimbo de hora: 0x4a5bdadb Código de exceção: 0xc0000374 Deslocamento com falha:

0x000c283b Identificação do processo com falha: 0x574 Hora de início do aplicativo

com falha: 0x01cbbf3bcb8f5c9a Caminho do aplicativo com falha: C:\Program Files\Malwarebytes'

Anti-Malware\mbam.exe FCaminho do módulo de falhas: C:\Windows\SYSTEM32\ntdll.dll

Identificação

do Relatório: 5b40eceb-2b30-11e0-aa62-00e04cd14390

Error - 29/01/2011 08:11:25 | Computer Name = SERVIDOR | Source = SideBySide | ID = 16842815

Description = Falha na geração de contexto de ativação para "C:\Program Files\Common

Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Erro no arquivo de manifesto ou de

diretiva C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll", na

linha 3. O valor "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

do atributo version no elemento assemblyIdentity é inválido.

Error - 29/01/2011 08:50:03 | Computer Name = SERVIDOR | Source = Application Error | ID = 1000

Description = Nome de aplicativo com falha: lpksetup.exe, versão: 6.1.7600.16385,

carimbo de hora: 0x4a5bc613 Nome do módulo de falhas: msvcrt.dll, versão: 7.0.7600.16385,

carimbo de hora: 0x4a5bda6f Código de exceção: 0x40000015 Deslocamento com falha:

0x00056202 Identificação do processo com falha: 0x1598 Hora de início do aplicativo

com falha: 0x01cbbfb309438964 Caminho do aplicativo com falha: C:\Windows\system32\lpksetup.exe

FCaminho

do módulo de falhas: C:\Windows\system32\msvcrt.dll Identificação do Relatório:

49bef3d7-2ba6-11e0-a9e8-00e04cd14390

Error - 29/01/2011 10:40:26 | Computer Name = SERVIDOR | Source = SideBySide | ID = 16842815

Description = Falha na geração de contexto de ativação para "C:\Program Files\Common

Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Erro no arquivo de manifesto ou de

diretiva C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll", na

linha 3. O valor "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"

do atributo version no elemento assemblyIdentity é inválido.

Error - 29/01/2011 20:42:15 | Computer Name = SERVIDOR | Source = Application Hang | ID = 1002

Description = O programa OTL.exe versão 3.2.20.6 parou de interagir com o Windows

e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique

o histórico de problemas no painel de controle da Central de Ações. ID de Processo:

bd8 Hora de Início: 01cbc0165f422bca Hora de Término: 0 Caminho do Aplicativo: C:\Users\TecBits\Desktop\OTL.exe

Id

do Relatório:

[ Media Center Events ]

Error - 14/01/2011 10:07:12 | Computer Name = SERVIDOR | Source = MCUpdate | ID = 0

Description = 12:07:12 - Erro ao estabelecer conexão com a Internet. 12:07:12 -

Não foi possível contatar o servidor..

Error - 14/01/2011 10:07:45 | Computer Name = SERVIDOR | Source = MCUpdate | ID = 0

Description = 12:07:41 - Erro ao estabelecer conexão com a Internet. 12:07:41 -

Não foi possível contatar o servidor..

Error - 19/01/2011 07:05:40 | Computer Name = SERVIDOR | Source = MCUpdate | ID = 0

Description = 09:05:36 - Erro ao estabelecer conexão com a Internet. 09:05:36 -

Não foi possível contatar o servidor..

Error - 21/01/2011 10:33:04 | Computer Name = SERVIDOR | Source = MCUpdate | ID = 0

Description = 12:33:03 - Erro ao estabelecer conexão com a Internet. 12:33:04 -

Não foi possível contatar o servidor..

Error - 24/01/2011 06:49:45 | Computer Name = SERVIDOR | Source = MCUpdate | ID = 0

Description = 08:49:39 - Erro ao estabelecer conexão com a Internet. 08:49:40 -

Não foi possível contatar o servidor..

Error - 24/01/2011 08:14:22 | Computer Name = SERVIDOR | Source = MCUpdate | ID = 0

Description = 10:14:17 - Erro ao estabelecer conexão com a Internet. 10:14:17 -

Não foi possível contatar o servidor..

[ OSession Events ]

Error - 20/01/2011 17:45:14 | Computer Name = SERVIDOR | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 37

seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]

Error - 28/01/2011 20:30:32 | Computer Name = SERVIDOR | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço Conexões de Rede devido ao seguinte

erro: %%1115

Error - 28/01/2011 20:30:32 | Computer Name = SERVIDOR | Source = Service Control Manager | ID = 7038

Description = O serviço WdiServiceHost não pôde fazer logon como NT AUTHORITY\LocalService

com a senha configurada atualmente devido ao seguinte erro: %%50 Para verificar

se o serviço está configurado corretamente, use o snap-in de Serviços do Console

de Gerenciamento Microsoft.

Error - 28/01/2011 20:30:32 | Computer Name = SERVIDOR | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço Host do Serviço de Diagnóstico

devido ao seguinte erro: %%1069

Error - 28/01/2011 20:30:32 | Computer Name = SERVIDOR | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço Serviço Enumerador de Dispositivos

Portáteis devido ao seguinte erro: %%1115

Error - 28/01/2011 20:30:32 | Computer Name = SERVIDOR | Source = Service Control Manager | ID = 7000

Description = Não foi possível iniciar o serviço Experiência com Aplicativo devido

ao seguinte erro: %%1115

Error - 28/01/2011 20:30:33 | Computer Name = SERVIDOR | Source = Service Control Manager | ID = 7023

Description = O serviço Server terminou com o erro: %%1062

Error - 29/01/2011 08:55:40 | Computer Name = SERVIDOR | Source = Microsoft-Windows-HAL | ID = 12

Description = O firmware da plataforma corrompeu a memória na transição de energia

anterior. Use um firmware atualizado em seu sistema.

Error - 29/01/2011 09:34:01 | Computer Name = SERVIDOR | Source = EventLog | ID = 6008

Description = O desligamento anterior do sistema em 11:30:41 às ?29/?01/?2011 não

era esperado.

Error - 29/01/2011 20:35:38 | Computer Name = SERVIDOR | Source = EventLog | ID = 6008

Description = O desligamento anterior do sistema em 22:33:48 às ?29/?01/?2011 não

era esperado.

Error - 29/01/2011 20:35:42 | Computer Name = SERVIDOR | Source = BugCheck | ID = 1001

Description =

< End of report >

**********************

Versão Office

2003 e 2007

**********************

wings · Janeiro 30, 2011

Você colou apenas o relatório Extras.txt

Cole o relatório OTL.txt localizado no desktop.

Instale as atualizações:

http://www.microsoft.com/downloads/details.aspx?FamilyID=ed5b9671-651d-41f3-aed3-93ee8a28657f&DisplayLang=pt-br

http://www.microsoft.com/downloads/results.aspx?pocId=&freetext=KB2251419&DisplayLang=pt-br

maniagames100% · Janeiro 30, 2011

Você colou apenas o relatório Extras.txt

Cole o relatório OTL.txt localizado no desktop.

ok

segue abaixo

OTL logfile created on: 29/01/2011 22:42:41 - Run 1

OTL by OldTimer - Version 3.2.20.6 Folder = C:\Users\TecBits\Desktop

An unknown product (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 61,00% Memory free

4,00 Gb Paging File | 3,00 Gb Available in Paging File | 78,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 100,71 Gb Total Space | 52,47 Gb Free Space | 52,10% Space Free | Partition Type: NTFS

Drive D: | 365,05 Gb Total Space | 276,14 Gb Free Space | 75,64% Space Free | Partition Type: NTFS

Computer Name: SERVIDOR | User Name: TecBits | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/29 21:09:18 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\TecBits\Desktop\OTL.exe

PRC - [2011/01/13 06:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\Alwil Software\Avast5\AvastUI.exe

PRC - [2011/01/13 06:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\Alwil Software\Avast5\AvastSvc.exe

PRC - [2011/01/06 11:35:35 | 000,394,104 | ---- | M] (BitTorrent, Inc.) -- C:\Arquivos de Programas\uTorrent\uTorrent.exe

PRC - [2010/12/28 10:43:18 | 000,054,664 | ---- | M] ( ) -- C:\Arquivos de Programas\GbPlugin\GbpSv.exe

PRC - [2010/12/03 11:26:18 | 011,313,152 | ---- | M] (Nextar) -- C:\nexcafe\NexServ.exe

PRC - [2010/09/21 14:03:14 | 001,710,464 | ---- | M] (Microsoft Corp.) -- C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

PRC - [2010/09/21 14:03:14 | 000,193,408 | ---- | M] (Microsoft Corp.) -- C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

PRC - [2009/07/24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Arquivos de Programas\Common Files\Protexis\License Service\PsiService_2.exe

PRC - [2009/07/13 23:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Windows Media Player\wmpnetwk.exe

