[Resolvido] &nbspPC lento e com malwares

Kaminhant · Novembro 12, 2011

Amigos do Imasters - Bom Dia! Abaixo segue log do hijackthis para sua verificação:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:18:59, on 12/11/2011

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\ARQUIV~1\GbPlugin\GbpSv.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe

C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe

C:\Arquivos de programas\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Arquivos de programas\Arquivos comuns\Research In Motion\Auto Update\RIMAutoUpdate.exe

C:\WINDOWS\CameraFixer.exe

C:\WINDOWS\tsnpstd3.exe

C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe

C:\WINDOWS\twain_32\600x1200\Detector.exe

C:\ARQUIV~1\TEXTBR~1.0\Bin\INSTAN~1.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\msiexec.exe

C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

C:\Arquivos de programas\Trend Micro\HiJackThis\HiJackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Arquivos de programas\Canon\Easy-WebPrint\EWPBrowseLoader.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\Alwil Software\Avast5\aswWebRepIE.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (file missing)

O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Arquivos de programas\Megaupload\Mega Manager\MegaIEMn.dll

O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\ARQUIV~1\GbPlugin\gbiehcef.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Arquivos de programas\Yontoo Layers\YontooIEClient.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Arquivos de programas\Canon\Easy-WebPrint\Toolband.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\Alwil Software\Avast5\aswWebRepIE.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions

O4 - HKLM\..\Run: [blackBerryAutoUpdate] C:\Arquivos de programas\Arquivos comuns\Research In Motion\Auto Update\RIMAutoUpdate.exe /background

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [qQ] C:\WINDOWS\ali.exe

O4 - HKLM\..\Run: [CameraFixer] C:\WINDOWS\CameraFixer.exe

O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe

O4 - HKLM\..\Run: [avast] "C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [Detector] C:\WINDOWS\twain_32\600x1200\Detector.exe

O4 - HKLM\..\Run: [instantAccess] C:\ARQUIV~1\TEXTBR~1.0\Bin\INSTAN~1.EXE /h

O4 - HKLM\..\Run: [RegisterDropHandler] C:\ARQUIV~1\TEXTBR~1.0\Bin\REGIST~1.EXE

O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\ARQUIV~1\TEXTBR~1.0\Bin\REGIST~1.EXE

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Arquivos de programas\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Arquivos de programas\Megaupload\Mega Manager\mm_file.htm

O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Arquivos de programas\Megaupload\Mega Manager\mm_file.htm

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Andreia\Dados de aplicativos\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Andreia\Dados de aplicativos\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe

O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp

O15 - Trusted Zone: http://sn104w.snt104.mail.live.com

O15 - Trusted Zone: http://www.orkut.com.br

O15 - Trusted IP range: 192.168.1.4

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://imagem.caixa.gov.br/cab/gbpdist.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{C7DDC215-21FF-4ACD-A57B-5D43D42D1472}: NameServer = 201.10.120.3,201.10.1.2

O20 - Winlogon Notify: GbPluginCef - C:\ARQUIV~1\GbPlugin\gbiehCef.dll

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: scpLIB - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll

O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Gbp Service (GbpSv) - - C:\ARQUIV~1\GbPlugin\GbpSv.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Arquivos de programas\Java\jre6\bin\jqs.exe

O23 - Service: NBService - Nero AG - C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Arquivos de programas\WinPcap\rpcapd.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe

--

End of file - 11228 bytes

wings · Novembro 12, 2011

Olá Kaminhant

1.

*Baixe o SecurityCheck e salve-o no desktop

*Execute-o, tecle [Enter] e cole o relatório apresentado

2.

*Baixe o OTL e salve-o no desktop

*Execute-o e selecione as opções:

Verificar All Users

Usar WhiteList para Nomes de Companhias

Ignorar Arquivos Microsoft

Verificar LOP

Verificar Purity

*Clique [Verificar] e cole os relatório OTL.txt e Extras.txt localizados no desktop

Caso o relatório OTL.txt fique demasiadamente grande...

*Acesse este link

*Selecione 4 jours

*Clique [Enviar arquivo]

*Localize o arquivo OTL.txt no desktop

*Clique [Abrir] > [Créer le lien Cjoint]

*Cole o endereço criado

Kaminhant · Novembro 15, 2011

Olá Kaminhant

1.

*Baixe o SecurityCheck e salve-o no desktop

*Execute-o, tecle [Enter] e cole o relatório apresentado

2.

*Baixe o OTL e salve-o no desktop

*Execute-o e selecione as opções:

Verificar All Users

Usar WhiteList para Nomes de Companhias

Ignorar Arquivos Microsoft

Verificar LOP

Verificar Purity

*Clique [Verificar] e cole os relatório OTL.txt e Extras.txt localizados no desktop

Caso o relatório OTL.txt fique demasiadamente grande...

*Acesse este link

*Selecione 4 jours

*Clique [Enviar arquivo]

*Localize o arquivo OTL.txt no desktop

*Clique [Abrir] > [Créer le lien Cjoint]

*Cole o endereço criado

ABAIXO Logs solicitados:

Results of screen317's Security Check version 0.99.24

Windows XP Service Pack 2 x86

Out of date service pack!!

Internet Explorer 8

``````````````````````````````

Antivirus/Firewall Check:

avast! Free Antivirus

ESET Online Scanner v3

Antivirus up to date! (On Access scanning disabled!)

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Receitanet Java 2010.02b

Java 6 Update 17

Out of date Java installed!

Adobe Flash Player ( 10.2.153.1) Flash Player Out of Date!

Mozilla Firefox (3.6.23) Firefox Out of Date!

````````````````````````````````

Process Check:

