[Resolvido] &nbspNotebook não desliga completamente

missbrightside · Janeiro 4, 2012

Olá pessoal!

Recentemente meu notebook vem apresentando um problema, erro, no momento em que tento desligá-lo.

Ao clicar iniciar > desligar, o sistema é corretamente desligado, mas as luzes referentes à bateria e ao próprio status "ligado" do computador continuam acesas, como se em vez de desligar tivesse entrado em modo de espera.

A única forma de desligá-lo completamente tem sido retirar a bateria.

Segue o log do HijackThis, para vcs analisarem e tentarem me ajudar! =)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 23:46:59, on 03/01/2012

Platform: Windows 7 (WinNT 6.00.3504)

MSIE: Internet Explorer v8.00 (8.00.7600.16385)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Protector Suite\psqltray.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe

C:\Program Files\DivX\DivX Update\DivXUpdate.exe

C:\Program Files\Real\RealPlayer\Update\realsched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\OEM\LIVE! OSD 1.15.06\osd.exe

C:\Windows\system32\rundll32.exe

C:\Windows\system32\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nmd.msn.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Program Files\Scpad\scpsssh2.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office12\GR469A~1.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite\launcher.exe" /startup

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [PlusService] C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe

O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O4 - Global Startup: Guia Multimidia.lnk = ?

O4 - Global Startup: OSD.lnk = ?

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll

O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll

O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL

O17 - HKLM\System\CCS\Services\Tcpip\..\{D092C698-586F-4759-B8D6-308C9188A69A}: NameServer = 200.222.122.133 200.165.132.155

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MIF5BA~1\Office12\GRA32A~1.DLL

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Program Files\Scpad\scpLIB.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Avira Programador (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira Realtime Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Serviço do Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Context Manager Process Extension (cmpe) - LightComm - C:\Windows\system32\cmpe.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: scpVista - Scopus Tecnologia Ltda - C:\Program Files\Scpad\scpVista.exe

--

End of file - 9004 bytes

Aguardo resposta! Obrigada!

DigRam · Janeiro 7, 2012

Boa Tarde! missbrightside

|- Aparentemente,o log está limpo! :)

/////°°°°°/////

|- Baixe: < > < > ( ...par Nicolas Coolman )

|- Estando na página,clique em: < >

|- Salve-o em Arquivos de programas e descompacte-o aí mesmo!

f275ef34005c23a087af2e8ec43f12a3a83b20f2d86fa52748e34ecd064fe90b6g.jpg

|- Desabilite seu antivírus e execute "ZHPDiag2.exe". < b1213ab5b1c6c82da85cd782fc66e21829baa55668d621f18000599eb2f818666g.jpg >

|- Ps: Confirme todos os passos,ao instalar ZHPDiag.

|- Clique em 4804a19ee52052e68b5900ce67a6566890b7a2f79506eeabaac40aefe1d31a086g.jpg |-- Termine.

|- Abra a ferramenta,clicando no ícone do pergaminho. < >

|- Atualize-a,clicando na seta verde,no topo à direita.

|- A atualização estará completa,ao termos a mensagem:

|- Habilite todas as opções de diagnóstico,clicando em ( Ícone da chave de fenda )

|- Clique em All.

|- Dê início ao diagnóstico ( Diag ),clicando no ícone da lupa.

|- Ao concluir,clique no ícone da máquina fotográfica ou "Save Report",para dispormos do relatório.

|- Salve-o em um local conveniente!

|- Caso queira salvar o log no Bloco de Notas,clique no ícone da máquina fotográfica e cole-o no BN.

|- Poste-o,na sua resposta: ZHPDiag.txt

|- Tendo problemas ao postar esse relatório,acesse < >

|- Maiores informações: |Link| >

Abraços!

missbrightside · Janeiro 8, 2012

Olá DigRam!

Segui suas instruções e segue abaixo o diagnóstico:

ZHPDiag.txt

Rapport de ZHPDiag v1.28.308 par Nicolas Coolman, Update du 06/01/2012

Run by Natália Castro at 08/01/2012 19:07:30

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Web site : http://nicolascoolman.skyrock.com/

State : A new version is available.

---\\ Web Browser

MSIE: Internet Explorer v8.0.7600.16385

GCIE: Google Chrome (Defaut)

OBIE: Safari v5.34.50.0

---\\ Windows Product Information

~ Langage: Anglais

Windows 7 Home Basic Edition, 32-bit (Build 7600)

Windows Server License Manager Script : OK

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

---\\ System Information

~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3032 MB (70% free)

System Restore: Activé (Enable)

System drive C: has 58 GB (19%) free of 290 GB

---\\ Logged in mode

~ Computer Name: NATALIACASTRO

~ User Name: Natália Castro

~ All Users Names: Natália Castro, Convidado, Administrador,

~ Unselected Option: None

Logged in as Administrator

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\Natália Castro\AppData\Roaming\

~ %Desktop% : C:\Users\Natália Castro\Desktop\

~ %Favorites% : C:\Users\Natália Castro\Favorites\

~ %LocalAppData% : C:\Users\Natália Castro\AppData\Local\

~ %StartMenu% : C:\Users\Natália Castro\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 58 Go of 290 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

Z:\ Hard drive, Flash drive, Thumb drive (Free 8 Go of 8 Go)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

~ Scan Security Center in 00mn 00s

---\\ Search Generic System Files

[MD5.2AF58D15EDC06EC6FDACCE1F19482BBF] - (.Microsoft Corporation - Windows Explorer.) (.04/01/2012 - 02:33:07.) -- C:\Windows\Explorer.exe [2614784]

[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) (.13/07/2009 - 22:14:31.) -- C:\Windows\system32\rundll32.exe [44544]

[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\system32\Wininit.exe [96256]

[MD5.7F5B51FACA193430346970283C50769F] - (.Microsoft Corporation - Internet Extensions para Win32.) (.04/01/2012 - 01:35:50.) -- C:\Windows\system32\wininet.dll [981504]

[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.19/05/2010 - 15:03:04.) -- C:\Windows\system32\Winlogon.exe [285696]

[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.13/07/2009 - 22:16:15.) -- C:\Windows\system32\sppcomapi.dll [193024]

[MD5.0DB7A48388D54D154EBEC120461A0FCD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/01/2012 - 23:35:40.) -- C:\Windows\system32\drivers\AFD.sys [338944]

[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584]

[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\drivers\Cdfs.sys [70656]

[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:11:26.) -- C:\Windows\system32\drivers\Cdrom.sys [108544]

[MD5.83D1ECEA8FAAE75604C0FA49AC7AD996] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.04/01/2012 - 23:33:46.) -- C:\Windows\system32\drivers\DfsC.sys [78336]

[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 20:50:56.) -- C:\Windows\system32\drivers\HDAudBus.sys [108544]

[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\drivers\i8042prt.sys [80896]

[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\drivers\IpNat.sys [101888]

[MD5.CA7570E42522E24324A12161DB14EC02] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/01/2012 - 23:43:41.) -- C:\Windows\system32\drivers\MRxSmb.sys [123392]

[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:12:21.) -- C:\Windows\system32\drivers\netBT.sys [187904]

[MD5.187002CE05693C306F43C873F821381F] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.05/01/2012 - 02:44:01.) -- C:\Windows\system32\drivers\ntfs.sys [1210240]

[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\drivers\Parport.sys [79360]

[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\drivers\Rasl2tp.sys [78848]

[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\drivers\smb.sys [71168]

[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:12:11.) -- C:\Windows\system32\drivers\tdx.sys [74240]

[MD5.58DF9D2481A56EDDE167E51B334D44FD] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/07/2009 - 22:19:10.) -- C:\Windows\system32\drivers\volsnap.sys [245328]

~ Scan Generic Processes in 00mn 00s

---\\ Hidden files state (Hidden/Total)

~ Mes images (My Pictures) : 6/926

~ Mes musiques (My Musics) : 1485/6076

~ Mes Videos (My Videos) : 2/1718

~ Mes Favoris (My Favorites) : 3/48

~ Mes Documents (My Documents) : 24/2506

~ Mon Bureau (My Desktop) : 2/248

~ Menu demarrer (Programs) : 7/62

~ Scan Hidden Files in 00mn 05s

---\\ Running Processes

[MD5.644795F6985C740F5E36E9336B837D0B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072] [PID.2696]