PRC - [2009/07/13 23:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2009/07/13 23:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Windows Sidebar\sidebar.exe

PRC - [2009/07/13 23:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009/07/13 23:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe

PRC - [2009/04/10 04:34:11 | 000,253,952 | ---- | M] () -- C:\Arquivos de Programas\Xerox\Xerox WorkCentre 3210\PSU\Scan2pc.exe

PRC - [2009/04/08 09:26:19 | 000,557,056 | ---- | M] () -- C:\Windows\Xerox\PanelMgr\SSMMgr.exe

PRC - [2008/06/13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Arquivos de Programas\Firebird\Firebird_2_1\bin\fbguard.exe

PRC - [2008/06/13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) -- C:\Arquivos de Programas\Firebird\Firebird_2_1\bin\fbserver.exe

PRC - [2007/02/10 11:29:54 | 029,178,224 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

PRC - [2007/02/10 11:29:47 | 000,242,544 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Microsoft SQL Server\90\Shared\sqlbrowser.exe

PRC - [2007/02/10 05:29:56 | 000,089,968 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Microsoft SQL Server\90\Shared\sqlwriter.exe

PRC - [2006/10/27 00:47:42 | 000,031,016 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Microsoft Office\Office12\GrooveMonitor.exe

========== Modules (SafeList) ==========

MOD - [2011/01/29 21:09:18 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\TecBits\Desktop\OTL.exe

MOD - [2011/01/13 06:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Arquivos de Programas\Alwil Software\Avast5\snxhk.dll

MOD - [2009/07/13 23:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll

MOD - [2009/07/13 23:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll

MOD - [2009/07/13 23:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll

MOD - [2009/07/13 23:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll

MOD - [2009/07/13 23:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll

MOD - [2009/07/13 23:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll

MOD - [2009/07/13 23:15:13 | 000,717,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dui70.dll

MOD - [2009/07/13 23:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll

MOD - [2009/07/13 23:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll

MOD - [2009/07/13 23:15:10 | 000,484,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DeviceCenter.dll

MOD - [2009/07/13 23:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll

MOD - [2009/07/13 23:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll

MOD - [2009/07/13 23:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

========== Win32 Services (SafeList) ==========

SRV - File not found [unknown | Stopped] -- -- (WatAdminSvc)

SRV - [2011/01/16 19:28:01 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)

SRV - [2011/01/13 06:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2010/12/28 10:43:18 | 000,054,664 | ---- | M] ( ) [unknown | Running] -- C:\Arquivos de Programas\GbPlugin\GbpSv.exe -- (GbpSv)

SRV - [2009/07/24 19:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)

SRV - [2009/07/13 23:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)

SRV - [2009/07/13 23:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)

SRV - [2009/07/13 23:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)

SRV - [2009/07/13 23:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)

SRV - [2009/07/13 23:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)

SRV - [2009/07/13 23:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)

SRV - [2009/07/13 23:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)

SRV - [2009/07/13 23:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/13 23:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

SRV - [2009/07/13 23:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)

SRV - [2009/07/13 23:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)

SRV - [2009/07/13 23:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)

SRV - [2009/07/13 23:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)

SRV - [2009/07/13 23:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de Programas\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2009/07/13 23:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)

SRV - [2009/07/13 23:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009/07/13 23:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)

SRV - [2009/07/13 23:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)

SRV - [2009/07/13 23:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)

SRV - [2009/07/13 23:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) Instalador do ActiveX (AxInstSV)

SRV - [2009/07/13 23:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)

SRV - [2009/07/13 23:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)

SRV - [2008/08/15 05:46:20 | 000,284,016 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe -- (Adobe Version Cue CS4)

SRV - [2008/06/13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)

SRV - [2008/06/13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)

========== Driver Services (SafeList) ==========

DRV - [2011/01/13 06:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2011/01/13 06:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2011/01/13 06:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2011/01/13 06:37:19 | 000,051,280 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV - [2011/01/13 06:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2010/12/28 10:46:30 | 000,046,600 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\gbpkm.sys -- (GbpKm)

DRV - [2009/07/13 23:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)

DRV - [2009/07/13 23:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)

DRV - [2009/07/13 23:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)

DRV - [2009/07/13 23:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)

DRV - [2009/07/13 23:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)

DRV - [2009/07/13 23:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)

DRV - [2009/07/13 23:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)

DRV - [2009/07/13 23:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)

DRV - [2009/07/13 23:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)

DRV - [2009/07/13 23:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)

DRV - [2009/07/13 23:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)

DRV - [2009/07/13 23:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)

DRV - [2009/07/13 23:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)

DRV - [2009/07/13 23:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)

DRV - [2009/07/13 23:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)

DRV - [2009/07/13 23:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)

DRV - [2009/07/13 23:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)

DRV - [2009/07/13 23:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2009/07/13 23:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)

DRV - [2009/07/13 23:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)

DRV - [2009/07/13 23:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)

DRV - [2009/07/13 23:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)

DRV - [2009/07/13 23:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)

DRV - [2009/07/13 23:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)

DRV - [2009/07/13 23:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)

DRV - [2009/07/13 23:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)

DRV - [2009/07/13 23:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)

DRV - [2009/07/13 23:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)

DRV - [2009/07/13 23:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)

DRV - [2009/07/13 23:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)

DRV - [2009/07/13 23:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)

DRV - [2009/07/13 23:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)

DRV - [2009/07/13 23:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)

DRV - [2009/07/13 23:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)

DRV - [2009/07/13 23:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)

DRV - [2009/07/13 23:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)

DRV - [2009/07/13 23:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)

DRV - [2009/07/13 23:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)

DRV - [2009/07/13 23:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)

DRV - [2009/07/13 23:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)

DRV - [2009/07/13 23:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)

DRV - [2009/07/13 23:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)

DRV - [2009/07/13 23:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)

DRV - [2009/07/13 22:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2009/07/13 22:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)

DRV - [2009/07/13 22:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)

DRV - [2009/07/13 21:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)

DRV - [2009/07/13 21:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)

DRV - [2009/07/13 21:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)

DRV - [2009/07/13 21:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)

DRV - [2009/07/13 21:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)

DRV - [2009/07/13 21:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)

DRV - [2009/07/13 21:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)

DRV - [2009/07/13 21:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)

DRV - [2009/07/13 21:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)

DRV - [2009/07/13 21:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)

DRV - [2009/07/13 21:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)

DRV - [2009/07/13 21:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)

DRV - [2009/07/13 21:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)

DRV - [2009/07/13 21:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)

DRV - [2009/07/13 21:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)

DRV - [2009/07/13 21:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)

DRV - [2009/07/13 20:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2009/07/13 20:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)

DRV - [2009/07/13 20:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)

DRV - [2009/07/13 20:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)

DRV - [2009/07/13 20:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)

DRV - [2009/07/13 20:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)

DRV - [2009/07/13 20:02:52 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)

DRV - [2009/07/13 20:02:52 | 000,043,008 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)

DRV - [2009/07/13 20:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)

DRV - [2009/07/13 20:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)

DRV - [2009/07/13 20:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)

DRV - [2009/06/10 19:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2008/10/28 11:08:05 | 000,041,984 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\DgivEcp.sys -- (DgiVecp)

DRV - [2008/10/27 23:25:20 | 000,005,120 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)

DRV - [2008/08/14 07:57:42 | 000,074,720 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adfs.sys -- (adfs)

DRV - [2007/04/13 17:42:16 | 000,068,096 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Arquivos de Programas\UltraISO\drivers\ISODrive.sys -- (ISODrive)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2728769159-2390584043-3335987615-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/

IE - HKU\S-1-5-21-2728769159-2390584043-3335987615-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-2728769159-2390584043-3335987615-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br

IE - HKU\S-1-5-21-2728769159-2390584043-3335987615-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3E 6F 4F 8E A1 AD CB 01 [binary data]

IE - HKU\S-1-5-21-2728769159-2390584043-3335987615-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "google.com"

FF - prefs.js..extensions.enabledItems: {87F8774F-B485-47E2-A755-A40A8A5E886C}:1.0.18.2

FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/01/06 11:27:25 | 000,000,000 | ---D | M]

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/01/27 10:51:27 | 000,000,000 | ---D | M]

[2011/01/06 11:28:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TecBits\AppData\Roaming\mozilla\Extensions

[2011/01/28 14:42:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\TecBits\AppData\Roaming\mozilla\Firefox\Profiles\mskbhi5y.default\extensions

[2011/01/12 16:14:42 | 000,000,000 | ---D | M] ("Módulo de Segurança - Banco do Brasil") -- C:\Users\TecBits\AppData\Roaming\mozilla\Firefox\Profiles\mskbhi5y.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}

[2011/01/28 14:42:57 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de Programas\Mozilla Firefox\extensions

[2011/01/15 08:08:56 | 000,000,000 | ---D | M] (Skype extension) -- C:\Arquivos de Programas\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