objlist.exe by Laurent

Alwil Software Avast5 AvastSvc.exe

Alwil Software Avast5 avastUI.exe

``````````End of Log````````````

OTL logfile created on: 15/11/2011 21:07:39 - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Andreia\Desktop

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy

895,17 Mb Total Physical Memory | 336,88 Mb Available Physical Memory | 37,63% Memory free

2,12 Gb Paging File | 1,48 Gb Available in Paging File | 69,79% Paging File free

Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas

Drive C: | 149,04 Gb Total Space | 26,82 Gb Free Space | 18,00% Space Free | Partition Type: NTFS

Drive E: | 7,81 Mb Total Space | 3,33 Mb Free Space | 42,60% Space Free | Partition Type: NTFS

Computer Name: CASA | User Name: Andreia | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/15 20:56:09 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andreia\Desktop\OTL.exe

PRC - [2011/11/08 01:02:58 | 001,036,344 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe

PRC - [2011/07/04 09:43:54 | 003,493,720 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastUI.exe

PRC - [2011/07/04 09:43:51 | 000,042,184 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe

PRC - [2011/04/18 16:13:40 | 000,056,776 | ---- | M] ( ) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe

PRC - [2008/09/17 16:22:50 | 000,615,696 | ---- | M] (Research In Motion Limited) -- C:\Arquivos de programas\Arquivos comuns\Research In Motion\Auto Update\RIMAutoUpdate.exe

PRC - [2007/06/01 10:05:56 | 001,551,408 | ---- | M] (Nero AG) -- C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe

PRC - [2006/06/19 14:21:32 | 000,114,688 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe

PRC - [2006/06/01 12:26:10 | 000,020,480 | ---- | M] () -- C:\WINDOWS\CameraFixer.exe

PRC - [2004/08/04 01:45:34 | 001,034,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe

PRC - [2000/08/07 02:00:12 | 000,038,400 | R--- | M] () -- C:\WINDOWS\twain_32\600x1200\Detector.exe

PRC - [1998/12/14 12:49:20 | 000,037,376 | ---- | M] () -- C:\Arquivos de programas\TextBridge Pro 8.0\Bin\InstantAccess.exe

========== Modules (No Company Name) ==========

MOD - [2011/11/15 16:27:35 | 001,616,896 | ---- | M] () -- C:\Arquivos de programas\Alwil Software\Avast5\defs\11111501\algo.dll

MOD - [2011/11/15 09:59:54 | 000,241,528 | ---- | M] () -- C:\Arquivos de programas\Alwil Software\Avast5\defs\11111501\aswRep.dll

MOD - [2011/11/08 01:02:56 | 000,420,920 | ---- | M] () -- C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\15.0.874.120\ppgooglenaclpluginchrome.dll

MOD - [2011/11/08 01:02:55 | 003,702,840 | ---- | M] () -- C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\15.0.874.120\pdf.dll

MOD - [2011/11/08 01:01:20 | 000,122,952 | ---- | M] () -- C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\15.0.874.120\avutil-51.dll

MOD - [2011/11/08 01:01:19 | 000,222,280 | ---- | M] () -- C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\15.0.874.120\avformat-53.dll

MOD - [2011/11/08 01:01:17 | 001,746,504 | ---- | M] () -- C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\15.0.874.120\avcodec-53.dll

MOD - [2011/11/07 21:44:56 | 008,593,056 | ---- | M] () -- C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Google\Chrome\Application\15.0.874.120\gcswf32.dll

MOD - [2009/02/27 19:49:12 | 000,311,296 | ---- | M] () -- C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\pdfshell.PTB

MOD - [2006/09/14 01:20:24 | 000,126,464 | ---- | M] () -- C:\PROGRAMAS_pcPai\WinRAR\RarExt.dll

MOD - [2006/06/19 14:21:32 | 000,114,688 | ---- | M] () -- C:\WINDOWS\tsnpstd3.exe

MOD - [2006/06/01 12:26:10 | 000,020,480 | ---- | M] () -- C:\WINDOWS\CameraFixer.exe

MOD - [2004/08/04 01:45:24 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll

MOD - [2000/08/07 02:00:12 | 000,038,400 | R--- | M] () -- C:\WINDOWS\twain_32\600x1200\Detector.exe

MOD - [1998/12/18 18:39:18 | 000,131,584 | ---- | M] () -- C:\Arquivos de programas\TextBridge Pro 8.0\Bin\IAResPOR.dll

MOD - [1998/12/14 12:49:20 | 000,037,376 | ---- | M] () -- C:\Arquivos de programas\TextBridge Pro 8.0\Bin\InstantAccess.exe

MOD - [1998/12/14 12:46:26 | 000,034,304 | ---- | M] () -- C:\Arquivos de programas\TextBridge Pro 8.0\Bin\OfficeAccess.dll

MOD - [1998/12/14 12:45:26 | 000,034,304 | ---- | M] () -- C:\Arquivos de programas\TextBridge Pro 8.0\Bin\ExcelAccess.dll

MOD - [1998/12/14 12:42:48 | 000,045,568 | ---- | M] () -- C:\Arquivos de programas\TextBridge Pro 8.0\Bin\WordAccess.dll

MOD - [1998/12/14 12:40:10 | 000,008,704 | ---- | M] () -- C:\Arquivos de programas\TextBridge Pro 8.0\Bin\MSAppAccess.dll

MOD - [1998/12/14 12:35:20 | 000,022,016 | ---- | M] () -- C:\Arquivos de programas\TextBridge Pro 8.0\Bin\REGDATA.DLL

MOD - [1998/12/14 12:21:24 | 000,119,808 | ---- | M] () -- C:\Arquivos de programas\TextBridge Pro 8.0\Bin\Tbmhook.dll

MOD - [1998/12/14 12:06:38 | 000,034,304 | ---- | M] () -- C:\Arquivos de programas\Arquivos comuns\Xerox Shared\VGFILE.DLL

MOD - [1998/12/14 12:06:32 | 000,163,328 | ---- | M] () -- C:\Arquivos de programas\Arquivos comuns\Xerox Shared\EASYTB32.DLL

========== Win32 Services (SafeList) ==========

SRV - [2011/07/04 09:43:51 | 000,042,184 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)

SRV - [2011/04/18 16:13:40 | 000,056,776 | ---- | M] ( ) [unknown | Running] -- C:\Arquivos de programas\GbPlugin\gbpsv.exe -- (GbpSv)

SRV - [2010/06/25 15:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Arquivos de programas\WinPcap\rpcapd.exe -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)

SRV - [2009/01/21 13:08:06 | 001,095,560 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Arquivos de programas\Spyware Doctor\pctsSvc.exe -- (sdCoreService)

SRV - [2009/01/07 12:40:56 | 000,348,752 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Arquivos de programas\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)

SRV - [2007/06/01 10:21:30 | 000,271,920 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)

SRV - [2007/06/01 10:05:56 | 001,551,408 | ---- | M] (Nero AG) [Auto | Running] -- C:\Arquivos de programas\Nero\Nero 7\InCD\InCDsrv.exe -- (InCDsrv)

SRV - [2003/07/28 13:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

========== Driver Services (SafeList) ==========

DRV - [2011/09/06 18:38:05 | 000,442,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)

DRV - [2011/09/06 18:36:38 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)

DRV - [2011/09/06 18:36:36 | 000,052,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)

DRV - [2011/09/06 18:36:23 | 000,110,552 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)

DRV - [2011/09/06 18:33:11 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)

DRV - [2011/07/04 09:36:32 | 000,309,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)

DRV - [2011/07/04 09:32:12 | 000,019,544 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV - [2011/04/18 16:14:16 | 000,046,664 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\gbpkm.sys -- (GbpKm)

DRV - [2010/06/25 15:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)

DRV - [2009/04/22 14:28:08 | 000,008,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)

DRV - [2009/04/22 14:28:06 | 000,003,072 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)

DRV - [2009/04/03 11:18:26 | 000,130,936 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\PCTCore.sys -- (PCTCore)

DRV - [2008/10/31 01:38:08 | 004,942,336 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2008/10/21 10:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdm.sys -- (s0017mdm)

DRV - [2008/10/21 10:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017unic.sys -- (s0017unic) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (WDM)

DRV - [2008/10/21 10:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mgmt.sys -- (s0017mgmt) Sony Ericsson Device 0017 USB WMC Device Management Drivers (WDM)

DRV - [2008/10/21 10:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017obex.sys -- (s0017obex)

DRV - [2008/10/21 10:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017bus.sys -- (s0017bus) Sony Ericsson Device 0017 driver (WDM)

DRV - [2008/10/21 10:22:48 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017nd5.sys -- (s0017nd5) Sony Ericsson Device 0017 USB Ethernet Emulation SEMC0017 (NDIS)

DRV - [2008/10/21 10:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s0017mdfl.sys -- (s0017mdfl)

DRV - [2008/01/09 11:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)

DRV - [2007/09/20 08:07:40 | 000,022,016 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)

DRV - [2007/09/20 08:07:38 | 000,053,632 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)

DRV - [2007/07/07 04:13:10 | 000,012,032 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)

DRV - [2007/06/25 09:43:38 | 000,098,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117obex.sys -- (s117obex)

DRV - [2007/06/25 09:43:36 | 000,098,856 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117unic.sys -- (s117unic) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (WDM)

DRV - [2007/06/25 09:43:36 | 000,022,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117nd5.sys -- (s117nd5) Sony Ericsson Device 117 USB Ethernet Emulation SEMC117 (NDIS)

DRV - [2007/06/25 09:43:22 | 000,082,984 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s117bus.sys -- (s117bus) Sony Ericsson Device 117 driver (WDM)

DRV - [2007/06/14 17:59:38 | 000,557,568 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)

DRV - [2007/06/01 10:05:56 | 000,038,576 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDRm.sys -- (incdrm)

DRV - [2007/06/01 10:05:56 | 000,037,040 | ---- | M] (Nero AG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\InCDPass.sys -- (InCDPass)

DRV - [2007/06/01 10:05:46 | 000,118,704 | ---- | M] (Nero AG) [File_System | Disabled | Running] -- C:\WINDOWS\system32\drivers\InCDfs.sys -- (InCDfs)

DRV - [2007/05/22 06:23:00 | 001,036,928 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)

DRV - [2007/05/22 06:23:00 | 000,702,592 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)

DRV - [2007/05/22 06:23:00 | 000,219,136 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWBS2.sys -- (HSFHWBS2)

DRV - [2006/11/26 15:59:45 | 000,020,096 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)

DRV - [2006/09/05 22:07:00 | 000,061,536 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\se59bus.sys -- (se59bus) Sony Ericsson Device 089 driver (WDM)

DRV - [2006/07/24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2005/05/03 13:34:02 | 000,027,392 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)

DRV - [2005/04/12 06:41:20 | 000,004,608 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)

DRV - [2005/02/23 15:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)

DRV - [2004/11/30 13:00:00 | 000,276,736 | ---- | M] (Philips Semiconductors) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\SAA713x.sys -- (713xTVCard)

DRV - [2004/08/03 23:10:14 | 000,015,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-1935655697-854245398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.msn.com/spbasic.htm