[MD5.78D76239DF5A161C702FDECC7D6E4863] - (.Google Inc. - Google Chrome.) -- C:\Users\Natália Castro\AppData\Local\Google\Chrome\Application\chrome.exe [1047096] [PID.1452]

[MD5.2E1A988538B6C570172B3EAA39A156A8] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2210304] [PID.3636]

~ Scan Processes Running in 00mn 00s

---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)

C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Preferences

G1 - GCS: Preference [user Data\Default] None

G0 - GCSP: Preference [user Data\Default][HomePage] http://www.google.com

G2 - GCE: Preference [user Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension v.1.5 (Activé)

~ Scan Google Browser in 00mn 00s

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)

P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_30 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60831.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@real.com/nppl3260;version=12.0.1.669] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

P2 - FPN: [HKLM] [@real.com/nprjplug;version=12.0.1.669] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

P2 - FPN: [HKLM] [@real.com/nprpchromebrowserrecordext;version=12.0.1.669] - (.RealNetworks, Inc. - RealNetworks RealPlayer Chrome Background Extension Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserre

P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=12.0.1.669] - (.RealNetworks, Inc. - RealPlayer HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

P2 - FPN: [HKLM] [@real.com/nprpjplug;version=12.0.1.669] - (.RealNetworks, Inc. - 12.0.1.669.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.1.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Natália Castro\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Natália Castro\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll

~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://nmd.msn.com

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navegador da Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0

~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

---\\ Changed inifile Value, Mapped to Registry (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

---\\ Hosts file redirection (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

---\\ Browser Helper Objects (O2)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: CompSegIB - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} . (.Scopus Tecnologia Ltda - scpsssh2 Module.) -- C:\Program Files\Scpad\scpsssh2.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation. - Extensões Cliente Bing.) -- C:\Program Files\Microsoft\BingBar\BingExt.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} . (.kikin - kikin plugin.) -- C:\Program Files\kikin\ie_kikin.dll

~ Scan BHO in 00mn 00s

---\\ Internet Explorer toolbars (O3)

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensões Cliente Bing.) -- C:\Program Files\Microsoft\BingBar\BingExt.dll

~ Scan Toolbar in 00mn 00s

---\\ Auto loading programs from Registry and folders (O4)

O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

~ Scan Application in 00mn 00s

---\\ Other User Links (O4)

O4 - Global Startup: C:\Users\Natália Castro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Install_NSS.lnk . (.Symantec Corporation.) -- C:\Program Files\DivX\Symantec\scstubinstaller.exe

O4 - Global Startup: C:\Users\Natália Castro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Natália Castro\Desktop\Ares.lnk . (.Ares Development Group.) -- C:\Program Files\Ares\Ares.exe

O4 - Global Startup: C:\Users\Natália Castro\Desktop\Auslogics Registry Cleaner.lnk . (.Auslogics.) -- C:\Program Files\Auslogics\Auslogics Registry Cleaner\RegCleaner.exe

O4 - Global Startup: C:\Users\Natália Castro\Desktop\Conexão Oi Velox.lnk . (.LightComm.) -- C:\Program Files\Oi Velox\Conexão\pppoe.exe

O4 - Global Startup: C:\Users\Natália Castro\Desktop\DVD Shrink 3.2.lnk . (.DVD Shrink.) -- C:\Program Files\DVD Shrink\DVD Shrink 3.2.exe

O4 - Global Startup: C:\Users\Natália Castro\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\Natália Castro\AppData\Local\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\Natália Castro\Desktop\Revo Uninstaller.lnk . (.VS Revo Group.) -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe

O4 - Global Startup: C:\Users\Natália Castro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...) -- C:\Windows\Installer\{735619D4-B42A-437A-958C-199BFCAEDB38}\SafariIco.exe

O4 - Global Startup: C:\Users\Natália Castro\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

~ Scan Global Startup in 00mn 00s

---\\ IE Options icon not visible in Control Panel (O5)

O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no

~ Scan IE Control Panel in 00mn 00s

---\\ Extra items in the IE right-click menu (O8)

O8 - Extra context menu item: E&xportar para o Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files\MIF5BA~1\Office12\EXCEL.exe

~ Scan IE Menu Contextuel in 00mn 00s

---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)

O9 - Extra button: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} -- Orphean Key

O9 - Extra button: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MIF5BA~1\Office12\ONBttnIE.dll

O9 - Extra button: &Enviar para o OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO

~ Scan IE Extra Buttons in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\System32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\System32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\System32\NapiNSP.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\System32\pnrpnsp.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\System32\pnrpnsp.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

~ Scan Winsock in 00mn 00s

---\\ Lop.com/Domain Hijackers (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{D092C698-586F-4759-B8D6-308C9188A69A}: NameServer = 200.222.122.133 200.165.132.155

O17 - HKLM\System\CCS\Services\Tcpip\..\{1858C71C-08ED-4686-B289-1633BD3ACE7D}: DhcpNameServer = 200.165.132.148 200.165.132.155

O17 - HKLM\System\CS1\Services\Tcpip\..\{D092C698-586F-4759-B8D6-308C9188A69A}: NameServer = 200.222.122.133 200.165.132.155

O17 - HKLM\System\CS1\Services\Tcpip\..\{1858C71C-08ED-4686-B289-1633BD3ACE7D}: DhcpNameServer = 200.165.132.148 200.165.132.155

O17 - HKLM\System\CS2\Services\Tcpip\..\{1858C71C-08ED-4686-B289-1633BD3ACE7D}: DhcpNameServer = 200.165.132.148 200.165.132.155

~ Scan Domain in 00mn 00s

---\\ Extra protocols (O18)

O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\MSVidCtl.dll

O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll

O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll

O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\microsoft shared\Help\hxds.dll

O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll

O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\MSVidCtl.dll

O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll

O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll

~ Scan Protocole Additionnel in 00mn 00s

---\\ AppInit_DLLs Registry value Autorun (O20)

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\system32\igfxdev.dll

O20 - Winlogon Notify: psfus . (...) -- C:\Program Files\Protector Suite\psqlpwd.dll

~ Scan Winlogon in 00mn 00s

---\\ ShellServiceObjectDelayLoad (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} . (.Scopus Tecnologia Ltda - scpIBLoad Module.) -- C:\Program Files\Scpad\scpLIB.dll

~ Scan SSODL in 00mn 00s

---\\ Windows Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

---\\

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s

---\\ Task Planned Automatically(039)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1491894536-370497875-2230607580-1000Core.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1491894536-370497875-2230607580-1000UA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Install_NSS.job

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1491894536-370497875-2230607580-1000Core] (.Google Inc..) -- C:\Users\Natália Castro\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1491894536-370497875-2230607580-1000UA] (.Google Inc..) -- C:\Users\Natália Castro\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.E67BA625D75BB170FAE16970822CF4C1] [APT] [install_NSS] (.Symantec Corporation.) -- C:\Program Files\DivX\Symantec\scstubinstaller.exe

[MD5.2AA60514B683F15CF484C4A9F21C3425] [APT] [RealCreateProcessScheduledTask10857778S-1-5-21-1491894536-370497875-2230607580-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe

[MD5.2AA60514B683F15CF484C4A9F21C3425] [APT] [RealCreateProcessScheduledTask12912452S-1-5-21-1491894536-370497875-2230607580-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe

[MD5.2AA60514B683F15CF484C4A9F21C3425] [APT] [RealCreateProcessScheduledTask19651430S-1-5-21-1491894536-370497875-2230607580-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe

[MD5.2AA60514B683F15CF484C4A9F21C3425] [APT] [RealCreateProcessScheduledTask7971588S-1-5-21-1491894536-370497875-2230607580-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe

[MD5.874B6089DB177C2C9F2029CB5199373F] [APT] [RealUpgradeLogonTaskS-1-5-21-1491894536-370497875-2230607580-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe

[MD5.874B6089DB177C2C9F2029CB5199373F] [APT] [RealUpgradeScheduledTaskS-1-5-21-1491894536-370497875-2230607580-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe

[MD5.79197AB8FC20E781BA141E291866A909] [APT] [{D6818C51-5E87-4475-A0E9-C557AEEAD7EC}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe

[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

~ Scan Scheduled Task in 00mn 01s

---\\ ActiveSetup Installed Components (O40)

O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Identidade visual IEAK.) -- C:\Windows\System32\iedkcs32.dll

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\system32\wmp.dll

O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.0 r32.) -- C:\Windows\System32\Macromed\Flash\FlDbg10c.ocx

~ Scan Active Setup in 00mn 00s

---\\ Drivers launched at startup (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (avkmgr) . (.Avira GmbH - Avira Manager Driver.) - C:\Windows\system32\DRIVERS\avkmgr.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Driver do Subsistema de Buffer da Unidade R.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys

O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys

~ Scan Drivers in 00mn 00s

---\\ Software installed (O42)

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Reader X (10.1.1) - Português - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1046-7B44-AA1000000001}

O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM] -- {b2ec4a38-b545-4a00-8214-13fe0e915e6d}

O42 - Logiciel: Angry Birds Rio - (.Rovio.) [HKLM] -- {D7B3493D-766C-40AA-9AA9-053B896D76DE}

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {343666E2-A059-48AC-AD67-230BF74E2DB2}

O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {8153ED9A-C94A-426E-9880-5E6775C08B62}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

O42 - Logiciel: Ares 2.1.7 - (.Ares Development Group.) [HKLM] -- Ares

O42 - Logiciel: Arquivo do WinRAR - (.Unknown owner.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Assistente de Conexão do Windows Live - (.Microsoft Corporation.) [HKLM] -- {51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}

O42 - Logiciel: Atualização do produto Microsoft Office Excel 2007 Help (KB963678) - (.Microsoft.) [HKLM] -- {90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{717C9095-8AAE-41CB-B046-BD6E8399F4F3}

O42 - Logiciel: Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) - (.Microsoft.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA}

O42 - Logiciel: Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) - (.Microsoft.) [HKLM] -- {90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8}

O42 - Logiciel: Atualização do produto Microsoft Office Word 2007 Help (KB963665) - (.Microsoft.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}

O42 - Logiciel: Auslogics Registry Cleaner - (.Auslogics Software Pty Ltd.) [HKLM] -- {8D8024F1-2945-49A5-9B78-5AB7B11D7942}_is1

O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM] -- {B4089055-D468-45A4-A6BA-5A138DD715FC}

O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: Conexão Oi Velox - (.LightComm.) [HKLM] -- pppoe_is1

O42 - Logiciel: CrazyTalk Cam Suite - (.Reallusion.) [HKLM] -- {D1504C77-1B19-4AF0-8DEC-946666123B55}

O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1

O42 - Logiciel: DolbyFiles - (.Nero AG.) [HKLM] -- {b1adf008-e898-4fe2-8a1f-690d9a06acaf}

O42 - Logiciel: Ferramenta de Carregamento do Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: G4-Protec - (.OEM.) [HKLM] -- {8A523682-CF7F-41EE-98E3-6A3FF6635279}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome

O42 - Logiciel: GuiaMultimidia - (.SEMP TOSHIBA Ideas & Technology.) [HKLM] -- {A0CF9B5D-224C-4D0E-BB77-A27F6F606FA1}

O42 - Logiciel: Instalação do DivX - (.DivX, LLC.) [HKLM] -- DivX Setup.divx.com

O42 - Logiciel: Intel® TV Wizard - (.Intel Corporation.) [HKLM] -- TVWiz

O42 - Logiciel: JDownloader - (.AppWork UG (haftungsbeschränkt).) [HKLM] -- JDownloader

O42 - Logiciel: Java 6 Update 30 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216020FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}

O42 - Logiciel: LIVE! Control Center 1.05 - (.OEM.) [HKLM] -- {271F5A67-A83A-4985-B41B-201EB267E6CF}

O42 - Logiciel: LIVE! OSD 1.15.06 - (.OEM.) [HKLM] -- {73289228-1853-4623-982A-EB17FF0270CA}

O42 - Logiciel: LightModem 3.0 - (.LightComm.) [HKLM] -- Programador de Modem_is1

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: MahJong Suite 2011 v8.6 - (.TreeCardGames.) [HKLM] -- MahJong Suite_is1

O42 - Logiciel: Malwarebytes Anti-Malware versão 1.60.0.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Menu Templates - Starter Kit - (.Nero AG.) [HKLM] -- {b78120a0-cf84-4366-a393-4d0a59bc546c}

O42 - Logiciel: Messenger Plus! 5 - (.Yuna Software.) [HKLM] -- Messenger Plus!

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}

O42 - Logiciel: Microsoft Office 2010 - (.Microsoft Corporation.) [HKLM] -- {95140000-0070-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Access MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE

O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}

O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}

O42 - Logiciel: Movie Templates - Starter Kit - (.Nero AG.) [HKLM] -- {e498385e-1c51-459a-b45f-1721e37aa1a0}

O42 - Logiciel: Nero 9 Essentials - (.Nero AG.) [HKLM] -- {8df94644-8033-4149-a798-b599d961e55f}

O42 - Logiciel: Nero BurnRights - (.Nero AG.) [HKLM] -- {7829db6f-a066-4e40-8912-cb07887c20bb}

O42 - Logiciel: Nero BurnRights Help - (.Nero AG.) [HKLM] -- {f6bdd7c5-89ed-4569-9318-469aa9732572}

O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}

O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {f4041dce-3fe1-4e18-8a9e-9de65231ee36}

O42 - Logiciel: Nero CoverDesigner - (.Nero AG.) [HKLM] -- {62ac81f6-bdd3-4110-9d36-3e9eaab40999}

O42 - Logiciel: Nero CoverDesigner Help - (.Nero AG.) [HKLM] -- {ce96f5a5-584d-4f8f-aa3e-9baed413db72}

O42 - Logiciel: Nero Disc Copy Gadget - (.Nero AG.) [HKLM] -- {f1861f30-3419-44db-b2a1-c274825698b3}

O42 - Logiciel: Nero Disc Copy Gadget Help - (.Nero AG.) [HKLM] -- {60c731fb-c951-41ce-ad41-8e54c8594609}

O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM] -- {869200db-287a-4dc0-b02b-2b6787fbcd4c}

O42 - Logiciel: Nero DiscSpeed Help - (.Nero AG.) [HKLM] -- {cc019e3f-59d2-4486-8d4b-878105b62a71}

O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM] -- {33cf58f5-48d8-4575-83d6-96f574e4d83a}

O42 - Logiciel: Nero DriveSpeed Help - (.Nero AG.) [HKLM] -- {e5c7d048-f9b4-4219-b323-8bdb01a2563d}

O42 - Logiciel: Nero Express Help - (.Nero AG.) [HKLM] -- {83202942-84b3-4c50-8622-b8c0aa2d2885}

O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM] -- {fbcdfd61-7dcf-4e71-9226-873ba0053139}

O42 - Logiciel: Nero InfoTool Help - (.Nero AG.) [HKLM] -- {20400dbd-e6db-45b8-9b6b-1dd7033818ec}

O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM] -- {e8a80433-302b-4ff1-815d-fcc8eac482ff}

O42 - Logiciel: Nero Live - (.Nero AG.) [HKLM] -- {df6a95f5-adc1-406a-bdc6-2aa7cc0182aa}

O42 - Logiciel: Nero Live Help - (.Nero AG.) [HKLM] -- {77e33d87-255e-413e-9c8d-eed2a7f9bebf}

O42 - Logiciel: Nero Online Upgrade - (.Nero AG.) [HKLM] -- {dba84796-8503-4ff0-af57-1747dd9a166d}

O42 - Logiciel: Nero Rescue Agent - (.Nero AG.) [HKLM] -- {368ba326-73ad-4351-84ed-3c0a7a52cc53}

O42 - Logiciel: Nero RescueAgent Help - (.Nero AG.) [HKLM] -- {5e08ecd1-c98e-4711-bf65-8fd736b3f969}

O42 - Logiciel: Nero ShowTime - (.Nero AG.) [HKLM] -- {02627ee5-eaca-4742-a9cc-e687631773e4}