[2011/01/24 20:09:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Arquivos de Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2011/01/15 08:08:56 | 000,000,000 | ---D | M] (Skype extension) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1}

[2011/01/24 20:09:11 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

[2008/09/10 01:09:32 | 000,079,216 | ---- | M] (Adobe Systems, Inc.) -- C:\Arquivos de Programas\Mozilla Firefox\plugins\npContribute.dll

[2011/01/24 20:08:54 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Arquivos de Programas\Mozilla Firefox\plugins\npdeployJava1.dll

[2010/12/03 15:56:28 | 000,001,027 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\buscape.xml

[2010/12/03 15:56:28 | 000,001,212 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\mercadolivre.xml

[2010/12/03 15:56:28 | 000,001,168 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\wikipedia-br.xml

[2010/12/03 15:56:28 | 000,000,952 | ---- | M] () -- C:\Arquivos de Programas\Mozilla Firefox\searchplugins\yahoo-br.xml

O1 HOSTS File: ([2011/01/12 16:13:20 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Arquivos de Programas\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Arquivos de Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de Programas\GbPlugin\gbieh.dll (Banco do Brasil)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Arquivos de Programas\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Arquivos de Programas\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS4/contributeieplugin.dll ()

O3 - HKU\S-1-5-21-2728769159-2390584043-3335987615-1002\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Arquivos de Programas\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [Adobe_ID0ENQBO] C:\Arquivos de Programas\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4Tray.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [stanley-L_XRX_S2P] C:\Arquivos de Programas\Xerox\Xerox WorkCentre 3210\PSU\Scan2pc.exe ()

O4 - HKLM..\Run: [Xerox PanelMgr] C:\Windows\Xerox\PanelMgr\SSMMgr.exe ()

O4 - HKU\S-1-5-21-2728769159-2390584043-3335987615-1002..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O8 - Extra context menu item: Anexar a PDF existente - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Anexar destino do link a PDF existente - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Converter destino do link em Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Converter em Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de Programas\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Arquivos de Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de Programas\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O13 - gopher Prefix: missing

O15 - HKU\S-1-5-21-2728769159-2390584043-3335987615-1002\..Trusted Domains: bancobrasil.com.br ([www] * in Sites confiáveis)

O15 - HKU\S-1-5-21-2728769159-2390584043-3335987615-1002\..Trusted Domains: bancobrasil.com.br ([www14] * in Sites confiáveis)

O15 - HKU\S-1-5-21-2728769159-2390584043-3335987615-1002\..Trusted Domains: bancobrasil.com.br ([www2] * in Sites confiáveis)

O15 - HKU\S-1-5-21-2728769159-2390584043-3335987615-1002\..Trusted Domains: bb.com.br ([www] * in Sites confiáveis)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de Programas\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de Programas\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de Programas\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de Programas\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de Programas\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de Programas\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Arquivos de Programas\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Arquivos de Programas\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de Programas\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de Programas\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Arquivos de Programas\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - Winlogon\Notify\ GbPluginBb: DllName - C:\Program Files\GbPlugin\gbieh.dll - C:\Arquivos de Programas\GbPlugin\gbieh.dll (Banco do Brasil)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Arquivos de Programas\GbPlugin\gbieh.dll (Banco do Brasil)

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 19:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/29 22:40:28 | 000,602,624 | ---- | C] (OldTimer Tools) -- C:\Users\TecBits\Desktop\OTL.exe

[2011/01/29 22:35:37 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2011/01/29 15:04:28 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{C26C0782-BB4D-4388-B1CB-BA632A514C33}

[2011/01/29 12:59:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab

[2011/01/28 12:43:50 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{30107A76-8A08-492E-8C6A-397D7963022D}

[2011/01/28 09:52:56 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{9CBDBBA3-ED2C-42F1-9A35-27BA2FBE01DB}

[2011/01/27 15:14:40 | 000,000,000 | ---D | C] -- C:\FormOver

[2011/01/27 08:38:49 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{5E47ACDE-981B-4B80-9225-59C7E25A9F2C}

[2011/01/26 08:40:35 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{0296C8B5-11B6-4453-91BC-C91FC1C22DE0}

[2011/01/25 11:20:27 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{1EF0301D-04C7-4646-AE95-EB9300E03E1C}

[2011/01/24 22:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2011/01/24 22:26:54 | 000,000,000 | ---D | C] -- C:\Users\TecBits\Documents\Simply Super Software

[2011/01/24 20:09:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2011/01/24 20:09:37 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Java

[2011/01/24 20:08:50 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Java

[2011/01/24 18:55:22 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Programas RFB

[2011/01/24 18:54:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programas RFB2010

[2011/01/24 18:54:35 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas RFB

[2011/01/24 16:06:49 | 000,000,000 | ---D | C] -- C:\Users\TecBits\Documents\fulano

[2011/01/24 10:19:12 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{5A64F2C2-C27C-4CFC-85D5-C0207579C2B0}

[2011/01/24 10:09:53 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{08D37679-F930-4337-A387-CC4953D12F9D}

[2011/01/23 16:09:02 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{02F522BA-938F-41EE-B174-C21402DED4FE}

[2011/01/22 19:23:42 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{3BE87ED5-2097-4BD4-AAC8-0EF0FEB87A96}

[2011/01/21 20:15:36 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Roaming\Macromedia

[2011/01/21 20:15:36 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Roaming\Adobe

[2011/01/21 17:22:27 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\CrashDumps

[2011/01/21 11:58:53 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{64542DA3-FB16-4623-9064-DCFE08E39F79}

[2011/01/20 12:10:26 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM

[2011/01/20 10:16:01 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{26CFA77E-6AC8-4824-8C4A-77E2D0A8441C}

[2011/01/19 16:03:19 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet

[2011/01/19 10:25:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus

[2011/01/19 10:25:16 | 000,294,608 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys

[2011/01/19 10:25:16 | 000,017,744 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2011/01/19 10:25:11 | 000,023,632 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2011/01/19 10:25:09 | 000,047,440 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2011/01/19 10:25:07 | 000,051,280 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2011/01/19 10:24:53 | 000,038,848 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr

[2011/01/19 10:24:52 | 000,188,216 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

[2011/01/19 10:24:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Alwil Software

[2011/01/19 10:24:49 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Alwil Software

[2011/01/19 09:14:45 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{CDFDA95C-CCA4-4936-BDEC-D417F88382C0}

[2011/01/18 21:14:20 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{31F79AA3-F4E0-43FE-8396-CAA714B3515B}

[2011/01/18 12:29:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton

[2011/01/18 12:29:05 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller

[2011/01/18 12:06:21 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\IsolatedStorage

[2011/01/18 08:35:57 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{AA9D94B0-91BA-429A-A7AD-082974302C36}

[2011/01/17 17:22:17 | 000,000,000 | ---D | C] -- C:\Windows\pss

[2011/01/17 14:17:59 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{00AA3DAD-C04F-46BE-9AFF-B91CD40B3333}

[2011/01/16 23:35:34 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat

[2011/01/16 19:37:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe

[2011/01/16 19:37:19 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Adobe Media Player

[2011/01/16 19:35:20 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Adobe AIR

[2011/01/16 19:31:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS4

[2011/01/16 19:28:01 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Macrovision Shared

[2011/01/16 10:42:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Backup

[2011/01/16 07:36:26 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{B7CA71CE-C0F3-43F9-8AD6-DF6241610834}

[2011/01/15 15:13:03 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{CCF08D51-5AD8-43AD-8E39-86C1B675127A}

[2011/01/15 08:09:32 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Roaming\skypePM

[2011/01/15 08:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2011/01/15 08:08:17 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Skype

[2011/01/15 08:08:15 | 000,000,000 | R--D | C] -- C:\Arquivos de Programas\Skype

[2011/01/15 08:08:15 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Roaming\Skype

[2011/01/15 08:08:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

[2011/01/15 00:59:06 | 000,000,000 | ---D | C] -- C:\Panda Software

[2011/01/14 23:51:13 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{16951CDE-AB69-46E3-A44F-B39572E5B745}

[2011/01/14 12:41:40 | 000,000,000 | ---D | C] -- C:\Users\TecBits\Documents\Minhas paletas

[2011/01/14 12:29:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Corel

[2011/01/14 12:27:56 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Protexis

[2011/01/14 12:25:18 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X5

[2011/01/14 12:13:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraISO

[2011/01/14 12:13:32 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\UltraISO

[2011/01/14 12:13:32 | 000,000,000 | ---D | C] -- C:\Users\TecBits\Documents\My ISO Files

[2011/01/14 12:13:32 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\EZB Systems

[2011/01/14 11:10:12 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\ElevatedDiagnostics

[2011/01/14 08:55:27 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{B631395F-2AF7-45BF-B32F-704CC9A63BF7}

[2011/01/14 08:29:06 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{BF29C15A-B264-4994-8712-F84F3BD0C309}