IE - HKU\S-1-5-21-1935655697-854245398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/

IE - HKU\S-1-5-21-1935655697-854245398-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\S-1-5-21-1935655697-854245398-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"

FF - prefs.js..browser.startup.homepage: "http://en-us.start.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:pt-BR:official"

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Arquivos de programas\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Arquivos de programas\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Arquivos de programas\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Arquivos de programas\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Arquivos de programas\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\plugins\npgoogletalk.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\wrc@avast.com: C:\Arquivos de programas\Alwil Software\Avast5\WebRep\FF [2011/09/12 18:54:09 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2011/10/22 18:47:56 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2011/10/22 18:47:57 | 000,000,000 | ---D | M]

[2010/01/26 14:51:33 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Extensions

[2011/07/15 14:04:48 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\5y1o11k1.default\extensions

[2011/03/25 17:27:02 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\5y1o11k1.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

[2010/09/02 15:33:45 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\5y1o11k1.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2011/07/15 14:04:48 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\5y1o11k1.default\extensions\plugin@yontoo.com

[2011/11/09 09:20:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\jmcynhak.default\extensions

[2010/08/15 02:41:53 | 000,000,000 | ---D | M] (Softonic_Brasil Toolbar) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\jmcynhak.default\extensions\{12fc3d37-2a42-4fe3-8489-81296878cba5}

[2011/07/23 13:25:08 | 000,000,000 | ---D | M] (Paste Quote) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\jmcynhak.default\extensions\{1C7CCF7A-ECB8-4CE5-B5D1-A4FA477A7242}

[2011/07/23 13:25:05 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\jmcynhak.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}

[2011/02/04 16:41:25 | 000,000,000 | ---D | M] (Mega Manager Integration) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\jmcynhak.default\extensions\{40a1f5d7-afc2-498f-b264-02668d616ff6}

[2011/07/23 13:25:04 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\jmcynhak.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

[2011/07/04 22:15:38 | 000,000,000 | ---D | M] (Serif PhotoPlus Community Toolbar) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\jmcynhak.default\extensions\{8f2767f8-338a-4258-bd1c-4de5a3d8cdb2}

[2010/09/02 15:33:45 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\jmcynhak.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2010/01/27 09:09:01 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\jmcynhak.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

[2011/07/23 13:25:01 | 000,000,000 | ---D | M] (Autofill Forms) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\jmcynhak.default\extensions\autofillForms@blueimp.net

[2011/07/23 13:25:03 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\jmcynhak.default\extensions\engine@conduit.com

[2011/08/03 21:56:15 | 000,000,000 | ---D | M] (Greasefire) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\jmcynhak.default\extensions\greasefire@skrul.com

[2011/07/23 13:25:05 | 000,000,000 | ---D | M] (NASA Night Launch) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\jmcynhak.default\extensions\nasanightlaunch@example.com

[2011/07/23 13:25:08 | 000,000,000 | ---D | M] (Orkut Manager) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\jmcynhak.default\extensions\om.brunolm@gmail.com

[2011/07/15 14:04:49 | 000,000,000 | ---D | M] (Yontoo Layers) -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\jmcynhak.default\extensions\plugin@yontoo.com

[2010/05/26 15:18:50 | 000,002,333 | ---- | M] () -- C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\Firefox\Profiles\5y1o11k1.default\searchplugins\askcom.xml

[2011/03/18 01:12:18 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de programas\Mozilla Firefox\extensions

[2007/12/17 15:16:14 | 000,065,536 | ---- | M] ( ) -- C:\Arquivos de programas\mozilla firefox\plugins\npkimi.dll

[2011/09/08 21:32:37 | 000,159,744 | ---- | M] (Apple Inc.) -- C:\Arquivos de programas\mozilla firefox\plugins\npqtplugin9.dll

[2010/12/09 08:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Arquivos de programas\mozilla firefox\plugins\npwachk.dll

[2011/10/22 18:47:49 | 000,001,027 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\buscape.xml

[2011/10/22 18:47:49 | 000,001,212 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\mercadolivre.xml

[2010/04/12 15:01:50 | 000,005,495 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\SearchquWebSearch.xml

[2011/10/22 18:47:49 | 000,001,168 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\wikipedia-br.xml

[2011/10/22 18:47:49 | 000,000,952 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\yahoo-br.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = http://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t

CHR - default_search_provider: suggest_url = http://suggestqueries.google.com/complete/search?q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Andreia\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\15.0.874.120\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin7.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin8.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npqtplugin9.dll

CHR - plugin: Java Deployment Toolkit 6.0.170.4 (Enabled) = C:\Arquivos de programas\Java\jre6\bin\new_plugin\npdeploytk.dll

CHR - plugin: Java Platform SE 6 U17 (Enabled) = C:\Arquivos de programas\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Arquivos de programas\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Arquivos de programas\Windows Media Player\npdsplay.dll

CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Arquivos de programas\Microsoft\Office Live\npOLW.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Andreia\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\15.0.874.120\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Andreia\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\15.0.874.120\pdf.dll

CHR - plugin: Imikimi.com Plugin (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npkimi.dll

CHR - plugin: Winamp Application Detector (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npwachk.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll

CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll

CHR - plugin: Google Talk Plugin (Enabled) = C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\plugins\npgoogletalk.dll

CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Documents and Settings\Andreia\Dados de aplicativos\Mozilla\plugins\npgtpo3dautoplugin.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Arquivos de programas\Google\Update\1.3.21.69\npGoogleUpdate3.dll

CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: Orkut Chrome Extension = C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dikgpddfoaipimjmmedapimgedgddhoj\1.0.0.3\

CHR - Extension: avast! WebRep = C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\6.0.1203_0\

CHR - Extension: Chrome Sounds = C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\kkfibincabhfblmkmhcabnlghmncdcaf\1.1\

CHR - Extension: Visualizador de PDF/PowerPoint do Google Docs (do Google) = C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn\3.7_0\

O1 HOSTS File: ([2010/11/16 15:48:46 | 000,000,774 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (ssh2 Class) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll (Scopus Tecnologia Ltda)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (EWPBrowseObject Class) - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Arquivos de programas\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll File not found

O2 - BHO: (IeMonitorBho Class) - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Arquivos de programas\Megaupload\Mega Manager\MegaIEMn.dll (Megaupload Limited)

O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)

O2 - BHO: (Yontoo Layers) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Arquivos de programas\Yontoo Layers\YontooIEClient.dll (Yontoo Technology, Inc.)

O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Arquivos de programas\Canon\Easy-WebPrint\Toolband.dll ()

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Arquivos de programas\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)

O3 - HKU\S-1-5-21-1935655697-854245398-725345543-1003\..\Toolbar\ShellBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKU\S-1-5-21-1935655697-854245398-725345543-1003\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.

O3 - HKU\S-1-5-21-1935655697-854245398-725345543-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

O4 - HKU\S-1-5-21-1935655697-854245398-725345543-1003..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe (Nero AG)

O4 - HKU\S-1-5-21-1935655697-854245398-725345543-1003..\Run: [swg] "C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" File not found

O4 - HKLM..\RunServices: [RegisterDropHandler] C:\Arquivos de programas\TextBridge Pro 8.0\Bin\RegisterDropHandler.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-1935655697-854245398-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8 - Extra context menu item: Baixar Link Utiizando Gerenciador Mega... - C:\Arquivos de programas\Megaupload\Mega Manager\mm_file.htm ()

O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Arquivos de programas\Megaupload\Mega Manager\mm_file.htm ()

O8 - Extra context menu item: Free YouTube Download - C:\Documents and Settings\Andreia\Dados de aplicativos\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Documents and Settings\Andreia\Dados de aplicativos\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html File not found

O15 - HKU\S-1-5-21-1935655697-854245398-725345543-1003\..Trusted Domains: live.com ([sn104w.snt104.mail] http in Sites confiáveis)

O15 - HKU\S-1-5-21-1935655697-854245398-725345543-1003\..Trusted Domains: microsoft.com ([windowsupdate] https in Sites confiáveis)

O15 - HKU\S-1-5-21-1935655697-854245398-725345543-1003\..Trusted Domains: microsoft.com ([www.update] https in Sites confiáveis)

O15 - HKU\S-1-5-21-1935655697-854245398-725345543-1003\..Trusted Domains: orkut.com.br ([www] http in Sites confiáveis)

O15 - HKU\S-1-5-21-1935655697-854245398-725345543-1003\..Trusted Domains: yahoo.com ([br.mc1607.mail] http in Sites confiáveis)

O15 - HKU\S-1-5-21-1935655697-854245398-725345543-1003\..Trusted Ranges: Range1 ([*] in Sites confiáveis)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} https://imagem.caixa.gov.br/cab/gbpdist.cab (GbpDistObj Class)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C7DDC215-21FF-4ACD-A57B-5D43D42D1472}: NameServer = 201.10.120.3,201.10.1.2