O42 - Logiciel: Nero ShowTime - (.Nero AG.) [HKLM] -- {d9dcf92e-72eb-412d-ac71-3b01276e5f8b}

O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM] -- {7748ac8c-18e3-43bb-959b-088faea16fb2}

O42 - Logiciel: Nero StartSmart Help - (.Nero AG.) [HKLM] -- {2348b586-c9ae-46ce-936c-a68e9426e214}

O42 - Logiciel: Nero Vision - (.Nero AG.) [HKLM] -- {43e39830-1826-415d-8bae-86845787b54b}

O42 - Logiciel: Nero Vision Help - (.Nero AG.) [HKLM] -- {5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}

O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM] -- {595a3116-40bb-4e0f-a2e8-d7951da56270}

O42 - Logiciel: NeroLiveGadget - (.Nero AG.) [HKLM] -- {9e9fdde6-2c26-492a-85a0-05646b3f2795}

O42 - Logiciel: NeroLiveGadget Help - (.Nero AG.) [HKLM] -- {85243696-5e58-4357-9cf8-3498c609941d}

O42 - Logiciel: Protector Suite 2009 - (.UPEK Inc..) [HKLM] -- {CB974C3D-D101-4411-8F54-DCDC58DED815}

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {C9E14402-3631-4182-B377-6B0DFB1C0339}

O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime - (.RealNetworks, Inc.) [HKLM] -- {7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}

O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0

O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Restauracao - (.SEMP TOSHIBA.) [HKLM] -- {C247203E-3833-45A5-AEBA-403EBBA67AD7}

O42 - Logiciel: Revo Uninstaller 1.93 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller

O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {735619D4-B42A-437A-958C-199BFCAEDB38}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060}

O42 - Logiciel: Security Update for Microsoft Office Groove 2007 (KB2552997) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A1CBF7D-4704-40BC-B31C-AA761884A3E4}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5D930261-AA5B-48D1-931F-425C9D767490}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AEA16A27-0B97-4670-818F-A98D06EC0A6F}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Skype™ 5.5 - (.Skype Technologies S.A..) [HKLM] -- {AA59DDE4-B672-4621-A016-4C248204957A}

O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey

O42 - Logiciel: Tetris - (.Crystal Office Systems.) [HKLM] -- {95E0E6DC-C308-4C96-BEDB-68C75A32FAF8}_is1

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}

O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7873DF5-9E1C-45EE-8895-D29C6AE01202}

O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C20964A7-5181-45E5-9E82-72F5D400DEBF}

O42 - Logiciel: Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{567103D1-96CD-4B76-93B9-2681A187DEFF}

O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF}

O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2583910) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BDC21583-5601-4B2B-88F3-7919F6DE8FB1}

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2596560) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2964DDE1-4925-4DF1-AF2C-0A36B3442228}

O42 - Logiciel: VC80CRTRedist - 8.0.50727.4053 - (.DivX, Inc.) [HKLM] -- {5EE7D259-D137-4438-9A5F-42F432EC0421}

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {590035D9-BFA0-406A-A7F0-479C72C0DDB2}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {0FFEA8EE-7BC7-4C9D-8CC6-5B8C891BA3F2}

O42 - Logiciel: Windows Live Galeria de Fotos - (.Microsoft Corporation.) [HKLM] -- {87A9C015-C2BA-44EE-9C20-6E1A764B8E23}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {74AD1846-2010-4FB1-8E24-B6F2B87150C2}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {9ADC3E4F-34DA-48CD-8727-BB26D90257BD}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6D4A54DD-C9E2-4647-B872-2E83C188584B}

O42 - Logiciel: Windows Live Sync - (.Microsoft Corporation.) [HKLM] -- {2DF215E0-BD3C-4C98-8616-AFEF09747285}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {9555B4ED-09A3-4722-8E8C-57A49401D059}

O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}

O42 - Logiciel: kikin plugin 2.3 - (.kikin.) [HKLM] -- {E4A71A41-BCC8-480a-9E69-0DA29CBA7ECA}

O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

---\\ HKCU & HKLM Software Keys

[HKCU\Software\AC3Filter]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\Ares]

[HKCU\Software\Auslogics]

[HKCU\Software\BGroom]

[HKCU\Software\CDDB]

[HKCU\Software\Caphyon]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Crystal Office]

[HKCU\Software\DVD Shrink]

[HKCU\Software\DivXNetworks]

[HKCU\Software\DivX]

[HKCU\Software\Gabest]

[HKCU\Software\GbAs]

[HKCU\Software\GbPlugin]

[HKCU\Software\Google]

[HKCU\Software\Grand Virtual]

[HKCU\Software\Haali]

[HKCU\Software\IM Providers]

[HKCU\Software\INTEL]

[HKCU\Software\JavaSoft]

[HKCU\Software\LiveOSD]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Protector Suite QL]

[HKCU\Software\RealNetworks]

[HKCU\Software\Realtek]

[HKCU\Software\SkillEmpire]

[HKCU\Software\Skype]

[HKCU\Software\Softonic]

[HKCU\Software\Synaptics]

[HKCU\Software\Sysinternals]

[HKCU\Software\Thinking Thing Software]

[HKCU\Software\TreeCardGames]

[HKCU\Software\Trolltech]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\VSRevoGroup]

[HKCU\Software\Vagalume]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Wow6432Node]

[HKCU\Software\Yuna Software]

[HKLM\Software\<company>]

[HKLM\Software\ATI Technologies]

[HKLM\Software\Adobe]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\Babylon]

[HKLM\Software\CDDB]

[HKLM\Software\Caphyon]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\DivXNetworks]

[HKLM\Software\DivX]

[HKLM\Software\ESET]

[HKLM\Software\GEAR Software]

[HKLM\Software\Google]

[HKLM\Software\InstalledOptions]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\LightComm]

[HKLM\Software\LiveControlCenter]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Nero]

[HKLM\Software\ODBC]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Post]

[HKLM\Software\Protector Suite QL]

[HKLM\Software\Protector Suite]

[HKLM\Software\RealNetworks]

[HKLM\Software\Reallusion]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Skype]

[HKLM\Software\Symantec]

[HKLM\Software\Synaptics]

[HKLM\Software\TrendMicro]

[HKLM\Software\Virtual Token]

[HKLM\Software\WinRAR]

[HKLM\Software\Windows]

[HKLM\Software\Wow6432Node]

[HKLM\Software\Xing Technology Corp.]

[HKLM\Software\Yuna Software]

[HKLM\Software\tdbg_trace]

~ Scan Softwares in 00mn 00s

---\\ Contents of the Common Files folders (O43)

O43 - CFD: 18/06/2011 - 18:41:22 - [154,721] ----D- C:\Program Files\Adobe

O43 - CFD: 11/07/2011 - 18:30:44 - [2,316] ----D- C:\Program Files\Apple Software Update

O43 - CFD: 10/12/2010 - 21:38:44 - [4,783] ----D- C:\Program Files\Ares

O43 - CFD: 09/12/2010 - 09:52:56 - [0] -SH-D- C:\Program Files\Arquivos Comuns

O43 - CFD: 03/01/2012 - 23:00:46 - [9,314] ----D- C:\Program Files\Auslogics

O43 - CFD: 28/11/2011 - 23:12:42 - [0,602] ----D- C:\Program Files\Bonjour

O43 - CFD: 11/02/2011 - 08:52:56 - [3,418] ----D- C:\Program Files\CCleaner

O43 - CFD: 29/12/2011 - 22:03:42 - [566,216] ----D- C:\Program Files\Common Files

O43 - CFD: 29/07/2011 - 00:33:40 - [87,024] ----D- C:\Program Files\DivX

O43 - CFD: 14/07/2009 - 06:31:04 - [3,997] ----D- C:\Program Files\DVD Maker

O43 - CFD: 04/01/2012 - 18:45:58 - [0,644] ----D- C:\Program Files\DVD Shrink

O43 - CFD: 04/01/2012 - 18:45:58 - [1,164] ----D- C:\Program Files\G4-Protec

O43 - CFD: 20/07/2010 - 12:22:20 - [210,623] ----D- C:\Program Files\GuiaMultimidia