[2011/01/14 08:25:16 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{40B38EBC-16E9-4B15-8D82-5332CD316533}

[2011/01/13 09:32:59 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{3B380D72-22E6-4036-BA85-FF4E0ED54A77}

[2011/01/13 08:52:16 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{5B70019F-D677-4CC9-9B74-CF68509A5721}

[2011/01/12 21:59:58 | 000,000,000 | ---D | C] -- C:\P

[2011/01/12 17:09:51 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Roaming\VisualMidia

[2011/01/12 16:14:25 | 000,046,600 | ---- | C] (GAS Tecnologia) -- C:\Windows\System32\drivers\GbpKm.sys

[2011/01/12 16:14:12 | 000,000,000 | ---D | C] -- C:\ProgramData\GbPlugin

[2011/01/12 16:14:12 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\GbPlugin

[2011/01/12 14:31:06 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\ShowMyPCService

[2011/01/12 12:40:05 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{3E3CB9BD-BFE6-4917-95D4-79BE9C1F2337}

[2011/01/11 12:44:15 | 000,000,000 | ---D | C] -- C:\Users\TecBits\Documentos

[2011/01/11 10:54:23 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{0592C510-6EBC-44A4-8AA0-E673415FD5C4}

[2011/01/11 01:33:01 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{C4CE7AC9-AE99-4810-A3AB-017CCD71AA4C}

[2011/01/10 11:10:57 | 000,000,000 | ---D | C] -- C:\Users\TecBits\Documents\My Palettes

[2011/01/10 11:10:47 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Roaming\Corel

[2011/01/10 09:41:25 | 000,000,000 | ---D | C] -- C:\Users\TecBits\Documents\Corel

[2011/01/10 09:41:17 | 000,000,000 | ---D | C] -- C:\Users\TecBits\Documents\Visual Studio 2008

[2011/01/10 09:40:01 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft SDKs

[2011/01/10 09:39:59 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft Visual Studio 9.0

[2011/01/10 09:39:24 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Corel

[2011/01/10 09:39:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel

[2011/01/10 09:36:03 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Corel

[2011/01/10 08:55:30 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{C88B5C2E-2F93-42B3-9E71-6AF50DE053BB}

[2011/01/09 15:01:03 | 000,000,000 | ---D | C] -- C:\PenClean

[2011/01/09 10:23:44 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{7F5BFF04-D208-4A0E-B3F7-3C540D9CFDD8}

[2011/01/09 10:23:44 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{6216D987-B70C-4FA4-97CB-76AE1ED83E91}

[2011/01/08 21:23:00 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{018909D0-BBB5-4A86-BE22-70B90AAA8984}

[2011/01/08 19:44:19 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{7DD82BFB-7B27-4DAF-8D95-09DD39C9AA70}

[2011/01/08 17:43:59 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{B5E6A77A-55E6-411B-ACF1-4096A46576A4}

[2011/01/08 13:54:04 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{EEC184E7-E57E-4E20-A7E1-4A9EFFF73D32}

[2011/01/06 21:06:42 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\capcom

[2011/01/06 21:04:27 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\Downloaded Installations

[2011/01/06 21:00:58 | 000,000,000 | ---D | C] -- C:\Users\TecBits\Documents\KONAMI

[2011/01/06 20:42:40 | 000,000,000 | ---D | C] -- C:\Users\TecBits\Documents\NFS Most Wanted

[2011/01/06 19:27:26 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\Adobe

[2011/01/06 19:26:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe

[2011/01/06 19:26:17 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Adobe

[2011/01/06 19:26:17 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Adobe

[2011/01/06 16:09:16 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[2011/01/06 16:09:03 | 000,000,000 | -HSD | C] -- C:\Boot

[2011/01/06 12:20:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sistema Interativo de Ensino

[2011/01/06 12:19:54 | 000,000,000 | ---D | C] -- C:\Windows\msagent

[2011/01/06 12:19:52 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sistema Interativo de Ensino

[2011/01/06 12:19:52 | 000,000,000 | ---D | C] -- C:\Documentos

[2011/01/06 12:19:24 | 000,000,000 | ---D | C] -- C:\Projetos

[2011/01/06 12:03:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005

[2011/01/06 11:47:40 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Roaming\Leadertech

[2011/01/06 11:43:18 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\{C8290211-D0E1-4F76-AC6B-25D277C0CB06}

[2011/01/06 11:43:17 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Roaming\Xerox

[2011/01/06 11:43:16 | 000,041,984 | ---- | C] (Samsung Electronics Co., Ltd.) -- C:\Windows\System32\drivers\DgivEcp.sys

[2011/01/06 11:43:12 | 000,458,752 | ---- | C] (Samsung Software Center) -- C:\Windows\prinst.exe

[2011/01/06 11:43:12 | 000,081,920 | ---- | C] (Samsung Electronics) -- C:\Windows\System32\ssdevm.dll

[2011/01/06 11:43:11 | 000,212,480 | ---- | C] (Eastman Kodak) -- C:\Windows\System32\PCDLIB32.DLL

[2011/01/06 11:43:04 | 000,000,000 | ---D | C] -- C:\Users\TecBits\Tracing

[2011/01/06 11:42:45 | 000,000,000 | -H-D | C] -- C:\Arquivos de Programas\InstallShield Installation Information

[2011/01/06 11:42:43 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\InstallShield

[2011/01/06 11:42:40 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\PSU

[2011/01/06 11:42:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xerox WorkCentre 3210

[2011/01/06 11:42:35 | 000,000,000 | ---D | C] -- C:\Windows\Xerox

[2011/01/06 11:39:22 | 000,049,152 | ---- | C] (Samsung Electronics) -- C:\Windows\System32\Ssusbpn.dll

[2011/01/06 11:38:48 | 000,151,552 | ---- | C] (SS) -- C:\Windows\System32\sxs1mci.exe

[2011/01/06 11:38:48 | 000,065,536 | ---- | C] (SS) -- C:\Windows\System32\sxs1mci.dll

[2011/01/06 11:37:53 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Xerox

[2011/01/06 11:35:35 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\uTorrent

[2011/01/06 11:34:37 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Roaming\uTorrent

[2011/01/06 11:33:45 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft SQL Server

[2011/01/06 11:33:14 | 000,000,000 | ---D | C] -- C:\ServerLic

[2011/01/06 11:30:33 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Windows Live

[2011/01/06 11:30:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

[2011/01/06 11:29:46 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft Silverlight

[2011/01/06 11:27:50 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\Windows Live

[2011/01/06 11:27:49 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\Windows Live

[2011/01/06 11:27:30 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Roaming\Mozilla

[2011/01/06 11:27:30 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\Mozilla

[2011/01/06 11:27:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox

[2011/01/06 11:27:22 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Mozilla Firefox

[2011/01/06 11:16:26 | 000,450,560 | ---- | C] (Firebird Project) -- C:\Windows\System32\GDS32.DLL

[2011/01/06 11:16:23 | 000,462,848 | ---- | C] (IBPhoenix) -- C:\Windows\System32\Firebird2Control.cpl

[2011/01/06 11:16:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.1 (Win32)

[2011/01/06 11:16:18 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Firebird

[2011/01/06 11:16:03 | 000,184,320 | ---- | C] (InfoSpyware - ForoSpyware) -- C:\Users\TecBits\Desktop\MSNCleaner.exe

[2011/01/06 11:14:52 | 000,000,000 | ---D | C] -- C:\DKSOFT

[2011/01/06 11:14:22 | 000,000,000 | ---D | C] -- C:\Users\TecBits\Desktop\SCANNER

[2011/01/06 11:14:21 | 000,000,000 | ---D | C] -- C:\Users\TecBits\Desktop\logo escola

[2011/01/06 11:14:20 | 000,000,000 | ---D | C] -- C:\Users\TecBits\Desktop\backups

[2011/01/06 11:10:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NexCafé

[2011/01/06 11:09:58 | 000,000,000 | ---D | C] -- C:\nexcafe

[2011/01/06 11:07:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2011/01/06 11:07:56 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\CCleaner

[2011/01/06 11:05:31 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Roaming\Malwarebytes

[2011/01/06 11:05:17 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Roaming\WinRAR

[2011/01/06 11:05:04 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2011/01/06 11:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/01/06 11:05:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/01/06 11:05:01 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011/01/06 11:05:01 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Malwarebytes' Anti-Malware

[2011/01/06 11:04:37 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

[2011/01/06 11:04:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

[2011/01/06 11:04:33 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\WinRAR

[2011/01/06 11:04:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed

[2011/01/06 11:03:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

[2011/01/06 11:02:20 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft Works

[2011/01/06 11:02:06 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft Visual Studio

[2011/01/06 11:02:06 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Common Files\DESIGNER

[2011/01/06 11:01:51 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH

[2011/01/06 11:01:51 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft.NET

[2011/01/06 11:00:54 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\Diagnostics