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\Userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)

O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\ARQUIV~1\GbPlugin\gbiehCef.dll) - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)

O22 - SharedTaskScheduler: {A3717295-941D-416F-9384-ED1736729F1C} - scpLIB - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)

O24 - Desktop Components:0 (Minha página inicial atual) - About:Home

O24 - Desktop WallPaper: C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O24 - Desktop BackupWallPaper: C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\Microsoft\Wallpaper1.bmp

O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 22:31:01 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O33 - MountPoints2\{1340d0ae-6d9e-11de-89e0-ac3a2db22a9f}\Shell\AutoRun\command - "" = wscript.exe .\.vbs

O33 - MountPoints2\{1340d0ae-6d9e-11de-89e0-ac3a2db22a9f}\Shell\open\command - "" = wscript.exe .\.vbs

O33 - MountPoints2\{6e7a9762-bfe8-11df-8c06-001966a5cb0e}\Shell - "" = AutoRun

O33 - MountPoints2\{6e7a9762-bfe8-11df-8c06-001966a5cb0e}\Shell\AutoRun\command - "" = C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe killVBS.vbs

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/15 20:56:05 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Andreia\Desktop\OTL.exe

[2011/11/15 20:15:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\E.M. PowerPoint Video Converter

[2011/11/15 18:43:38 | 000,000,000 | ---D | C] -- C:\Slide 1AV

[2011/11/15 17:39:16 | 013,962,599 | ---- | C] (Leawo Software Co., LTD ) -- C:\Documents and Settings\Andreia\Desktop\leawo_ppt2video_free.exe

[2011/11/14 23:18:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Google Earth

[2011/11/13 17:39:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andreia\Meus documentos\dianaaa

[2011/11/12 11:13:44 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Trend Micro

[2011/11/12 11:13:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andreia\Menu Iniciar\Programas\HiJackThis

[2011/11/09 19:10:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Andreia\Meus documentos\Gmail - Entrada (6) - felizeca@gmail.com_files

[2011/11/03 11:42:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Silverlight

[2011/11/03 11:41:57 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Silverlight

[2010/09/15 22:18:15 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Andreia\Dados de aplicativos\pcouffin.sys

[2010/08/15 02:40:51 | 000,822,296 | ---- | C] (RealNetworks, Inc.) -- C:\Arquivos de programas\RealPlayerSPGold_br.exe

[2010/08/15 02:32:37 | 010,427,196 | ---- | C] (ZJMedia ) -- C:\Arquivos de programas\WinAVI_Video_Converter.exe

[2010/02/14 23:27:10 | 000,147,456 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll

[2010/02/14 23:27:10 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\vsnpstd3.dll

[2010/02/14 23:27:10 | 000,018,944 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll

[2010/01/26 14:50:48 | 008,154,064 | ---- | C] (Mozilla) -- C:\Arquivos de programas\Firefox Setup 3.6.exe

[2010/01/14 12:30:42 | 018,184,760 | ---- | C] (Sony Ericsson ) -- C:\Arquivos de programas\Sony_Ericsson_PC_Suite_6.009.00_Web_ENG.exe

[2010/01/12 14:37:55 | 001,154,384 | ---- | C] (Microsoft Corporation) -- C:\Arquivos de programas\wlsetup-custom.exe

[2009/10/30 18:50:10 | 000,598,086 | ---- | C] (DVD Shrink) -- C:\Arquivos de programas\DVD Shrink 3.2.exe

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/15 21:09:05 | 000,001,176 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-854245398-725345543-1003UA.job

[2011/11/15 20:58:00 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2011/11/15 20:56:21 | 000,869,194 | ---- | M] () -- C:\Documents and Settings\Andreia\Desktop\SecurityCheck.exe

[2011/11/15 20:56:09 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Andreia\Desktop\OTL.exe

[2011/11/15 20:15:15 | 000,000,789 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\E.M. PowerPoint Video Converter.lnk

[2011/11/15 18:28:30 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[2011/11/15 17:58:15 | 000,059,978 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\FamilinterneT.jpg

[2011/11/15 17:57:51 | 000,100,898 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Gente12.jpg

[2011/11/15 17:57:32 | 000,068,486 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Aguias10.jpg

[2011/11/15 17:40:26 | 013,962,599 | ---- | M] (Leawo Software Co., LTD ) -- C:\Documents and Settings\Andreia\Desktop\leawo_ppt2video_free.exe

[2011/11/15 17:04:03 | 000,023,384 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\RosaPraVC.gif

[2011/11/15 16:19:32 | 000,164,864 | ---- | M] () -- C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/11/15 16:14:22 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1D47F1B-F51D-4555-8335-DF4591747F37}.job

[2011/11/15 11:25:13 | 000,001,068 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2011/11/15 11:25:10 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1935655697-854245398-725345543-1003.job

[2011/11/15 11:25:10 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\RegistryBooster.job

[2011/11/15 11:25:10 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\DriverScanner.job

[2011/11/15 11:22:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2011/11/15 00:09:01 | 000,001,124 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1935655697-854245398-725345543-1003Core.job

[2011/11/14 23:18:20 | 000,001,971 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk

[2011/11/14 17:27:37 | 003,368,730 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\PenhahC.bmp

[2011/11/14 12:43:30 | 001,170,944 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Veice.pps

[2011/11/13 23:32:17 | 000,739,770 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Re_ {POESIAEAMIGOS} CADA DIA EU TE AMO MAIS - FERA MANHOSA - ARTESDAM.eml

[2011/11/13 22:34:56 | 000,183,864 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Os Eus que nao sou Eu.jpg

[2011/11/13 21:03:19 | 001,238,016 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\AmorVirtual.pps

[2011/11/13 15:34:29 | 000,048,366 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\AmorVirtual-charge.jpg

[2011/11/13 15:01:20 | 000,034,018 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\SexoVirtual-7.jpg

[2011/11/13 14:38:58 | 000,073,402 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\SexVirt1.jpg

[2011/11/13 14:29:26 | 000,058,392 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\AmorVirtual1.jpg

[2011/11/13 14:11:06 | 000,067,261 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\redes-sociais.jpg

[2011/11/13 14:08:38 | 000,038,104 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\VirtualLove.jpg

[2011/11/13 14:00:25 | 000,029,390 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\SexoVirtual8.jpg

[2011/11/13 13:58:27 | 000,041,442 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\SexoVirtual5.JPG

[2011/11/13 13:56:54 | 000,024,963 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\sexo-virtual.jpg

[2011/11/13 13:51:31 | 000,041,582 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\SexVirtual3a.jpg

[2011/11/13 13:49:18 | 000,028,847 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\1281618345410_f (1).jpg

[2011/11/13 13:47:54 | 000,037,404 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\AmorVirt1a.jpg

[2011/11/13 13:41:57 | 000,040,853 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\SexVirt2.jpg

[2011/11/13 13:37:38 | 000,032,251 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\sexo-virtual1.jpg

[2011/11/13 13:33:00 | 000,019,428 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\cybersex2.jpg

[2011/11/13 13:25:08 | 000,026,073 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\AmorVirtual.jpg

[2011/11/13 13:12:39 | 000,058,538 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Corujas.jpg

[2011/11/13 12:28:16 | 000,091,427 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Ninfas-Angelicas.jpg

[2011/11/13 11:28:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2011/11/12 23:06:39 | 000,017,750 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\QuadroAzul.jpg

[2011/11/12 22:50:45 | 001,440,054 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\CriançasZkptk.bmp

[2011/11/12 18:39:31 | 000,018,556 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Anjinhos-Flores.jpg

[2011/11/12 18:28:49 | 000,117,340 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\PenhahC-Lindaaa.jpg

[2011/11/12 18:24:37 | 000,260,941 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\PenhahCastro-2011.jpg

[2011/11/12 17:10:35 | 000,044,534 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Estrelas.luz.noite.jpg

[2011/11/12 16:25:03 | 000,647,226 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\BIAFRA~1-NumaNoit.MID

[2011/11/12 16:20:26 | 000,111,645 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura11.jpg

[2011/11/12 16:19:52 | 000,105,090 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura10.jpg

[2011/11/12 16:19:08 | 000,104,136 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura9.jpg

[2011/11/12 16:18:48 | 000,106,901 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura8.jpg

[2011/11/12 16:18:29 | 000,104,581 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura7.jpg

[2011/11/12 16:18:06 | 000,103,289 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura6.jpg

[2011/11/12 16:17:48 | 000,103,711 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura5.jpg

[2011/11/12 16:17:25 | 000,102,326 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura4.jpg

[2011/11/12 16:17:04 | 000,105,775 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura3.jpg

[2011/11/12 16:16:33 | 000,106,739 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura2.jpg

[2011/11/12 16:16:07 | 000,104,215 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura1.jpg

[2011/11/12 16:15:35 | 000,105,090 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura12.jpg

[2011/11/12 15:53:43 | 000,079,228 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\SolPalmeira-fdo-1024.jpg

[2011/11/12 15:51:27 | 000,251,482 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\SolPalmeira-fdo.bmp

[2011/11/12 13:05:15 | 000,469,504 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Pedacinhos.pps

[2011/11/12 13:04:58 | 000,589,824 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\bomdia-cristo.pps

[2011/11/12 11:13:44 | 000,002,012 | ---- | M] () -- C:\Documents and Settings\Andreia\Desktop\HiJackThis.lnk

[2011/11/11 21:42:28 | 000,015,225 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Monitor-da-Alma-Zeca-Feliz.jpg

[2011/11/11 21:38:32 | 000,025,203 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\e-agora-oh-ze.jpg

[2011/11/11 21:28:49 | 000,016,014 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Zeca-Feliz-OrqVersoProsa.jpg

[2011/11/11 21:25:54 | 000,021,031 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\tic-tac-Zeca Avelar.jpg

[2011/11/11 21:22:12 | 000,085,525 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\zeca_tag.jpg