O43 - CFD: 04/01/2012 - 18:45:58 - [4,596] ----D- C:\Program Files\InstallAffixationInfo

O43 - CFD: 04/01/2012 - 18:45:58 - [5,211] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 20/07/2010 - 11:57:52 - [11,476] ----D- C:\Program Files\Intel

O43 - CFD: 04/01/2012 - 21:28:56 - [5,528] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 13/12/2011 - 09:34:10 - [1,925] ----D- C:\Program Files\iPod

O43 - CFD: 13/12/2011 - 09:35:02 - [146,551] ----D- C:\Program Files\iTunes

O43 - CFD: 20/12/2011 - 22:18:36 - [84,995] ----D- C:\Program Files\Java

O43 - CFD: 04/01/2012 - 16:12:22 - [55,072] ----D- C:\Program Files\JDownloader

O43 - CFD: 04/01/2012 - 18:45:58 - [1,130] ----D- C:\Program Files\kikin

O43 - CFD: 26/11/2011 - 11:48:42 - [28,378] ----D- C:\Program Files\MahJong Suite

O43 - CFD: 04/01/2012 - 18:45:58 - [11,377] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 10/12/2010 - 20:03:12 - [12,553] ----D- C:\Program Files\Messenger Plus! Live

O43 - CFD: 05/01/2012 - 00:38:22 - [20,063] ----D- C:\Program Files\Microsoft

O43 - CFD: 14/07/2009 - 02:52:32 - [44,793] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 24/12/2010 - 10:58:56 - [620,094] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 04/01/2012 - 21:30:50 - [36,633] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 20/07/2010 - 12:00:54 - [1,745] ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 20/07/2010 - 12:01:56 - [2,087] ----D- C:\Program Files\Microsoft Sync Framework

O43 - CFD: 24/12/2010 - 10:58:50 - [0,014] ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD: 24/12/2010 - 10:51:08 - [1,204] ----D- C:\Program Files\Microsoft Visual Studio 8

O43 - CFD: 04/01/2012 - 20:15:02 - [3,554] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 24/12/2010 - 10:58:32 - [7,774] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 24/12/2010 - 10:59:02 - [0,025] ----D- C:\Program Files\MSBuild

O43 - CFD: 04/01/2012 - 19:58:52 - [0] ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 20/07/2010 - 13:04:28 - [662,234] ----D- C:\Program Files\Nero

O43 - CFD: 20/07/2010 - 12:19:18 - [31,051] ----D- C:\Program Files\OEM

O43 - CFD: 10/12/2010 - 19:42:32 - [13,651] ----D- C:\Program Files\Oi Velox

O43 - CFD: 20/07/2010 - 12:31:54 - [108,818] ----D- C:\Program Files\Protector Suite

O43 - CFD: 04/01/2012 - 18:45:58 - [24,089] ----D- C:\Program Files\QuickTime

O43 - CFD: 12/11/2011 - 15:31:12 - [92,079] ----D- C:\Program Files\Real

O43 - CFD: 20/07/2010 - 12:19:46 - [39,674] ----D- C:\Program Files\Reallusion

O43 - CFD: 20/07/2010 - 11:54:54 - [10,856] ----D- C:\Program Files\Realtek

O43 - CFD: 14/07/2009 - 02:52:32 - [36,731] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 18/07/2011 - 16:50:18 - [39,405] ----D- C:\Program Files\Rovio

O43 - CFD: 30/08/2011 - 00:14:18 - [42,312] ----D- C:\Program Files\Safari

O43 - CFD: 03/01/2012 - 21:54:38 - [1,006] ----D- C:\Program Files\Scpad

O43 - CFD: 29/12/2011 - 22:03:48 - [16,555] R---D- C:\Program Files\Skype

O43 - CFD: 14/02/2011 - 18:54:28 - [2,807] ----D- C:\Program Files\SupportInfo

O43 - CFD: 20/07/2010 - 12:20:16 - [26,123] ----D- C:\Program Files\Synaptics

O43 - CFD: 26/12/2010 - 23:27:46 - [1,444] ----D- C:\Program Files\Tetris

O43 - CFD: 14/07/2009 - 02:53:24 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 03/01/2012 - 23:14:36 - [6,502] ----D- C:\Program Files\VS Revo Group

O43 - CFD: 03/01/2012 - 22:14:16 - [0] ----D- C:\Program Files\Webteh

O43 - CFD: 14/07/2009 - 06:31:04 - [2,896] ----D- C:\Program Files\Windows Defender

O43 - CFD: 05/01/2012 - 11:31:50 - [136,968] ----D- C:\Program Files\Windows Live

O43 - CFD: 20/07/2010 - 11:59:58 - [0,234] ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD: 04/01/2012 - 21:28:52 - [5,869] ----D- C:\Program Files\Windows Mail

O43 - CFD: 04/01/2012 - 21:28:42 - [6,289] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 09/12/2010 - 09:52:56 - [11,630] ----D- C:\Program Files\Windows NT

O43 - CFD: 14/07/2009 - 06:31:04 - [4,210] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 14/07/2009 - 02:52:34 - [0,181] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 14/07/2009 - 06:31:04 - [53,591] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 19/12/2010 - 11:31:30 - [4,980] ----D- C:\Program Files\WinRAR

O43 - CFD: 26/03/2011 - 10:45:20 - [22,096] ----D- C:\Program Files\Yuna Software

O43 - CFD: 08/01/2012 - 19:07:40 - [9,205] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 18/06/2011 - 18:41:30 - [3,438] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 13/12/2011 - 09:34:10 - [116,446] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 24/12/2010 - 10:58:50 - [0,089] ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 29/07/2011 - 00:32:54 - [23,505] ----D- C:\Program Files\Common Files\DivX Shared

O43 - CFD: 20/12/2011 - 22:18:58 - [1,201] ----D- C:\Program Files\Common Files\Java

O43 - CFD: 04/01/2012 - 20:15:40 - [159,986] ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 20/07/2010 - 13:14:20 - [174,628] ----D- C:\Program Files\Common Files\Nero

O43 - CFD: 29/07/2011 - 00:33:00 - [4,521] ----D- C:\Program Files\Common Files\PX Storage Engine

O43 - CFD: 20/07/2010 - 12:19:46 - [0] ----D- C:\Program Files\Common Files\Reallusion

O43 - CFD: 04/01/2012 - 18:45:58 - [0,003] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 09/12/2010 - 09:52:56 - [0] -SH-D- C:\Program Files\Common Files\Sistema

O43 - CFD: 20/07/2010 - 12:21:20 - [0,851] ----D- C:\Program Files\Common Files\SPBA

O43 - CFD: 14/07/2009 - 00:37:06 - [39,200] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 04/01/2012 - 21:28:52 - [42,013] ----D- C:\Program Files\Common Files\System

O43 - CFD: 20/07/2010 - 11:58:18 - [0] ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 12/11/2011 - 15:31:06 - [0,336] ----D- C:\Program Files\Common Files\xing shared

O43 - CFD: 18/06/2011 - 18:41:26 - [12,551] ----D- C:\ProgramData\Adobe

O43 - CFD: 28/01/2011 - 15:08:06 - [155,740] ----D- C:\ProgramData\Apple

O43 - CFD: 28/05/2011 - 13:48:02 - [103,314] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 14/07/2009 - 02:53:56 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 24/07/2011 - 15:14:00 - [0] ----D- C:\ProgramData\Babylon

O43 - CFD: 09/12/2010 - 09:52:56 - [0] -SH-D- C:\ProgramData\Dados de aplicativos

O43 - CFD: 14/07/2009 - 02:53:56 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 29/07/2011 - 00:33:42 - [4,637] ----D- C:\ProgramData\DivX

O43 - CFD: 09/12/2010 - 09:52:56 - [0] -SH-D- C:\ProgramData\Documentos

O43 - CFD: 14/07/2009 - 02:53:56 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 11/02/2011 - 08:41:38 - [0,033] ----D- C:\ProgramData\DVD Shrink

O43 - CFD: 14/07/2009 - 02:53:56 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 09/12/2010 - 09:52:56 - [0] -SH-D- C:\ProgramData\Favoritos

O43 - CFD: 14/09/2011 - 00:45:24 - [5,883] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 09/12/2010 - 09:52:56 - [0] -SH-D- C:\ProgramData\Menu Iniciar

O43 - CFD: 10/12/2010 - 21:05:38 - [0,024] ----D- C:\ProgramData\Messenger Plus!