[2011/01/06 11:00:36 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft Visual Studio 8

[2011/01/06 11:00:14 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\Microsoft Help

[2011/01/06 11:00:13 | 000,000,000 | ---D | C] -- C:\Arquivos de Programas\Microsoft Office

[2011/01/06 11:00:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help

[2011/01/06 11:00:11 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

[2011/01/06 10:59:33 | 000,000,000 | RH-D | C] -- C:\MSOCache

[2011/01/06 10:23:08 | 000,000,000 | R--D | C] -- C:\Users\TecBits\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2011/01/06 10:23:08 | 000,000,000 | R--D | C] -- C:\Users\TecBits\Searches

[2011/01/06 10:23:08 | 000,000,000 | R--D | C] -- C:\Users\TecBits\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2011/01/06 10:23:00 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Roaming\Identities

[2011/01/06 10:22:59 | 000,000,000 | R--D | C] -- C:\Users\TecBits\Contacts

[2011/01/06 10:22:55 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\VirtualStore

[2011/01/06 10:22:54 | 000,000,000 | --SD | C] -- C:\Users\TecBits\AppData\Roaming\Microsoft

[2011/01/06 10:22:54 | 000,000,000 | R--D | C] -- C:\Users\TecBits\Videos

[2011/01/06 10:22:54 | 000,000,000 | R--D | C] -- C:\Users\TecBits\Saved Games

[2011/01/06 10:22:54 | 000,000,000 | R--D | C] -- C:\Users\TecBits\Pictures

[2011/01/06 10:22:54 | 000,000,000 | R--D | C] -- C:\Users\TecBits\Music

[2011/01/06 10:22:54 | 000,000,000 | R--D | C] -- C:\Users\TecBits\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2011/01/06 10:22:54 | 000,000,000 | R--D | C] -- C:\Users\TecBits\Links

[2011/01/06 10:22:54 | 000,000,000 | R--D | C] -- C:\Users\TecBits\Favorites

[2011/01/06 10:22:54 | 000,000,000 | R--D | C] -- C:\Users\TecBits\Downloads

[2011/01/06 10:22:54 | 000,000,000 | R--D | C] -- C:\Users\TecBits\Documents

[2011/01/06 10:22:54 | 000,000,000 | R--D | C] -- C:\Users\TecBits\Desktop

[2011/01/06 10:22:54 | 000,000,000 | R--D | C] -- C:\Users\TecBits\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2011/01/06 10:22:54 | 000,000,000 | -HSD | C] -- C:\Users\TecBits\AppData\Local\Temporary Internet Files

[2011/01/06 10:22:54 | 000,000,000 | -HSD | C] -- C:\Users\TecBits\SendTo

[2011/01/06 10:22:54 | 000,000,000 | -HSD | C] -- C:\Users\TecBits\Recent

[2011/01/06 10:22:54 | 000,000,000 | -HSD | C] -- C:\Users\TecBits\Modelos

[2011/01/06 10:22:54 | 000,000,000 | -HSD | C] -- C:\Users\TecBits\Documents\Minhas músicas

[2011/01/06 10:22:54 | 000,000,000 | -HSD | C] -- C:\Users\TecBits\Documents\Minhas imagens

[2011/01/06 10:22:54 | 000,000,000 | -HSD | C] -- C:\Users\TecBits\Documents\Meus vídeos

[2011/01/06 10:22:54 | 000,000,000 | -HSD | C] -- C:\Users\TecBits\Meus documentos

[2011/01/06 10:22:54 | 000,000,000 | -HSD | C] -- C:\Users\TecBits\Menu Iniciar

[2011/01/06 10:22:54 | 000,000,000 | -HSD | C] -- C:\Users\TecBits\AppData\Local\Histórico

[2011/01/06 10:22:54 | 000,000,000 | -HSD | C] -- C:\Users\TecBits\Dados de aplicativos

[2011/01/06 10:22:54 | 000,000,000 | -HSD | C] -- C:\Users\TecBits\AppData\Local\Dados de aplicativos

[2011/01/06 10:22:54 | 000,000,000 | -HSD | C] -- C:\Users\TecBits\Cookies

[2011/01/06 10:22:54 | 000,000,000 | -HSD | C] -- C:\Users\TecBits\Configurações locais

[2011/01/06 10:22:54 | 000,000,000 | -HSD | C] -- C:\Users\TecBits\Ambiente de rede

[2011/01/06 10:22:54 | 000,000,000 | -HSD | C] -- C:\Users\TecBits\Ambiente de impressão

[2011/01/06 10:22:54 | 000,000,000 | -H-D | C] -- C:\Users\TecBits\AppData

[2011/01/06 10:22:54 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\Temp

[2011/01/06 10:22:54 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Local\Microsoft

[2011/01/06 10:22:54 | 000,000,000 | ---D | C] -- C:\Users\TecBits\AppData\Roaming\Media Center Programs

[2011/01/06 10:22:40 | 000,000,000 | -HSD | C] -- C:\Arquivos de Programas\Common Files\Sistema

[2011/01/06 10:22:40 | 000,000,000 | -HSD | C] -- C:\Recovery

[2011/01/06 10:22:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelos

[2011/01/06 10:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas músicas

[2011/01/06 10:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas imagens

[2011/01/06 10:22:40 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Meus vídeos

[2011/01/06 10:22:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Iniciar

[2011/01/06 10:22:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritos

[2011/01/06 10:22:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documentos

[2011/01/06 10:22:40 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dados de aplicativos

[2011/01/06 10:22:40 | 000,000,000 | -HSD | C] -- C:\Arquivos de Programas

[2011/01/06 10:22:40 | 000,000,000 | -HSD | C] -- C:\Arquivos de Programas\Arquivos Comuns

[2011/01/06 10:12:50 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2011/01/06 10:10:21 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

[2011/01/06 10:10:05 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2011/01/29 22:46:58 | 000,700,980 | ---- | M] () -- C:\Windows\System32\prfh0416.dat

[2011/01/29 22:46:58 | 000,653,700 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/01/29 22:46:58 | 000,142,366 | ---- | M] () -- C:\Windows\System32\prfc0416.dat

[2011/01/29 22:46:58 | 000,121,012 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/01/29 22:39:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/01/29 22:39:52 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys

[2011/01/29 22:35:33 | 335,051,420 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2011/01/29 21:11:19 | 000,598,135 | ---- | M] () -- C:\Users\TecBits\Desktop\FORUM IMASTERS.rar

[2011/01/29 21:09:18 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\TecBits\Desktop\OTL.exe

[2011/01/29 12:55:39 | 001,142,955 | ---- | M] () -- C:\Users\TecBits\Desktop\PANFLETO - CORTAR.pdf

[2011/01/28 19:50:01 | 000,000,030 | ---- | M] () -- C:\Users\TecBits\Desktop\avz_log

[2011/01/27 23:41:34 | 000,009,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011/01/27 23:41:33 | 000,009,600 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011/01/22 19:23:05 | 000,531,531 | ---- | M] () -- C:\Users\TecBits\Desktop\tabela preço assistencia pc.xlsx

[2011/01/21 10:23:47 | 002,618,008 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/01/19 16:04:52 | 000,155,318 | ---- | M] () -- C:\Users\TecBits\Desktop\programação da semana nacional da familia.PDF

[2011/01/19 10:25:07 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt

[2011/01/18 14:41:02 | 000,001,263 | ---- | M] () -- C:\Users\TecBits\Desktop\GestaoPedagogica - Atalho.lnk

[2011/01/17 15:02:27 | 000,008,627 | ---- | M] () -- C:\Windows\System32\PAV_FOG.OPC

[2011/01/15 08:09:37 | 000,000,048 | -H-- | M] () -- C:\Windows\System32\ezsidmv.dat

[2011/01/15 08:08:17 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

[2011/01/14 13:09:35 | 000,096,963 | ---- | M] () -- C:\Windows\FontData.fdb

[2011/01/13 06:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

[2011/01/13 06:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe

[2011/01/13 06:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys

[2011/01/13 06:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys

[2011/01/13 06:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys

[2011/01/13 06:37:19 | 000,051,280 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys

[2011/01/13 06:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys

[2011/01/12 16:13:20 | 000,000,824 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.msn

[2011/01/12 16:13:20 | 000,000,824 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2011/01/11 11:26:14 | 000,000,232 | ---- | M] () -- C:\Users\TecBits\Desktop\Comprovante de Inscrição e de Situação Cadastral no CPF.url

[2011/01/06 16:09:04 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

[2011/01/06 12:20:09 | 000,001,485 | ---- | M] () -- C:\Users\Public\Desktop\Sistema Interativo de Ensino.lnk

[2011/01/06 12:04:39 | 000,001,826 | ---- | M] () -- C:\Users\TecBits\Desktop\GerLicenciamento.lnk

[2011/01/06 11:43:17 | 000,008,064 | ---- | M] () -- C:\Users\TecBits\AppData\Roaming\XeroxFaxOptions.xml