[2011/11/11 19:01:12 | 000,043,781 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Velhs Falantes.jpg

[2011/11/11 18:58:54 | 000,068,491 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Velhs Falantes.png

[2011/11/11 18:40:17 | 000,030,297 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Ouvidos-de-Deus.jpg

[2011/11/11 18:38:58 | 000,285,890 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Ouvidos-de-Deus.png

[2011/11/11 18:05:42 | 000,110,882 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Palacio-Planalto-Drogas.jpg

[2011/11/11 18:02:05 | 000,089,601 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Mulheres-Nuasss.jpg

[2011/11/11 15:36:44 | 000,150,016 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\FOTO_DE_MACHU_PICCHU.pps

[2011/11/11 15:36:39 | 000,451,584 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\FOTO_DA_BIRMANIA.pps

[2011/11/11 15:35:08 | 000,219,294 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Soldado-Desconhecido.jpg

[2011/11/11 15:31:18 | 000,119,372 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Viva-sua-vida-1280x1024.jpg

[2011/11/11 15:29:53 | 000,243,274 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Chuva de Verao.jpg

[2011/11/11 15:28:12 | 000,190,740 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Deus.jpg

[2011/11/11 15:25:18 | 000,207,579 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\SonhosPartilhados.jpg

[2011/11/11 15:22:36 | 000,139,328 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\cachoeiras-9.jpg

[2011/11/11 15:20:49 | 000,065,658 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Alegria pela Vida.jpg

[2011/11/11 15:18:36 | 000,044,137 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Meninas-Puras.jpg

[2011/11/11 15:14:46 | 000,113,858 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\MeninasPuras.jpg

[2011/11/11 15:10:51 | 000,021,618 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\guerra1.jpg

[2011/11/11 15:07:04 | 000,017,579 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\chs007.jpg

[2011/11/11 15:06:01 | 000,074,652 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\DiaNublado.jpg

[2011/11/11 15:04:57 | 000,008,191 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\500758.jpg

[2011/11/11 15:02:00 | 000,615,305 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Meninos-DEscalcos.JPG

[2011/11/11 14:56:49 | 000,082,333 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Palacio-Planalto.jpeg

[2011/11/11 14:54:38 | 000,030,154 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\foto drogas.jpg

[2011/11/11 14:49:15 | 000,071,013 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\MulherNua.jpg

[2011/11/11 14:48:26 | 000,266,821 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\MiopiadaGananciaMatutina.jpg

[2011/11/11 14:45:37 | 000,236,451 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Predios.jpg

[2011/11/11 14:44:03 | 000,053,519 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Amantesss.jpg

[2011/11/11 14:38:36 | 000,045,110 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\OlhardeDeus.jpg

[2011/11/11 14:37:04 | 000,130,526 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\olho_de_deus1.jpg

[2011/11/11 14:32:53 | 000,018,941 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\o olho de deus.jpg

[2011/11/11 14:32:03 | 000,015,076 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\jjjboneca.jpg

[2011/11/11 14:31:28 | 000,013,259 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\nua.jpg

[2011/11/11 14:30:31 | 000,657,461 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\aa2p.png

[2011/11/11 14:29:27 | 000,090,619 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\kukula001.jpg

[2011/11/11 14:25:55 | 000,104,516 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\meninas_bonecas_contorno2[1].jpg

[2011/11/11 14:23:30 | 000,224,347 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Homem-de-Terno.jpg

[2011/11/11 14:19:12 | 000,059,132 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Brincos.jpg

[2011/11/11 14:11:50 | 000,006,416 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Monica-Bellucci-443.jpg

[2011/11/11 14:01:43 | 000,045,396 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\expulsparaiso.jpg

[2011/11/11 13:43:13 | 001,453,568 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Sonata_ao_Luar.pps

[2011/11/11 10:40:57 | 000,000,125 | -HS- | M] () -- C:\Documents and Settings\Andreia\Dados de aplicativos\.zreglib

[2011/11/10 23:44:00 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1935655697-854245398-725345543-1003.job

[2011/11/10 21:39:29 | 000,214,118 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Utopia.pdf

[2011/11/10 21:33:44 | 000,519,954 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\The picture of Dorian Gray pdf.pdf

[2011/11/10 21:32:00 | 000,130,279 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\A-esfinge-sem-segredo2.pdf

[2011/11/10 21:23:37 | 000,115,672 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\The Comedy of Errors.pdf

[2011/11/10 21:13:15 | 001,797,156 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Divina Comedia Pt.pdf

[2011/11/10 21:08:13 | 000,083,118 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\O Livro Dele.pdf

[2011/11/10 21:06:01 | 002,708,489 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Ulysses.pdf

[2011/11/10 21:03:35 | 000,130,279 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\A Esfinge.pdf

[2011/11/10 21:00:42 | 000,219,080 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\aNTIGONAS.pdf

[2011/11/10 20:56:53 | 000,844,905 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Divina cOMEDIA.pdf

[2011/11/10 20:54:29 | 000,130,279 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\A-esfinge-sem-segredo.pdf

[2011/11/10 20:11:20 | 000,661,504 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\AME MARIA.pps

[2011/11/10 19:06:18 | 000,124,813 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Niver-Parabens.jpg

[2011/11/10 17:54:21 | 000,214,829 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Zinha-Niver-10112011.jpg

[2011/11/10 17:52:45 | 000,157,634 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Zinha-Niver-101111.jpg

[2011/11/10 17:41:10 | 000,089,488 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Feliz Aniversario.jpg

[2011/11/10 13:13:34 | 000,067,193 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\OdeteD-FB-Fpolis.jpg

[2011/11/10 13:13:02 | 000,081,816 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\OdeteDaminelli.jpg

[2011/11/10 13:10:27 | 000,137,201 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\OdeteD.jpg

[2011/11/10 13:09:40 | 000,141,219 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\OdeteDaminelli FB.jpg

[2011/11/10 13:08:40 | 000,034,167 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\OdeteDaminelli FB - Fpolis.jpg

[2011/11/10 12:49:35 | 000,528,896 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\voo_de_gansos.pps

[2011/11/09 21:01:17 | 000,043,804 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Deus-EscadaparaCeu.jpg

[2011/11/09 21:00:06 | 000,153,104 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\AveMaria-txt.jpg

[2011/11/09 19:10:28 | 000,407,049 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Gmail - Entrada (6) - felizeca@gmail.com.htm

[2011/11/09 14:34:09 | 000,035,400 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\_Euosou_ ESPETACULAR!!! UM EMAIL PARA NÃO APAGAR.eml

[2011/11/09 13:57:15 | 000,118,241 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Lunna Pains Parabéns.jpg

[2011/11/09 13:29:41 | 000,031,308 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\RosaLunna.jpg

[2011/11/09 13:27:22 | 000,022,336 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Lunna Pains.jpg

[2011/11/09 13:00:05 | 000,314,666 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Obras Poeticas Gregorio de Matos.pdf

[2011/11/09 12:55:27 | 000,091,776 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Saudade.pdf

[2011/11/09 12:54:00 | 000,101,767 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\El Arte de la Guerra.pdf

[2011/11/09 12:51:47 | 000,098,010 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\O Navio Negreiro.pdf

[2011/11/09 12:50:05 | 000,000,300 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job

[2011/11/09 12:34:26 | 000,120,139 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\O Alienista.pdf

[2011/11/08 21:58:41 | 000,097,992 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Musicas 1940 a 2005.eml

[2011/11/08 19:43:57 | 000,136,273 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\bolinho-de-chuva-f8-1525.jpg

[2011/11/08 11:49:48 | 000,218,896 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Um dia de Graças.eml

[2011/11/08 11:42:14 | 000,157,142 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\ZK-Cel 025.jpg

[2011/11/05 12:57:04 | 000,000,668 | ---- | M] () -- C:\Documents and Settings\Andreia\Dados de aplicativos\vso_ts_preview.xml

[2011/11/04 21:11:50 | 000,011,683 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\!!!ZecaZenFeliz.gif

[2011/11/04 19:20:55 | 000,002,545 | ---- | M] () -- C:\Documents and Settings\Andreia\Desktop\Microsoft Word.lnk

[2011/11/03 12:31:42 | 000,001,113 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\!!!!!LosangoSU-stars.gif

[2011/11/03 12:31:14 | 000,003,548 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\!!!!!Anobannerestrela155.gif

[2011/10/30 10:25:26 | 000,001,769 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk

[2011/10/27 21:23:14 | 000,141,600 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\!!!Karinhos Kentinhos ZF.gif

[2011/10/27 21:06:53 | 000,078,366 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\!!!!!Karinhos Kentinhos ZK.gif

[2011/10/27 21:02:25 | 000,040,384 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\!!!gaDs x3d.gif

[2011/10/27 21:00:01 | 000,081,356 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\!!!KarinhosKentinhos.gif

[2011/10/27 20:56:06 | 000,031,611 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\!!!gaDs-x3d.gif

[2011/10/27 15:00:34 | 000,119,941 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\AlimentosDiv.jpg

[2011/10/26 19:22:49 | 000,108,075 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\PraidadoZamor.jpg

[2011/10/26 17:04:06 | 000,204,918 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\KZK-MiPq.jpg

[2011/10/26 16:57:32 | 000,136,357 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\KZK-Cel 019.jpg

[2011/10/26 10:45:40 | 000,422,400 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Forte.CRLemberg-pps

[2011/10/25 16:18:54 | 000,236,158 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Gaiola.jpg

[2011/10/25 15:02:51 | 000,139,138 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\CanarionaGaiola.jpg

[2011/10/25 14:51:08 | 000,096,253 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Canarinhos_zep.jpg

[2011/10/25 12:51:17 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/10/24 13:36:18 | 000,134,991 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Loren-Niver-Je-Sam-Naith-ZK.jpg