O43 - CFD: 05/01/2012 - 00:38:32 - [1426,678] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 06/01/2012 - 22:24:46 - [0,154] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 09/12/2010 - 09:52:56 - [0] -SH-D- C:\ProgramData\Modelos

O43 - CFD: 20/07/2010 - 12:56:10 - [10,948] ----D- C:\ProgramData\Nero

O43 - CFD: 16/10/2011 - 12:34:00 - [0,016] ----D- C:\ProgramData\Norton

O43 - CFD: 20/07/2010 - 14:00:56 - [5,101] ----D- C:\ProgramData\NortonInstaller

O43 - CFD: 04/01/2012 - 18:45:58 - [1,587] ----D- C:\ProgramData\Real

O43 - CFD: 29/12/2011 - 22:03:48 - [38,338] ----D- C:\ProgramData\Skype

O43 - CFD: 14/07/2009 - 02:53:56 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 15/12/2010 - 20:18:54 - [0,000] ----D- C:\ProgramData\Sun

O43 - CFD: 14/07/2009 - 02:53:56 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 26/11/2011 - 11:48:48 - [3,100] ----D- C:\ProgramData\TreeCardGames

O43 - CFD: 28/01/2011 - 15:10:26 - [0,516] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

O43 - CFD: 01/04/2011 - 09:49:32 - [2,693] ----D- C:\Users\Natália Castro\AppData\Roaming\Adobe

O43 - CFD: 22/12/2011 - 09:49:38 - [250,803] ----D- C:\Users\Natália Castro\AppData\Roaming\Apple Computer

O43 - CFD: 03/01/2012 - 23:01:22 - [0,039] ----D- C:\Users\Natália Castro\AppData\Roaming\Auslogics

O43 - CFD: 24/07/2011 - 15:13:58 - [0,002] ----D- C:\Users\Natália Castro\AppData\Roaming\Babylon

O43 - CFD: 03/01/2012 - 22:14:16 - [0] ----D- C:\Users\Natália Castro\AppData\Roaming\BSplayer

O43 - CFD: 28/12/2011 - 22:15:18 - [0,006] ----D- C:\Users\Natália Castro\AppData\Roaming\BSplayer Pro

O43 - CFD: 28/08/2011 - 01:31:36 - [0,200] ----D- C:\Users\Natália Castro\AppData\Roaming\DivX

O43 - CFD: 09/12/2010 - 09:54:10 - [0,000] ----D- C:\Users\Natália Castro\AppData\Roaming\GuiaMultimidia

O43 - CFD: 09/12/2010 - 09:53:32 - [0] ----D- C:\Users\Natália Castro\AppData\Roaming\Identities

O43 - CFD: 04/01/2012 - 18:45:56 - [0,718] ----D- C:\Users\Natália Castro\AppData\Roaming\kikin

O43 - CFD: 08/01/2012 - 18:55:18 - [0,000] ----D- C:\Users\Natália Castro\AppData\Roaming\Lightcomm

O43 - CFD: 09/12/2010 - 09:54:16 - [0,000] ----D- C:\Users\Natália Castro\AppData\Roaming\Macromedia

O43 - CFD: 03/01/2012 - 22:15:56 - [0,138] ----D- C:\Users\Natália Castro\AppData\Roaming\MahJong Suite

O43 - CFD: 14/09/2011 - 00:46:52 - [0,007] ----D- C:\Users\Natália Castro\AppData\Roaming\Malwarebytes

O43 - CFD: 06/12/2011 - 23:50:00 - [3,240] -S--D- C:\Users\Natália Castro\AppData\Roaming\Microsoft

O43 - CFD: 07/04/2011 - 20:15:22 - [0,870] ----D- C:\Users\Natália Castro\AppData\Roaming\Nero

O43 - CFD: 09/12/2010 - 09:53:54 - [0] ----D- C:\Users\Natália Castro\AppData\Roaming\Protector Suite

O43 - CFD: 23/10/2011 - 19:39:42 - [52,269] ----D- C:\Users\Natália Castro\AppData\Roaming\Real

O43 - CFD: 10/12/2010 - 20:38:28 - [10,637] ----D- C:\Users\Natália Castro\AppData\Roaming\Reallusion

O43 - CFD: 18/07/2011 - 16:47:08 - [0,009] ----D- C:\Users\Natália Castro\AppData\Roaming\Rovio

O43 - CFD: 30/12/2011 - 00:42:08 - [3,281] ----D- C:\Users\Natália Castro\AppData\Roaming\Skype

O43 - CFD: 29/12/2011 - 21:52:06 - [0,013] ----D- C:\Users\Natália Castro\AppData\Roaming\skypePM

O43 - CFD: 19/12/2010 - 11:31:56 - [0,000] ----D- C:\Users\Natália Castro\AppData\Roaming\WinRAR

O43 - CFD: 28/03/2011 - 23:48:46 - [14,536] ----D- C:\Users\Natália Castro\AppData\Local\Adobe

O43 - CFD: 28/01/2011 - 15:08:12 - [0] ----D- C:\Users\Natália Castro\AppData\Local\Apple

O43 - CFD: 28/05/2011 - 14:23:46 - [8,260] ----D- C:\Users\Natália Castro\AppData\Local\Apple Computer

O43 - CFD: 14/01/2011 - 12:19:34 - [1,173] ----D- C:\Users\Natália Castro\AppData\Local\Apps

O43 - CFD: 10/01/2011 - 14:15:14 - [0,167] ----D- C:\Users\Natália Castro\AppData\Local\Ares

O43 - CFD: 24/07/2011 - 15:14:00 - [3,731] ----D- C:\Users\Natália Castro\AppData\Local\Babylon

O43 - CFD: 29/12/2011 - 21:53:20 - [46,289] ----D- C:\Users\Natália Castro\AppData\Local\CrashDumps

O43 - CFD: 09/12/2010 - 09:53:08 - [0] -SH-D- C:\Users\Natália Castro\AppData\Local\Dados de aplicativos

O43 - CFD: 14/01/2011 - 12:20:24 - [0] ----D- C:\Users\Natália Castro\AppData\Local\Deployment

O43 - CFD: 11/06/2011 - 22:14:40 - [0] ----D- C:\Users\Natália Castro\AppData\Local\Diagnostics

O43 - CFD: 03/01/2012 - 21:48:46 - [0,076] ----D- C:\Users\Natália Castro\AppData\Local\ElevatedDiagnostics

O43 - CFD: 22/12/2011 - 23:19:00 - [240,734] ----D- C:\Users\Natália Castro\AppData\Local\Google

O43 - CFD: 09/12/2010 - 09:53:08 - [0] -SH-D- C:\Users\Natália Castro\AppData\Local\Histórico

O43 - CFD: 05/01/2012 - 13:05:50 - [1344,889] ----D- C:\Users\Natália Castro\AppData\Local\Microsoft

O43 - CFD: 17/04/2011 - 16:54:48 - [1,090] ----D- C:\Users\Natália Castro\AppData\Local\Microsoft Games

O43 - CFD: 24/12/2010 - 10:50:14 - [0] ----D- C:\Users\Natália Castro\AppData\Local\Microsoft Help

O43 - CFD: 21/01/2011 - 18:38:40 - [0] ----D- C:\Users\Natália Castro\AppData\Local\Nero

O43 - CFD: 08/01/2012 - 19:06:56 - [30,487] ----D- C:\Users\Natália Castro\AppData\Local\Temp

O43 - CFD: 09/12/2010 - 09:53:08 - [0] -SH-D- C:\Users\Natália Castro\AppData\Local\Temporary Internet Files

O43 - CFD: 22/04/2011 - 23:47:12 - [0,008] ----D- C:\Users\Natália Castro\AppData\Local\VirtualStore

~ Scan Program Folder in 00mn 01s

---\\ Last modified or created files under Windows and System32 (O44)