[2011/01/06 11:10:34 | 000,000,597 | ---- | M] () -- C:\Users\TecBits\Desktop\NexCafé NexAdmin.lnk

[2011/01/06 11:10:00 | 000,000,608 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NexCafé NexServ.lnk

[2011/01/06 11:09:30 | 000,000,418 | ---- | M] () -- C:\Windows\ODBC.INI

[2011/01/06 10:13:49 | 000,051,938 | ---- | M] () -- C:\Windows\System32\license.rtf

[2011/01/06 10:11:37 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2011/01/02 17:04:08 | 000,016,506 | ---- | M] () -- C:\Users\TecBits\Desktop\cleber - imprimir endereço pedro.docx

========== Files Created - No Company Name ==========

[2011/01/29 22:35:33 | 335,051,420 | ---- | C] () -- C:\Windows\MEMORY.DMP

[2011/01/29 21:11:19 | 000,598,135 | ---- | C] () -- C:\Users\TecBits\Desktop\FORUM IMASTERS.rar

[2011/01/29 12:45:24 | 001,142,955 | ---- | C] () -- C:\Users\TecBits\Desktop\PANFLETO - CORTAR.pdf

[2011/01/28 19:49:38 | 000,000,030 | ---- | C] () -- C:\Users\TecBits\Desktop\avz_log

[2011/01/24 22:26:54 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll

[2011/01/24 22:26:54 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar3.dll

[2011/01/24 22:26:54 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll

[2011/01/24 22:26:54 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll

[2011/01/24 18:55:22 | 000,069,632 | ---- | C] () -- C:\Windows\System32\MSJCE.dll

[2011/01/19 16:04:44 | 000,155,318 | ---- | C] () -- C:\Users\TecBits\Desktop\programação da semana nacional da familia.PDF

[2011/01/18 14:41:01 | 000,001,263 | ---- | C] () -- C:\Users\TecBits\Desktop\GestaoPedagogica - Atalho.lnk

[2011/01/16 18:40:27 | 000,000,979 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat.com.lnk

[2011/01/15 08:09:37 | 000,000,048 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat

[2011/01/15 08:08:17 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk

[2011/01/14 13:09:33 | 000,096,963 | ---- | C] () -- C:\Windows\FontData.fdb

[2011/01/10 18:16:54 | 000,008,627 | ---- | C] () -- C:\Windows\System32\PAV_FOG.OPC

[2011/01/06 19:26:32 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk

[2011/01/06 16:09:04 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK

[2011/01/06 16:09:03 | 000,383,562 | RHS- | C] () -- C:\bootmgr

[2011/01/06 12:20:09 | 000,001,485 | ---- | C] () -- C:\Users\Public\Desktop\Sistema Interativo de Ensino.lnk

[2011/01/06 11:43:17 | 000,008,064 | ---- | C] () -- C:\Users\TecBits\AppData\Roaming\XeroxFaxOptions.xml

[2011/01/06 11:43:12 | 000,172,032 | ---- | C] () -- C:\Windows\System32\SecSNMP.dll

[2011/01/06 11:43:12 | 000,094,208 | ---- | C] () -- C:\Windows\System32\XeroxFaxPort.dll

[2011/01/06 11:43:11 | 000,000,422 | ---- | C] () -- C:\Windows\System32\ltocx13.lic

[2011/01/06 11:42:37 | 000,483,328 | ---- | C] () -- C:\Windows\ssndii.exe

[2011/01/06 11:41:40 | 000,110,592 | R--- | C] () -- C:\Windows\Wiainst.exe

[2011/01/06 11:39:14 | 000,147,456 | ---- | C] () -- C:\Windows\System32\SaMinDrv.dll

[2011/01/06 11:39:14 | 000,027,136 | ---- | C] () -- C:\Windows\System32\SaImgFlt.dll

[2011/01/06 11:39:14 | 000,011,264 | ---- | C] () -- C:\Windows\System32\SaSegFlt.dll

[2011/01/06 11:39:14 | 000,010,752 | ---- | C] () -- C:\Windows\System32\SaErHdlr.dll

[2011/01/06 11:38:57 | 000,022,723 | ---- | C] () -- C:\Windows\System32\sxs1ml3.dll

[2011/01/06 11:38:57 | 000,000,361 | ---- | C] () -- C:\Windows\System32\sxs1ml3.smt

[2011/01/06 11:35:15 | 000,002,432 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk

[2011/01/06 11:16:07 | 000,001,107 | ---- | C] () -- C:\Users\TecBits\Desktop\WorkCentre 3210 - Atalho.lnk

[2011/01/06 11:16:06 | 000,531,531 | ---- | C] () -- C:\Users\TecBits\Desktop\tabela preço assistencia pc.xlsx

[2011/01/06 11:16:06 | 000,336,204 | ---- | C] () -- C:\Users\TecBits\Desktop\Tabela de preços 2010-06D XY-DISTRIBUIDORA.pdf

[2011/01/06 11:16:06 | 000,041,984 | ---- | C] () -- C:\Users\TecBits\Desktop\Relação de cursos e carga horária.xls

[2011/01/06 11:16:06 | 000,011,988 | ---- | C] () -- C:\Users\TecBits\Desktop\QUESTÕES IMPRIMIR.docx

[2011/01/06 11:16:05 | 000,122,993 | ---- | C] () -- C:\Users\TecBits\Desktop\PERGUNTAS PARA MIM RESPONDER URGENTE.pdf

[2011/01/06 11:16:02 | 000,762,880 | ---- | C] () -- C:\Users\TecBits\Desktop\GTOT_Juros.exe

[2011/01/06 11:16:02 | 000,434,226 | ---- | C] () -- C:\Users\TecBits\Desktop\escola premio.cdr

[2011/01/06 11:16:02 | 000,406,348 | ---- | C] () -- C:\Users\TecBits\Desktop\CLEBERSON AUTOCAD.dwg

[2011/01/06 11:16:02 | 000,031,657 | ---- | C] () -- C:\Users\TecBits\Desktop\DISTRIBUIDORES INFORMATICA mato grosso telefones.docx

[2011/01/06 11:16:02 | 000,016,506 | ---- | C] () -- C:\Users\TecBits\Desktop\cleber - imprimir endereço pedro.docx

[2011/01/06 11:16:02 | 000,001,826 | ---- | C] () -- C:\Users\TecBits\Desktop\GerLicenciamento.lnk

[2011/01/06 11:16:02 | 000,001,410 | ---- | C] () -- C:\Users\TecBits\Desktop\dksoft.exe.lnk

[2011/01/06 11:16:02 | 000,001,153 | ---- | C] () -- C:\Users\TecBits\Desktop\Modelo Curriculo - Atalho.lnk

[2011/01/06 11:16:02 | 000,000,917 | ---- | C] () -- C:\Users\TecBits\Desktop\µTorrent.lnk

[2011/01/06 11:16:02 | 000,000,780 | ---- | C] () -- C:\Users\TecBits\Desktop\CURRICULO CLIENTES - Atalho.lnk

[2011/01/06 11:16:02 | 000,000,232 | ---- | C] () -- C:\Users\TecBits\Desktop\Comprovante de Inscrição e de Situação Cadastral no CPF.url

[2011/01/06 11:16:02 | 000,000,161 | ---- | C] () -- C:\Users\TecBits\Desktop\== DETRAN - MT== Informações de Veículo.url

[2011/01/06 11:16:02 | 000,000,158 | ---- | C] () -- C:\Users\TecBits\Desktop\Certidão de Antecedentes Criminais.url

[2011/01/06 11:16:02 | 000,000,108 | ---- | C] () -- C:\Users\TecBits\Desktop\192.168.1.1.url

[2011/01/06 11:10:34 | 000,000,597 | ---- | C] () -- C:\Users\TecBits\Desktop\NexCafé NexAdmin.lnk

[2011/01/06 11:10:00 | 000,000,608 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NexCafé NexServ.lnk

[2011/01/06 11:09:30 | 000,000,418 | ---- | C] () -- C:\Windows\ODBC.INI

[2011/01/06 10:23:09 | 000,001,393 | ---- | C] () -- C:\Users\TecBits\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2011/01/06 10:13:29 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

[2011/01/06 10:13:22 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

[2011/01/06 10:11:37 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2011/01/06 10:10:05 | 1609,424,896 | -HS- | C] () -- C:\hiberfil.sys

[2009/07/13 21:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009/07/13 21:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2003/04/07 11:30:02 | 000,005,383 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI

========== LOP Check ==========

[2011/01/06 11:47:40 | 000,000,000 | ---D | M] -- C:\Users\TecBits\AppData\Roaming\Leadertech

[2011/01/29 22:50:11 | 000,000,000 | ---D | M] -- C:\Users\TecBits\AppData\Roaming\uTorrent

[2011/01/21 19:44:38 | 000,000,000 | ---D | M] -- C:\Users\TecBits\AppData\Roaming\VisualMidia

[2011/01/06 11:43:17 | 000,000,000 | ---D | M] -- C:\Users\TecBits\AppData\Roaming\Xerox

[2009/07/14 02:53:46 | 000,019,000 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 204 bytes -> C:\Windows\System32\drivers:GbpKmAp.lst

@Alternate Data Stream - 2 bytes -> C:\Windows\System32:9B156A25_Bb.gbp

@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:CB0AACC9

< End of report >

Atualizaões para o office??? Pq??

wings · Janeiro 30, 2011

Seu caso não é comum...