[2011/10/24 13:33:42 | 000,177,166 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\ZK-ZK-231011.jpg

[2011/10/24 13:29:30 | 000,131,257 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\ZK-CelOut11 012.jpg

[2011/10/24 13:27:21 | 000,112,691 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\ZK-ZKza-Sabia.jpg

[2011/10/23 10:47:22 | 000,468,462 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat

[2011/10/23 10:47:22 | 000,432,492 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat

[2011/10/23 10:47:22 | 000,079,240 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat

[2011/10/23 10:47:22 | 000,067,448 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat

[2011/10/22 22:54:58 | 000,394,752 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Convite.SueliWeber-pps

[2011/10/21 18:40:59 | 001,187,082 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\aaaa.jpg

[2011/10/20 10:00:47 | 000,229,516 | ---- | M] () -- C:\Documents and Settings\Andreia\Meus documentos\Mi_Spacial_Niver_0711.jpg

[2011/10/20 07:50:16 | 000,000,111 | ---- | M] () -- C:\Documents and Settings\Andreia\default.pls

[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/15 20:55:30 | 000,869,194 | ---- | C] () -- C:\Documents and Settings\Andreia\Desktop\SecurityCheck.exe

[2011/11/15 20:15:15 | 000,000,789 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\E.M. PowerPoint Video Converter.lnk

[2011/11/15 17:59:01 | 000,059,978 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\FamilinterneT.jpg

[2011/11/15 17:58:01 | 000,100,898 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Gente12.jpg

[2011/11/15 17:57:41 | 000,068,486 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Aguias10.jpg

[2011/11/15 17:04:22 | 000,023,384 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\RosaPraVC.gif

[2011/11/14 23:18:20 | 000,001,971 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk

[2011/11/14 17:27:36 | 003,368,730 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\PenhahC.bmp

[2011/11/14 12:43:29 | 001,170,944 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Veice.pps

[2011/11/13 23:32:17 | 000,739,770 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Re_ {POESIAEAMIGOS} CADA DIA EU TE AMO MAIS - FERA MANHOSA - ARTESDAM.eml

[2011/11/13 22:32:55 | 000,183,864 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Os Eus que nao sou Eu.jpg

[2011/11/13 21:03:18 | 001,238,016 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\AmorVirtual.pps

[2011/11/13 15:35:29 | 000,048,366 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\AmorVirtual-charge.jpg

[2011/11/13 14:52:14 | 000,034,018 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\SexoVirtual-7.jpg

[2011/11/13 14:11:09 | 000,067,261 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\redes-sociais.jpg

[2011/11/13 14:08:37 | 000,038,104 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\VirtualLove.jpg

[2011/11/13 14:00:39 | 000,029,390 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\SexoVirtual8.jpg

[2011/11/13 13:58:41 | 000,041,442 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\SexoVirtual5.JPG

[2011/11/13 13:56:58 | 000,024,963 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\sexo-virtual.jpg

[2011/11/13 13:51:31 | 000,041,582 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\SexVirtual3a.jpg

[2011/11/13 13:49:23 | 000,028,847 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\1281618345410_f (1).jpg

[2011/11/13 13:47:54 | 000,037,404 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\AmorVirt1a.jpg

[2011/11/13 13:44:23 | 000,058,392 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\AmorVirtual1.jpg

[2011/11/13 13:43:07 | 000,073,402 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\SexVirt1.jpg

[2011/11/13 13:41:57 | 000,040,853 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\SexVirt2.jpg

[2011/11/13 13:37:41 | 000,032,251 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\sexo-virtual1.jpg

[2011/11/13 13:33:05 | 000,019,428 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\cybersex2.jpg

[2011/11/13 13:25:25 | 000,026,073 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\AmorVirtual.jpg

[2011/11/13 13:12:48 | 000,058,538 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Corujas.jpg

[2011/11/13 12:29:05 | 000,091,427 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Ninfas-Angelicas.jpg

[2011/11/12 23:05:15 | 000,017,750 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\QuadroAzul.jpg

[2011/11/12 22:50:45 | 001,440,054 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\CriançasZkptk.bmp

[2011/11/12 18:39:30 | 000,018,556 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Anjinhos-Flores.jpg

[2011/11/12 18:28:49 | 000,117,340 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\PenhahC-Lindaaa.jpg

[2011/11/12 18:24:51 | 000,260,941 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\PenhahCastro-2011.jpg

[2011/11/12 17:10:55 | 000,044,534 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Estrelas.luz.noite.jpg

[2011/11/12 16:31:34 | 002,648,343 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\AmaZK Gr.mp3

[2011/11/12 16:25:03 | 000,647,226 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\BIAFRA~1-NumaNoit.MID

[2011/11/12 16:19:52 | 000,105,090 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura10.jpg

[2011/11/12 16:19:08 | 000,104,136 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura9.jpg

[2011/11/12 16:18:48 | 000,106,901 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura8.jpg

[2011/11/12 16:18:28 | 000,104,581 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura7.jpg

[2011/11/12 16:18:06 | 000,103,289 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura6.jpg

[2011/11/12 16:17:48 | 000,103,711 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura5.jpg

[2011/11/12 16:17:24 | 000,102,326 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura4.jpg

[2011/11/12 16:17:03 | 000,105,775 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura3.jpg

[2011/11/12 16:16:32 | 000,106,739 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura2.jpg

[2011/11/12 16:16:07 | 000,104,215 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura1.jpg

[2011/11/12 16:15:35 | 000,105,090 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura12.jpg

[2011/11/12 16:15:04 | 000,111,645 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Figura11.jpg

[2011/11/12 15:53:43 | 000,079,228 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\SolPalmeira-fdo-1024.jpg

[2011/11/12 15:51:27 | 000,251,482 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\SolPalmeira-fdo.bmp

[2011/11/12 13:05:15 | 000,469,504 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Pedacinhos.pps

[2011/11/12 13:04:58 | 000,589,824 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\bomdia-cristo.pps

[2011/11/12 11:13:44 | 000,002,012 | ---- | C] () -- C:\Documents and Settings\Andreia\Desktop\HiJackThis.lnk

[2011/11/11 21:42:57 | 000,015,225 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Monitor-da-Alma-Zeca-Feliz.jpg

[2011/11/11 21:38:37 | 000,025,203 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\e-agora-oh-ze.jpg

[2011/11/11 21:29:17 | 000,016,014 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Zeca-Feliz-OrqVersoProsa.jpg

[2011/11/11 21:26:17 | 000,021,031 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\tic-tac-Zeca Avelar.jpg

[2011/11/11 21:22:43 | 000,085,525 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\zeca_tag.jpg

[2011/11/11 20:04:26 | 001,782,735 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\The sound of silence ac.mp3

[2011/11/11 19:01:12 | 000,043,781 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Velhs Falantes.jpg

[2011/11/11 18:59:05 | 000,068,491 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Velhs Falantes.png

[2011/11/11 18:40:17 | 000,030,297 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Ouvidos-de-Deus.jpg

[2011/11/11 18:39:31 | 000,285,890 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Ouvidos-de-Deus.png

[2011/11/11 18:05:42 | 000,110,882 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Palacio-Planalto-Drogas.jpg

[2011/11/11 18:02:05 | 000,089,601 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Mulheres-Nuasss.jpg

[2011/11/11 15:36:44 | 000,150,016 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\FOTO_DE_MACHU_PICCHU.pps

[2011/11/11 15:36:39 | 000,451,584 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\FOTO_DA_BIRMANIA.pps

[2011/11/11 15:35:22 | 000,219,294 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Soldado-Desconhecido.jpg

[2011/11/11 15:31:34 | 000,119,372 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Viva-sua-vida-1280x1024.jpg

[2011/11/11 15:30:06 | 000,243,274 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Chuva de Verao.jpg

[2011/11/11 15:28:15 | 000,190,740 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Deus.jpg

[2011/11/11 15:25:32 | 000,207,579 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\SonhosPartilhados.jpg

[2011/11/11 15:22:45 | 000,139,328 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\cachoeiras-9.jpg

[2011/11/11 15:20:59 | 000,065,658 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Alegria pela Vida.jpg

[2011/11/11 15:18:55 | 000,044,137 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Meninas-Puras.jpg

[2011/11/11 15:15:04 | 000,113,858 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\MeninasPuras.jpg

[2011/11/11 15:10:53 | 000,021,618 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\guerra1.jpg

[2011/11/11 15:07:07 | 000,017,579 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\chs007.jpg

[2011/11/11 15:06:12 | 000,074,652 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\DiaNublado.jpg

[2011/11/11 15:05:01 | 000,008,191 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\500758.jpg

[2011/11/11 15:02:19 | 000,615,305 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Meninos-DEscalcos.JPG

[2011/11/11 14:56:53 | 000,082,333 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Palacio-Planalto.jpeg

[2011/11/11 14:54:45 | 000,030,154 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\foto drogas.jpg

[2011/11/11 14:49:20 | 000,071,013 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\MulherNua.jpg

[2011/11/11 14:48:51 | 000,266,821 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\MiopiadaGananciaMatutina.jpg

[2011/11/11 14:45:42 | 000,236,451 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Predios.jpg

[2011/11/11 14:44:05 | 000,053,519 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Amantesss.jpg

[2011/11/11 14:38:38 | 000,045,110 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\OlhardeDeus.jpg

[2011/11/11 14:37:08 | 000,130,526 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\olho_de_deus1.jpg

[2011/11/11 14:32:55 | 000,018,941 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\o olho de deus.jpg

[2011/11/11 14:32:06 | 000,015,076 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\jjjboneca.jpg