O44 - LFC:[MD5.DF20BDA32E9ECA5A0F9374B975F6F5E9] - 08/01/2012 - 18:03:01 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.06C2E99EF31DA8EA3992C81E9C789FA7] - 08/01/2012 - 18:00:15 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1491932]

O44 - LFC:[MD5.EED51D56C1041D48C08D31CFC0876496] - 08/01/2012 - 18:00:15 ---A- . (...) -- C:\Windows\system32\perfc009.dat [103568]

O44 - LFC:[MD5.EE946017F68304658A20B6732CE5F8B8] - 08/01/2012 - 18:00:15 ---A- . (...) -- C:\Windows\system32\perfh009.dat [607190]

O44 - LFC:[MD5.E0DC1D4B953EDD308C395C1E9E51F282] - 08/01/2012 - 18:00:15 ---A- . (...) -- C:\Windows\system32\prfc0416.dat [124922]

O44 - LFC:[MD5.3B79B143FF20E007690A23F6515777AD] - 08/01/2012 - 18:00:15 ---A- . (...) -- C:\Windows\system32\prfh0416.dat [654470]

O44 - LFC:[MD5.1C859F171835EC69C2FBB0135BA3116E] - 08/01/2012 - 17:57:39 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1766100]

O44 - LFC:[MD5.B230884CAAE01CD216C1590731841828] - 08/01/2012 - 17:54:35 ---A- . (...) -- C:\Windows\setupact.log [1400]

O44 - LFC:[MD5.2C7817B8BAE33A560C1522A8A7EAC7F4] - 08/01/2012 - 17:54:26 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.C9539DDF865BE14CB25653198006EC8F] - 08/01/2012 - 17:54:19 ---A- . (...) -- C:\Windows\PFRO.log [1606]

O44 - LFC:[MD5.4520B63899E867F354EE012D34E11536] - 04/01/2012 - 23:20:51 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [143744]

O44 - LFC:[MD5.19CE906B4CDC11FC4FEF5745F33A63B6] - 04/01/2012 - 23:20:50 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [80256]

O44 - LFC:[MD5.869E67D66BE326A5A9159FBA8746FA70] - 04/01/2012 - 23:20:50 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [22400]

O44 - LFC:[MD5.71F1A494FEDF4B33C02C4A6A28D6D9E9] - 04/01/2012 - 23:20:50 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys [332160]

O44 - LFC:[MD5.F1B0BED906F97E16F6D0C3629D2F21C6] - 04/01/2012 - 23:20:50 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [117120]

O44 - LFC:[MD5.D0E28DC094CDAF0A2E271A6AA81FA859] - 04/01/2012 - 20:31:11 ---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT [404272]

O44 - LFC:[MD5.3CB229ACAE1122F0DBAB94A5387DD314] - 04/01/2012 - 20:07:16 ---A- . (...) -- C:\Windows\IE9_main.log [2204]

O44 - LFC:[MD5.003F2C40CAA64048786FA3565DE216C4] - 04/01/2012 - 19:12:00 ---A- . (...) -- C:\Windows\win.ini [1321]

O44 - LFC:[MD5.4365FF226D1BFBA5C8F43E65E0DD6A56] - 04/01/2012 - 18:59:39 ---A- . (...) -- C:\Windows\msxml4-KB954430-enu.LOG [293640]

O44 - LFC:[MD5.41464D7DE2F67D70EBFC316B3F3FA83B] - 04/01/2012 - 18:59:14 ---A- . (...) -- C:\Windows\msxml4-KB973688-enu.LOG [295220]

O44 - LFC:[MD5.B7CA8CC3F978201856B6AB82F40953C3] - 04/01/2012 - 00:25:58 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20464]

O44 - LFC:[MD5.7D643BB2B21B22621D76BE185AE9F7F8] - 03/01/2012 - 23:58:49 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\system32\atmfd.dll [294912]

O44 - LFC:[MD5.D592AAA377748FC50E34D731F0D0D7B8] - 03/01/2012 - 23:58:46 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\system32\atmlib.dll [34304]

O44 - LFC:[MD5.0AF7946AD9B2E82058C6421EEC960FCF] - 03/01/2012 - 23:57:38 ---A- . (.Intel® Corporation - No comment.) -- C:\Windows\system32\ir32_32.dll [197632]

O44 - LFC:[MD5.17A4BE67FB6B9219A802F39C263AC8AC] - 03/01/2012 - 23:57:38 ---A- . (.Radius Inc. - Cinepak® Codec.) -- C:\Windows\system32\iccvid.dll [82944]

O44 - LFC:[MD5.8EBE150F7DF4A850077D7DC5D856D60C] - 29/12/2011 - 20:52:08 --HA- . (...) -- C:\Windows\system32\ezsidmv.dat [56]

O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 28/12/2011 - 18:59:04 ---A- . (...) -- C:\Windows\NeroDigital.ini [69]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 28/12/2011 - 09:32:09 ---A- . (...) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.9862F9D2FF50AE748ED42C022E6AAC15] - 22/12/2011 - 19:23:29 ---A- . (.ZTE Corporation. - USB NDIS Miniport Driver.) -- C:\Windows\system32\drivers\ZTEusbnet.sys [110592]

O44 - LFC:[MD5.C2215C6ADA8B1E9FEB507CEE9B446661] - 22/12/2011 - 19:23:29 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbmdm6k.sys [104960]

O44 - LFC:[MD5.F16CE3C7690AB7426DC96520D54A737E] - 22/12/2011 - 19:23:29 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbnmea.sys [105344]

O44 - LFC:[MD5.C2215C6ADA8B1E9FEB507CEE9B446661] - 22/12/2011 - 19:23:29 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbser6k.sys [104960]

O44 - LFC:[MD5.F16CE3C7690AB7426DC96520D54A737E] - 22/12/2011 - 19:23:29 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbvoice.sys [105344]

O44 - LFC:[MD5.A36EE93698802CD899F98BFD553D8185] - 21/12/2011 - 09:12:35 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520]

O44 - LFC:[MD5.271CFD1A989209B1964E24D969552BF7] - 21/12/2011 - 09:12:34 ---A- . (.Avira GmbH - Avira Manager Driver.) -- C:\Windows\system32\drivers\avkmgr.sys [36000]

O44 - LFC:[MD5.DD798E7D8F45FD2BB73150EABBB39E9F] - 20/12/2011 - 21:18:43 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\java.exe [149280]

O44 - LFC:[MD5.F0003BBE2DDBC6A86BCD8BB3E59A459E] - 20/12/2011 - 21:18:43 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\javaw.exe [149280]

O44 - LFC:[MD5.7030C9615C98953C481553671DD7B9E5] - 20/12/2011 - 21:18:43 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\system32\javaws.exe [157472]

O44 - LFC:[MD5.605B7A2589EF05626B2DA4930B42C5D5] - 20/12/2011 - 21:18:34 ---A- . (...) -- C:\Windows\system32\jupdate-1.6.0_30-b12.log [7292]

~ Scan Files in 00mn 01s

---\\ Last files created in Windows Prefetcher (O45)

O45 - LFCP:[MD5.A8B29A7DB17111F1B9946AEF067FFA3E] - 02/01/2012 - 12:52:39 ---A- - C:\Windows\Prefetch\REALUPGRADE.EXE-C40C8713.pf

O45 - LFCP:[MD5.895B01AE45BFE12AA39CFBACEB19B7E3] - 02/01/2012 - 17:45:09 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-AB22E9A6.pf

O45 - LFCP:[MD5.4CC1EE3EAD3640B38C08E75CAD88F068] - 02/01/2012 - 17:50:00 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-3ED74482.pf

O45 - LFCP:[MD5.17DE30718411985BE720434F26D99344] - 02/01/2012 - 17:50:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-35FA9C06.pf

O45 - LFCP:[MD5.EDA2B7DB19A09B3CDBD62B182961CEB3] - 02/01/2012 - 17:52:15 ---A- - C:\Windows\Prefetch\AVWSC.EXE-04E21D4D.pf

O45 - LFCP:[MD5.DF6E30875667377719F728833FE0EE4A] - 02/01/2012 - 17:57:22 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-BAA32479.pf