Não trata-se de uma contaminação.

http://translate.google.com.br/translate?hl=pt-BR&sl=en&u=http://forum.avast.com/index.php%3Ftopic%3D62425.0&ei=m-RETbGjMpGSgQfHsrj1AQ&sa=X&oi=translate&ct=result&resnum=7&ved=0CFgQ7gEwBg&prev=/search%3Fq%3DLNK:RUNNER%26hl%3Dpt-BR%26biw%3D1024%26bih%3D506%26prmd%3Divnsfd

Se inglês não for problema:

https://forum.avast.com/index.php?topic=37542.60

Boletins da Microsoft recomendam estas atualizações.

Trata-se de um exploit que está sendo bloqueado pelo Avast.

O log do OTL está limpo.

*Execute o OTL e clique [Limpeza] > [OK]

*O PC será reiniciado

Se o Windows for original, mantenha as atualizações automáticas.

Use o Advanced Systemcare

Um abraço.

maniagames100% · Janeiro 30, 2011

Instale as atualizações:

http://www.microsoft...splayLang=pt-br

http://www.microsoft...splayLang=pt-br

Aceitei os termos, mas, aparece uma msg que o programa esperado não foi encontrado!

(fazendo essa atualização, resolveria o problema?)

Não trata-se de uma contaminação

Pelo que visualizei, o avast bloqueia e move para quarentena, parece espalhar diversos atalhos de arquivos do proprio disco e tbm cria links de atalhos de diversos sites, o atalho ao tetar se criado o avast bloqueia a ação.

Msg avast ==> Objeto: (mostra o caminho, no final mostra tipo do arquivo ex: 1120_1564sfh9465etcetc.lnk)

infecção LNK:Runner

Ação: movido para a quarentena

Processo: PID 4

Se o Windows for original, mantenha as atualizações automáticas.

Não é original! Windows Seven, está em contagem de teste- tenho que craquear.. rsrs

Use o Advanced Systemcare

Ok, irei instalar no pc..

Vlw...

wings · Janeiro 30, 2011

Instale então o SP2 para o Office 2007.

http://www.microsoft.com/downloads/details.aspx?familyid=b444bf18-79ea-46c6-8a81-9db49b4ab6e5&displaylang=pt-br

maniagames100% · Janeiro 30, 2011

wings
instale então o SP2 para o Office 2007.

http://www.microsoft.com/downloads/details.aspx?familyid=b444bf18-79ea-46c6-8a81-9db49b4ab6e5&displaylang=pt-br

Ok, estou fazendo o download!!

Editei o post anterior!!!

Pelo que visualizei, o avast bloqueia e move para quarentena, parece espalhar diversos atalhos de arquivos do proprio disco e tbm cria links de atalhos de diversos sites, o atalho ao tetar se criado o avast bloqueia a ação.

Msg avast ==> Objeto: (mostra o caminho, no final mostra tipo do arquivo ex: 1120_1564sfh9465etcetc.lnk)

infecção LNK:Runner

Ação: movido para a quarentena

Processo: PID 4

wings · Janeiro 30, 2011

OK...

*Desative temporariamente seu antivírus

*Baixe o ComboFix e salve-o no desktop

*Clique com o botão direito do mouse no combofix e selecione "Executar como administrador" e aceite o contrato

*Aguarde a conclusão de todas as etapas

*Não use o mouse nem o teclado durante a execução das etapas!!

*Cole o relatório C:\combofix.txt

maniagames100% · Janeiro 30, 2011

ComboFix 11-01-29.03 - TecBits 30/01/2011 19:11:21.1.2 - x86

Microsoft Windows 7 Professional 6.1.7600.0.1252.55.1046.18.2046.1080 [GMT -2:00]

Executando de: c:\users\TecBits\Desktop\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}

SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

ADS - system32: deleted 2 bytes in 1 streams.

ADS - drivers: deleted 204 bytes in 1 streams.

((((((((((((((((((((((((((((((((((((( Outras Exclusões )))))))))))))))))))))))))))))))))))))))))))))))))))

.

((((((((((((((((((((((((((((((((((((((( Drivers/Serviços )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Service_GbpSv

(((((((((((((((( Arquivos/Ficheiros criados de 2010-12-28 to 2011-01-30 ))))))))))))))))))))))))))))

.

2011-01-30 21:18 . 2011-01-30 21:18 -------- d-----w- c:\users\Default\AppData\Local\temp

2011-01-30 19:10 . 2011-01-30 19:10 -------- d-----w- C:\MSNCleaner

2011-01-30 16:50 . 2010-12-13 19:03 28496 ----a-w- c:\windows\system32\SmartDefragBootTime.exe

2011-01-30 16:50 . 2010-11-26 20:02 15672 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys

2011-01-27 17:14 . 2011-01-27 17:14 -------- d-----w- C:\FormOver

2011-01-25 00:26 . 2006-06-19 14:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll

2011-01-25 00:26 . 2006-05-25 16:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll

2011-01-25 00:26 . 2005-08-26 02:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll

2011-01-25 00:26 . 2003-02-02 21:06 153088 ----a-w- c:\windows\system32\unrar3.dll

2011-01-25 00:26 . 2002-03-06 02:00 75264 ----a-w- c:\windows\system32\unacev2.dll

2011-01-24 22:09 . 2011-01-24 22:08 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-01-24 20:55 . 2010-08-09 16:29 69632 ----a-w- c:\windows\system32\MSJCE.dll

2011-01-24 20:54 . 2011-01-24 20:54 -------- d-----w- C:\Arquivos de Programas RFB

2011-01-19 12:25 . 2011-01-13 08:41 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys

2011-01-19 12:25 . 2011-01-13 08:37 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2011-01-19 12:25 . 2011-01-13 08:37 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2011-01-19 12:25 . 2011-01-13 08:40 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2011-01-19 12:25 . 2011-01-13 08:37 51280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys

2011-01-19 12:24 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr

2011-01-19 12:24 . 2011-01-13 08:47 188216 ----a-w- c:\windows\system32\aswBoot.exe

2011-01-17 01:35 . 2011-01-25 00:54 -------- d-----w- c:\windows\system32\Wat

2011-01-16 20:47 . 2008-04-07 07:38 22872 ----a-r- c:\windows\system32\AdobePDFUI.dll

2011-01-16 20:42 . 2009-09-04 19:29 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll

2011-01-16 20:41 . 2009-09-04 19:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll

2011-01-16 20:41 . 2008-10-15 08:22 4379984 ----a-w- c:\windows\system32\D3DX9_40.dll

2011-01-16 20:40 . 2007-07-19 20:14 3727720 ----a-w- c:\windows\system32\d3dx9_35.dll

2011-01-16 20:40 . 2007-05-16 18:45 3497832 ----a-w- c:\windows\system32\d3dx9_34.dll

2011-01-12 23:59 . 2011-01-12 23:59 -------- d-----w- C:\P

2011-01-12 18:14 . 2010-12-28 12:46 46600 ----a-w- c:\windows\system32\drivers\GbpKm.sys

2011-01-06 18:09 . 2011-01-06 12:22 -------- d-----w- c:\windows\Panther

2011-01-06 18:09 . 2011-01-06 18:09 -------- d-----w- C:\Boot

2011-01-06 14:19 . 2010-09-01 16:47 -------- d-----w- c:\windows\msagent

2011-01-06 14:19 . 2011-01-06 14:19 -------- d-----w- C:\Documentos

2011-01-06 13:42 . 2009-04-08 02:29 483328 ----a-w- c:\windows\ssndii.exe

2011-01-06 13:42 . 2008-10-28 08:52 82432 ----a-w- c:\windows\system32\msxml4r.dll

2011-01-06 13:42 . 2008-10-28 08:52 44544 ----a-w- c:\windows\system32\msxml4a.dll

2011-01-06 13:42 . 2008-10-28 08:52 1233920 ----a-w- c:\windows\system32\msxml4.dll

2011-01-06 13:42 . 2008-10-28 08:52 38160 ----a-w- c:\windows\system32\msxml2r.dll

2011-01-06 13:42 . 2008-10-28 08:52 21776 ----a-w- c:\windows\system32\msxml2a.dll

2011-01-06 13:42 . 2008-10-28 08:52 701440 ----a-w- c:\windows\system32\msxml2.dll