[2011/11/11 14:31:31 | 000,013,259 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\nua.jpg

[2011/11/11 14:30:37 | 000,657,461 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\aa2p.png

[2011/11/11 14:29:31 | 000,090,619 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\kukula001.jpg

[2011/11/11 14:25:58 | 000,104,516 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\meninas_bonecas_contorno2[1].jpg

[2011/11/11 14:23:33 | 000,224,347 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Homem-de-Terno.jpg

[2011/11/11 14:19:16 | 000,059,132 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Brincos.jpg

[2011/11/11 14:11:55 | 000,006,416 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Monica-Bellucci-443.jpg

[2011/11/11 14:01:55 | 000,045,396 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\expulsparaiso.jpg

[2011/11/11 13:43:12 | 001,453,568 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Sonata_ao_Luar.pps

[2011/11/10 21:39:42 | 000,214,118 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Utopia.pdf

[2011/11/10 21:34:20 | 000,519,954 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\The picture of Dorian Gray pdf.pdf

[2011/11/10 21:32:31 | 000,130,279 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\A-esfinge-sem-segredo2.pdf

[2011/11/10 21:23:58 | 000,115,672 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\The Comedy of Errors.pdf

[2011/11/10 21:13:27 | 001,797,156 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Divina Comedia Pt.pdf

[2011/11/10 21:08:28 | 000,083,118 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\O Livro Dele.pdf

[2011/11/10 21:06:10 | 002,708,489 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Ulysses.pdf

[2011/11/10 21:03:50 | 000,130,279 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\A Esfinge.pdf

[2011/11/10 21:00:54 | 000,219,080 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\aNTIGONAS.pdf

[2011/11/10 20:57:14 | 000,844,905 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Divina cOMEDIA.pdf

[2011/11/10 20:54:49 | 000,130,279 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\A-esfinge-sem-segredo.pdf

[2011/11/10 20:11:20 | 000,661,504 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\AME MARIA.pps

[2011/11/10 19:06:18 | 000,124,813 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Niver-Parabens.jpg

[2011/11/10 17:54:21 | 000,214,829 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Zinha-Niver-10112011.jpg

[2011/11/10 17:52:44 | 000,157,634 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Zinha-Niver-101111.jpg

[2011/11/10 17:36:36 | 000,089,488 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Feliz Aniversario.jpg

[2011/11/10 13:13:45 | 000,067,193 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\OdeteD-FB-Fpolis.jpg

[2011/11/10 13:13:11 | 000,081,816 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\OdeteDaminelli.jpg

[2011/11/10 13:10:33 | 000,137,201 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\OdeteD.jpg

[2011/11/10 13:09:55 | 000,141,219 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\OdeteDaminelli FB.jpg

[2011/11/10 13:09:11 | 000,034,167 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\OdeteDaminelli FB - Fpolis.jpg

[2011/11/10 12:49:34 | 000,528,896 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\voo_de_gansos.pps

[2011/11/09 21:01:17 | 000,043,804 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Deus-EscadaparaCeu.jpg

[2011/11/09 21:00:06 | 000,153,104 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\AveMaria-txt.jpg

[2011/11/09 19:10:28 | 000,407,049 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Gmail - Entrada (6) - felizeca@gmail.com.htm

[2011/11/09 14:34:09 | 000,035,400 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\_Euosou_ ESPETACULAR!!! UM EMAIL PARA NÃO APAGAR.eml

[2011/11/09 13:55:19 | 000,118,241 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Lunna Pains Parabéns.jpg

[2011/11/09 13:29:41 | 000,031,308 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\RosaLunna.jpg

[2011/11/09 13:27:56 | 000,022,336 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Lunna Pains.jpg

[2011/11/09 13:00:35 | 000,314,666 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Obras Poeticas Gregorio de Matos.pdf

[2011/11/09 12:55:42 | 000,091,776 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Saudade.pdf

[2011/11/09 12:54:21 | 000,101,767 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\El Arte de la Guerra.pdf

[2011/11/09 12:52:02 | 000,098,010 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\O Navio Negreiro.pdf

[2011/11/09 12:34:55 | 000,120,139 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\O Alienista.pdf

[2011/11/08 21:58:41 | 000,097,992 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Musicas 1940 a 2005.eml

[2011/11/08 19:44:09 | 000,136,273 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\bolinho-de-chuva-f8-1525.jpg

[2011/11/08 11:49:48 | 000,218,896 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Um dia de Graças.eml

[2011/11/08 11:42:14 | 000,157,142 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\ZK-Cel 025.jpg

[2011/11/04 21:12:21 | 000,011,683 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\!!!ZecaZenFeliz.gif

[2011/11/03 12:32:08 | 000,001,113 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\!!!!!LosangoSU-stars.gif

[2011/11/03 12:31:32 | 000,003,548 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\!!!!!Anobannerestrela155.gif

[2011/10/30 10:25:26 | 000,001,769 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Adobe Reader 9.lnk

[2011/10/27 21:23:12 | 000,141,600 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\!!!Karinhos Kentinhos ZF.gif

[2011/10/27 21:06:51 | 000,078,366 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\!!!!!Karinhos Kentinhos ZK.gif

[2011/10/27 21:02:24 | 000,040,384 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\!!!gaDs x3d.gif

[2011/10/27 20:56:05 | 000,031,611 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\!!!gaDs-x3d.gif

[2011/10/27 20:54:00 | 000,081,356 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\!!!KarinhosKentinhos.gif

[2011/10/27 15:00:34 | 000,119,941 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\AlimentosDiv.jpg

[2011/10/26 19:22:49 | 000,108,075 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\PraidadoZamor.jpg

[2011/10/26 17:04:05 | 000,204,918 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\KZK-MiPq.jpg

[2011/10/26 16:57:31 | 000,136,357 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\KZK-Cel 019.jpg

[2011/10/26 10:45:40 | 000,422,400 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Forte.CRLemberg-pps

[2011/10/25 16:18:54 | 000,236,158 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Gaiola.jpg

[2011/10/25 15:02:51 | 000,139,138 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\CanarionaGaiola.jpg

[2011/10/25 14:51:08 | 000,096,253 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Canarinhos_zep.jpg

[2011/10/24 13:36:17 | 000,134,991 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Loren-Niver-Je-Sam-Naith-ZK.jpg

[2011/10/24 13:33:42 | 000,177,166 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\ZK-ZK-231011.jpg

[2011/10/24 13:29:29 | 000,131,257 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\ZK-CelOut11 012.jpg

[2011/10/24 13:27:21 | 000,112,691 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\ZK-ZKza-Sabia.jpg

[2011/10/22 22:54:58 | 000,394,752 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Convite.SueliWeber-pps

[2011/10/21 18:40:58 | 001,187,082 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\aaaa.jpg

[2011/10/20 10:00:37 | 000,229,516 | ---- | C] () -- C:\Documents and Settings\Andreia\Meus documentos\Mi_Spacial_Niver_0711.jpg

[2011/08/26 00:42:02 | 000,000,591 | ---- | C] () -- C:\WINDOWS\MyHeritage.INI

[2011/08/26 00:39:15 | 000,454,656 | ---- | C] () -- C:\WINDOWS\System32\PaintX.dll

[2011/07/30 03:15:37 | 000,194,560 | ---- | C] () -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\FontCache3.0.0.0.dat

[2011/07/13 22:35:25 | 000,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys

[2011/07/13 19:22:58 | 000,000,033 | ---- | C] () -- C:\WINDOWS\Multimedia manager.INI

[2011/07/13 19:21:12 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\LauncherAccess.dt

[2011/07/13 19:10:18 | 000,000,438 | ---- | C] () -- C:\Arquivos de programas\Atalho para Samsung em KZK (Biba).lnk

[2011/07/06 19:58:27 | 000,000,000 | ---- | C] () -- C:\WINDOWS\TBRIDGE.INI

[2011/07/06 18:19:01 | 000,000,095 | ---- | C] () -- C:\WINDOWS\tb96.ini

[2011/07/06 16:39:40 | 000,000,200 | ---- | C] () -- C:\WINDOWS\maxlink.ini

[2011/07/06 16:39:40 | 000,000,104 | ---- | C] () -- C:\WINDOWS\Tb98.ini

[2011/07/06 16:38:51 | 000,046,512 | ---- | C] () -- C:\WINDOWS\System32\EPSN.DLL

[2011/07/06 16:38:51 | 000,012,126 | ---- | C] () -- C:\WINDOWS\System32\PIXPCZ.DLL

[2011/07/06 16:38:51 | 000,011,934 | ---- | C] () -- C:\WINDOWS\System32\PIXPNR.DLL

[2011/07/06 16:38:51 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL

[2011/07/06 16:38:51 | 000,004,528 | ---- | C] () -- C:\WINDOWS\System32\SETBROWS.EXE

[2011/07/06 16:36:40 | 000,000,153 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI

[2011/02/04 20:25:43 | 000,000,183 | ---- | C] () -- C:\WINDOWS\rar_crck.ini

[2011/01/23 01:46:30 | 000,000,067 | ---- | C] () -- C:\WINDOWS\swf2avi.INI

[2011/01/23 01:46:22 | 000,758,018 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll

[2011/01/23 01:46:22 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll

[2011/01/12 01:36:28 | 000,000,050 | ---- | C] () -- C:\WINDOWS\MegaManager.INI

[2011/01/01 23:55:32 | 000,020,480 | ---- | C] () -- C:\WINDOWS\CameraFixer.exe

[2011/01/01 23:55:28 | 000,788,480 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd3.sys

[2010/12/11 18:35:27 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll

[2010/12/11 18:34:33 | 000,006,211 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini

[2010/09/15 22:18:15 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Andreia\Dados de aplicativos\inst.exe

[2010/09/15 22:18:15 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Andreia\Dados de aplicativos\pcouffin.cat

[2010/09/15 22:18:15 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Andreia\Dados de aplicativos\pcouffin.inf

[2010/09/15 21:59:33 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Andreia\Dados de aplicativos\vso_ts_preview.xml

[2010/09/12 20:26:29 | 000,073,220 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat

[2010/09/12 20:26:29 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat

[2010/09/12 20:26:29 | 000,029,114 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat

[2010/09/12 20:26:29 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat

[2010/09/12 20:26:29 | 000,021,021 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat

[2010/09/12 20:26:29 | 000,015,670 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat

[2010/09/12 20:26:29 | 000,013,280 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat

[2010/09/12 20:26:29 | 000,010,673 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat

[2010/09/12 20:26:29 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat

[2010/09/12 20:26:29 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat

[2010/09/12 20:26:29 | 000,001,140 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat

[2010/09/12 20:26:29 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat

[2010/09/12 20:26:29 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat

[2010/09/12 20:26:29 | 000,001,130 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat

[2010/09/12 20:26:29 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat

[2010/09/12 20:26:29 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini

[2010/09/12 20:26:02 | 000,000,079 | ---- | C] () -- C:\WINDOWS\EPCX5600.ini

[2010/08/15 03:11:45 | 000,000,050 | ---- | C] () -- C:\WINDOWS\cdplayer.ini

[2010/08/15 02:39:23 | 000,260,392 | ---- | C] () -- C:\Arquivos de programas\SoftonicDownloader11477.exe

[2010/08/12 21:00:26 | 000,328,684 | ---- | C] () -- C:\Arquivos de programas\audacity-win-unicode-1.3.12.exe

[2010/06/25 15:03:12 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll

[2010/04/28 20:58:21 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\MSJCE.dll

[2010/03/03 00:11:53 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll

[2010/02/14 23:27:14 | 000,339,968 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe

[2010/02/14 23:27:14 | 000,114,688 | ---- | C] () -- C:\WINDOWS\tsnpstd3.exe

[2010/02/14 23:27:13 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini

[2010/02/14 23:27:10 | 008,410,880 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd3.sys.off

[2010/02/14 23:27:10 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd3.exe

[2010/01/11 20:16:21 | 000,000,002 | ---- | C] () -- C:\WINDOWS\memf8.dll

[2010/01/01 13:35:00 | 000,000,120 | ---- | C] () -- C:\Documents and Settings\Andreia\Dados de aplicativos\FixVTS.ini

[2009/12/26 18:03:36 | 000,000,421 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009/11/27 17:26:34 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll

[2009/11/27 17:26:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll

[2009/11/24 00:13:28 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI

[2009/11/01 21:33:20 | 001,663,488 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe

[2009/11/01 21:33:20 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe

[2009/11/01 21:33:20 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll

[2009/11/01 21:33:20 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys

[2009/11/01 21:33:20 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys

[2009/10/29 14:29:43 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2009/10/27 18:54:55 | 001,094,021 | ---- | C] () -- C:\Arquivos de programas\dvdshrink32setup.zip

[2009/10/23 07:21:14 | 000,003,594 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini

[2009/10/23 07:21:12 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS

[2009/10/22 18:21:27 | 000,164,864 | ---- | C] () -- C:\Documents and Settings\Andreia\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/10/01 16:01:46 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2009/09/30 22:11:06 | 000,000,041 | -H-- | C] () -- C:\WINDOWS\dsez1345.dat

[2009/09/21 01:56:16 | 000,000,125 | -HS- | C] () -- C:\Documents and Settings\Andreia\Dados de aplicativos\.zreglib

[2009/09/18 00:11:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2009/09/18 00:11:24 | 000,003,353 | ---- | C] () -- C:\WINDOWS\mozver.dat

[2009/09/15 01:11:35 | 000,001,732 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin

[2009/06/10 22:32:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2009/06/10 22:28:36 | 000,021,844 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2009/06/07 09:27:20 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\vbzlib1.dll

[2009/03/30 04:28:37 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2009/03/30 04:27:41 | 000,315,560 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2007/10/04 06:14:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2007/10/04 06:14:00 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe

[2007/10/04 06:14:00 | 001,478,656 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2007/10/04 06:14:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe

[2007/10/04 06:14:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2007/10/04 06:14:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2007/10/04 06:14:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe

[2007/10/04 06:14:00 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe

[2007/10/04 06:14:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll

[2007/01/26 02:04:12 | 000,138,752 | ---- | C] () -- C:\WINDOWS\System32\mase32.dll

[2007/01/26 02:04:12 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\ma32.dll

[2004/08/04 01:57:52 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin

[2004/08/02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2004/07/17 12:36:38 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys

[1782/01/19 01:14:07 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[1782/01/19 01:14:07 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[1782/01/19 01:14:07 | 000,468,462 | ---- | C] () -- C:\WINDOWS\System32\perfh016.dat

[1782/01/19 01:14:07 | 000,432,492 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[1782/01/19 01:14:07 | 000,301,776 | ---- | C] () -- C:\WINDOWS\System32\perfi016.dat

[1782/01/19 01:14:07 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[1782/01/19 01:14:07 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[1782/01/19 01:14:07 | 000,079,240 | ---- | C] () -- C:\WINDOWS\System32\perfc016.dat

[1782/01/19 01:14:07 | 000,067,448 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[1782/01/19 01:14:07 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[1782/01/19 01:14:07 | 000,035,178 | ---- | C] () -- C:\WINDOWS\System32\perfd016.dat

[1782/01/19 01:14:07 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[1782/01/19 01:14:07 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[1782/01/19 01:14:07 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

========== LOP Check ==========

[2010/11/14 23:08:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrador\Dados de aplicativos\Bandoo

[2010/11/10 20:16:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Alwil Software

[2011/01/03 11:47:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\ashampoo

[2010/01/14 12:38:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\BVRP Software

[2009/10/22 18:06:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DVDXStudio(2)

[2010/01/07 20:16:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\EPSON

[2011/07/10 00:59:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin

[2010/12/11 18:35:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\MAGIX

[2011/08/26 00:46:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\MyHeritage

[2011/09/05 19:06:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Pinnacle

[2011/09/05 19:15:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Pinnacle VideoSpin

[2011/07/15 14:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer

[2010/12/01 16:34:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP

[2010/09/15 23:24:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\vsosdk

[2011/07/14 21:01:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}

[2009/10/01 08:30:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\Any Video Converter

[2011/01/03 11:49:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\Ashampoo

[2011/11/15 15:04:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\Audacity

[2011/01/25 16:44:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\Bluefive software

[2009/08/18 20:52:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\BrOffice.org

[2010/12/08 17:05:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\BSplayer

[2010/12/08 17:05:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\BSplayer Pro

[2011/07/30 13:16:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\DVDVideoSoft

[2011/03/25 17:46:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\DVDVideoSoftIEHelpers

[2009/10/27 19:30:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\Elaborate Bytes

[2010/09/12 20:31:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\EPSON

[2010/03/03 00:11:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\FreeAudioPack

[2011/04/02 15:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\iSpring Solutions

[2009/09/24 13:52:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\Jasc

[2010/12/11 18:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\MAGIX

[2009/09/18 00:05:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\Megaupload

[2011/08/26 00:42:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\MyHeritage

[2011/08/11 13:44:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\OpenCandy

[2011/02/04 20:44:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\Passware

[2010/01/03 11:36:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\PhotoFiltre

[2010/09/23 21:37:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\PhotoFiltre Studio X

[2010/11/18 09:34:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\PriceGong

[2010/12/18 19:10:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\Research In Motion

[2010/01/01 13:33:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\RipIt4Me

[2011/07/13 19:22:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\Samsung

[2011/08/26 00:39:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\The Complete Genealogy Reporter - FTB

[2011/07/15 14:15:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\Uniblue

[2011/02/08 12:41:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\uTorrent

[2011/11/05 12:57:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\Vso

[2010/08/15 02:51:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\WinAVI

[2011/04/02 20:06:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Andreia\Dados de aplicativos\Xilisoft

[2010/11/14 23:32:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zeca Feliz\Dados de aplicativos\Bandoo

[2010/11/14 23:33:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zeca Feliz\Dados de aplicativos\PriceGong

[2010/12/27 23:30:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Zeca Feliz\Dados de aplicativos\Research In Motion

[2011/11/15 11:25:10 | 000,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\DriverScanner.job

[2011/11/15 11:25:10 | 000,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\RegistryBooster.job

[2011/11/15 16:14:22 | 000,000,458 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1D47F1B-F51D-4555-8335-DF4591747F37}.job

========== Purity Check ==========

========== Alternate Data Streams ==========

@Alternate Data Stream - 58 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst

@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:A8363D97_Cef.gbp

@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:DFC5A2B2

< End of report >

OTL Extras logfile created on: 15/11/2011 21:07:39 - Run 1