2011-01-06 13:42 . 2011-01-06 13:42 -------- d-----w- c:\windows\Xerox

2011-01-06 13:42 . 2008-10-28 02:52 19968 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\sxs1mpc.dll

2011-01-06 13:41 . 2009-04-08 02:30 110592 ----a-r- c:\windows\Wiainst.exe

2011-01-06 13:39 . 2008-10-28 05:59 49152 ----a-w- c:\windows\system32\Ssusbpn.dll

2011-01-06 13:39 . 2008-10-27 09:04 11264 ----a-w- c:\windows\system32\SaSegFlt.dll

2011-01-06 13:39 . 2008-10-27 09:03 147456 ----a-w- c:\windows\system32\SaMinDrv.dll

2011-01-06 13:39 . 2008-10-27 09:03 27136 ----a-w- c:\windows\system32\SaImgFlt.dll

2011-01-06 13:39 . 2008-10-27 09:03 10752 ----a-w- c:\windows\system32\SaErHdlr.dll

2011-01-06 13:38 . 2008-10-28 02:52 22723 ----a-w- c:\windows\system32\sxs1ml3.dll

2011-01-06 13:38 . 2008-10-28 02:51 151552 ----a-w- c:\windows\system32\sxs1mci.exe

2011-01-06 13:38 . 2008-10-28 02:51 65536 ----a-w- c:\windows\system32\sxs1mci.dll

2011-01-06 13:33 . 2011-01-30 16:51 -------- d-----w- C:\ServerLic

2011-01-06 13:29 . 2010-05-23 10:15 1619456 ----a-w- c:\windows\system32\WMVDECOD.DLL

2011-01-06 13:29 . 2010-05-23 10:11 196608 ----a-w- c:\windows\system32\mfreadwrite.dll

2011-01-06 13:29 . 2010-05-23 10:11 3181568 ----a-w- c:\windows\system32\mf.dll

2011-01-06 13:16 . 2008-06-13 16:21 450560 ----a-w- c:\windows\system32\GDS32.DLL

2011-01-06 13:16 . 2008-06-13 16:26 462848 ----a-w- c:\windows\system32\Firebird2Control.cpl

2011-01-06 13:14 . 2011-01-06 13:15 -------- d-----w- C:\DKSOFT

2011-01-06 13:09 . 2011-01-28 11:52 -------- d-----w- C:\nexcafe

2011-01-06 13:09 . 2003-06-19 03:31 18944 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll

2011-01-06 13:09 . 2003-06-19 03:31 17920 ----a-w- c:\windows\system32\mdimon.dll

2011-01-06 13:05 . 2010-12-20 20:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-01-06 13:05 . 2010-12-20 20:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-01-06 13:04 . 2011-01-06 13:04 -------- d-----w- c:\windows\system32\Macromed

2011-01-06 13:03 . 2006-10-26 21:56 33104 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\msonpppr.dll

2011-01-06 13:03 . 2006-10-26 21:56 32592 ----a-w- c:\windows\system32\msonpmon.dll

2011-01-06 13:01 . 2011-01-06 13:01 -------- d-----w- c:\windows\PCHEALTH

2011-01-06 13:00 . 2011-01-30 19:09 -------- d-sh--w- c:\windows\Installer

2011-01-06 12:59 . 2011-01-06 12:59 -------- d-----r- C:\MSOCache

2011-01-06 12:40 . 2010-10-19 12:41 222080 ------w- c:\windows\system32\MpSigStub.exe

2011-01-06 12:26 . 2011-01-30 19:10 -------- d-----w- c:\windows\system32\wbem\Performance

.

((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-01-30 18:15 . 2009-07-13 23:40 409088 ----a-w- c:\windows\system32\systemcpl.dll

2011-01-30 18:15 . 2009-07-13 23:36 13824 ----a-w- c:\windows\system32\slwga.dll

2011-01-17 01:34 . 2009-07-13 23:24 811520 ----a-w- c:\windows\system32\user32.dll

2010-11-10 04:54 . 2010-11-10 04:54 49016 ----a-w- c:\windows\system32\sirenacm.dll

.

------- Sigcheck -------

[-] 2011-01-17 . 7BD7F45FF37FA0669CD32CA0EF46E22C . 811520 . . [6.1.7264.0] . . c:\windows\System32\user32.dll

[7] 2009-07-14 . 34B7E222E81FAFA885F0C5F2CFA56861 . 811520 . . [6.1.7264.0] . . c:\windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll

.

(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))

.

*Nota* entradas vazias e legítimas por defeito não são mostradas.

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2011-01-06 394104]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016]

"Xerox PanelMgr"="c:\windows\Xerox\PanelMgr\SSMMgr.exe" [2009-04-08 557056]

"Stanley-L_XRX_S2P"="c:\program files\Xerox\Xerox WorkCentre 3210\PSU\Scan2pc.exe" [2009-04-10 253952]

"avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

NexCaf‚ NexServ.lnk - c:\nexcafe\NexServ.exe [2011-1-6 11313152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginBb]

2010-12-28 12:42 351624 ----a-w- c:\program files\GbPlugin\gbieh.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

R3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\Common Files\Adobe\Adobe Version Cue CS4\Server\bin\VersionCueCS4.exe [2008-08-15 284016]

R3 WatAdminSvc;WatAdminSvc; [x]

S0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [2010-12-28 46600]

S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2010-11-26 15672]

S1 aswSP;aswSP; [x]

S2 aswFsBlk;aswFsBlk; [x]

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-01-13 51280]

S2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [2008-06-13 81920]

S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2008-10-28 5120]

S3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [2008-06-13 2723840]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]

.

------- Scan Suplementar -------

.

uStart Page = hxxp://google.com/

IE: Anexar a PDF existente - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: Anexar destino do link a PDF existente - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Converter destino do link em Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Converter em Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

Trusted Zone: bancobrasil.com.br\www

Trusted Zone: bancobrasil.com.br\www14

Trusted Zone: bancobrasil.com.br\www2

Trusted Zone: bb.com.br\www

TCP: {971EC717-0030-4395-A033-0E213B0E298E} = 201.10.128.2,201.10.120.3

FF - ProfilePath - c:\users\TecBits\AppData\Roaming\Mozilla\Firefox\Profiles\mskbhi5y.default\

FF - prefs.js: browser.startup.homepage - google.com

FF - prefs.js: browser.search.selectedEngine - Yahoo

FF - prefs.js: keyword.URL - hxxp://br.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=723823&p=

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

FF - Ext: MÃ³dulo de SeguranÃ§a - Banco do Brasil: {87F8774F-B485-47E2-A755-A40A8A5E886C} - %profile%\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886C}

.

--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Outros Processos em Execução ------------------------

.

c:\windows\system32\AUDIODG.EXE

c:\program files\Alwil Software\Avast5\AvastSvc.exe

c:\windows\system32\conhost.exe

c:\windows\system32\taskhost.exe

c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe

c:\program files\Common Files\Protexis\License Service\PsiService_2.exe

c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe

c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

c:\windows\system32\WUDFHost.exe

c:\program files\Windows Media Player\wmpnetwk.exe

c:\\?\c:\windows\system32\wbem\WMIADAP.EXE

.

**************************************************************************

.

Tempo para conclusão: 2011-01-30 19:24:04 - Máquina reiniciou

ComboFix-quarantined-files.txt 2011-01-30 21:24

Pré-execução: 55.719.845.888 bytes disponíveis

Pós execução: 55.300.575.232 bytes disponíveis

- - End Of File - - 14A07B723DDD5A5817B854DD6C100ED2

wings · Janeiro 30, 2011

O log do combofix está limpo.

Renomei o Combofix para Uninstall.exe

Execute-o.

*Aguarde surgir a mensagem: "ComboFix está desinstalado"

*Clique [OK]

Um abraço.

maniagames100% · Janeiro 30, 2011

wings
O log do combofix está limpo.

Renomei o Combofix para Uninstall.exe

Execute-o.

*Aguarde surgir a mensagem: "ComboFix está desinstalado"

*Clique [OK]

Um abraço.

Ok!

Por enquanto o pc parece estar normal novamente... vou esperar mais um tempinho pra ver o comportamento do sistema, logo postarei informaçoes.

Obrigado!

wings · Janeiro 30, 2011

PROBLEMA RESOLVIDO

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Arquivado

[Resolvido] &nbspInfecção --> lnk:runner

Recommended Posts

maniagames100% 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

maniagames100% 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

maniagames100% 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

maniagames100% 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

maniagames100% 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

maniagames100% 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

maniagames100% 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

maniagames100% 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

maniagames100% 0

Compartilhar este post

Link para o post

Compartilhar em outros sites

wings 22

Compartilhar este post

Link para o post

Compartilhar em outros sites

Fixar div até atingir uma certa altura

Ajuda com Extends e envio para o banco

PHP+Codeginiter - Orientação para Impressão

Fóruns

Tempo Real