O45 - LFCP:[MD5.9E3B8AB3E2D0AAC77E86D7F10E4B94EC] - 02/01/2012 - 18:02:21 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-A0F5E092.pf

O45 - LFCP:[MD5.84355ED8B596D250965623F38495768B] - 02/01/2012 - 18:02:34 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-4B6CB38A.pf

O45 - LFCP:[MD5.1A577F189B8DF0DB3E17DEBF4871E6CE] - 02/01/2012 - 18:03:13 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-44162447.pf

O45 - LFCP:[MD5.AF72E36AC9EDA33D256BAFD23B3193C8] - 02/01/2012 - 18:03:13 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-69C456C3.pf

O45 - LFCP:[MD5.C632D3313477AEB93010E27D299B1CBF] - 02/01/2012 - 18:06:22 ---A- - C:\Windows\Prefetch\CHROME.EXE-952AEBD7.pf

O45 - LFCP:[MD5.0FCD77427940DD8FECD14AF758273FCA] - 02/01/2012 - 18:07:33 ---A- - C:\Windows\Prefetch\CONHOST.EXE-0C6456FB.pf

O45 - LFCP:[MD5.52651F68D739CFBFE6CFB866F9CCCCC1] - 02/01/2012 - 18:07:40 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-E8B8DD29.pf

O45 - LFCP:[MD5.AD4EB2741B22320D55DD270CBCCA415E] - 03/01/2012 - 12:48:55 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf

O45 - LFCP:[MD5.45B60C38D25C776B93453BDB2DE32A89] - 03/01/2012 - 13:21:20 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-1CF42BC6.pf

O45 - LFCP:[MD5.BE496D8B1D656B89C98AA6863986E5BD] - 03/01/2012 - 13:34:02 ---A- - C:\Windows\Prefetch\WERMGR.EXE-F439C551.pf

O45 - LFCP:[MD5.480AA4ACA656660C1D26BF60A7838216] - 03/01/2012 - 17:02:25 ---A- - C:\Windows\Prefetch\IGFXSRVC.EXE-C5618119.pf

O45 - LFCP:[MD5.80723383B533A0E151FFB1051AE2DD21] - 03/01/2012 - 17:56:49 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-D5E97654.pf

O45 - LFCP:[MD5.143DDD0EB482EE496EC016F393018E58] - 03/01/2012 - 17:56:49 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-EDA5A3D2.pf

O45 - LFCP:[MD5.D7F0F875CE5D4F0D2479B41E561DD732] - 03/01/2012 - 17:56:51 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-F31BDE28.pf

O45 - LFCP:[MD5.2343CC2D362E74A72AF0AC34B1B2E0D4] - 03/01/2012 - 17:58:48 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-BB21CD77.pf

O45 - LFCP:[MD5.53101024C10F874C42BA9417183105DD] - 03/01/2012 - 18:07:40 ---A- - C:\Windows\Prefetch\SPPSVC.EXE-96070FE0.pf

O45 - LFCP:[MD5.F4CA0B3C972ACAF03C1697D7EEE06292] - 03/01/2012 - 21:23:48 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-8FFB1633.pf

O45 - LFCP:[MD5.469EC25C490960C0FAE721209F1B7F42] - 03/01/2012 - 23:33:37 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-C5670914.pf

O45 - LFCP:[MD5.C3B30A827B8420287C1BBAB4032CE710] - 06/01/2012 - 12:09:39 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-C6A56B7E.pf

O45 - LFCP:[MD5.D028E8D2BAB144518912EB8480C6216A] - 06/01/2012 - 12:10:56 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-D7C621F8.pf

O45 - LFCP:[MD5.3A5951AE905576BD63BA00280B5AF160] - 06/01/2012 - 13:26:42 ---A- - C:\Windows\Prefetch\ARES.EXE-E9BFF191.pf

O45 - LFCP:[MD5.2B7D4965D777ECD195D1CD40F45EA751] - 06/01/2012 - 16:39:12 ---A- - C:\Windows\Prefetch\MSFEEDSSYNC.EXE-BDDD8ED1.pf

O45 - LFCP:[MD5.03312C635879AF2D5126C27111764371] - 06/01/2012 - 18:00:01 ---A- - C:\Windows\Prefetch\WSQMCONS.EXE-4048402C.pf

O45 - LFCP:[MD5.B11DCF16A943CB63C826FDFA082C9B41] - 06/01/2012 - 18:50:00 ---A- - C:\Windows\Prefetch\GOOGLECRASHHANDLER.EXE-026E685F.pf

O45 - LFCP:[MD5.39288D1F3EBEBAF4116A18DA03422905] - 06/01/2012 - 20:59:10 ---A- - C:\Windows\Prefetch\ATBROKER.EXE-5CD29207.pf

O45 - LFCP:[MD5.2CF4699802009ED1CA266658B4E2856A] - 06/01/2012 - 20:59:15 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-6389524F.pf

O45 - LFCP:[MD5.3CFBD5414B188430C85BA5AFDAFDF3C6] - 06/01/2012 - 20:59:20 ---A- - C:\Windows\Prefetch\DWM.EXE-314E93C5.pf

O45 - LFCP:[MD5.579C87226292C1DC43DAD953E4A23679] - 06/01/2012 - 20:59:20 ---A- - C:\Windows\Prefetch\USERINIT.EXE-5114915C.pf

O45 - LFCP:[MD5.3D59331F35B14F73D1905E1373DAE857] - 06/01/2012 - 21:19:09 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B14CC282.pf

O45 - LFCP:[MD5.052ACF5EEF20BE5DD8480ADD11027A47] - 06/01/2012 - 21:20:53 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-F02FB9DB.pf

O45 - LFCP:[MD5.66C84683F18A5D208F8D50BB0FC1CA42] - 06/01/2012 - 21:22:26 ---A- - C:\Windows\Prefetch\WLXQUICKTIMECONTROLHOST.EXE-B1E2C9F6.pf

O45 - LFCP:[MD5.7DDBEBEB0FB006F5E71CAC0C23538407] - 06/01/2012 - 21:24:45 ---A- - C:\Windows\Prefetch\MSOHTMED.EXE-B6CD34E1.pf

O45 - LFCP:[MD5.4FF256F4337DA1B4682B95F4FEAB8052] - 06/01/2012 - 21:24:58 ---A- - C:\Windows\Prefetch\WINWORD.EXE-276534A6.pf

O45 - LFCP:[MD5.5C2FF616395F5BC81B218D8F33ACCA53] - 06/01/2012 - 21:25:00 ---A- - C:\Windows\Prefetch\PRINTISOLATIONHOST.EXE-3DD89C8E.pf

O45 - LFCP:[MD5.91B1C5369EA06658AEBD1D148DD7E309] - 06/01/2012 - 21:38:22 ---A- - C:\Windows\Prefetch\MSNMSGR.EXE-55A628AE.pf

O45 - LFCP:[MD5.C9BEFA739E53993071AC0A8319F47A52] - 06/01/2012 - 21:39:51 ---A- - C:\Windows\Prefetch\WLCOMM.EXE-E9DF8E24.pf

O45 - LFCP:[MD5.7E3C62F9B3E329DE24CC92AD78485756] - 06/01/2012 - 22:04:14 ---A- - C:\Windows\Prefetch\AGCP.EXE-E5AC35F5.pf

O45 - LFCP:[MD5.052C4DEA0C636A4DAEBC1FEA7DEA00C3] - 08/01/2012 - 13:21:33 ---A- - C:\Windows\Prefetch\UPDATE.EXE-C51D5E40.pf

O45 - LFCP:[MD5.FDD9E99730CE4972E41164A21A6C0854] - 08/01/2012 - 13:22:22 ---A- - C:\Windows\Prefetch\SC.EXE-6C4D4413.pf

O45 - LFCP:[MD5.D559E4A38D0833F90B7EE4EA6A86495B] - 08/01/2012 - 13:50:29 ---A- - C:\Windows\Prefetch\CHROME_UPDATER.EXE-E912B265.pf

O45 - LFCP:[MD5.1DB8246E903A7E7CBBDA71382B697344] - 08/01/2012 - 13:51:41 ---A- - C:\Windows\Prefetch\RASAUTOU.EXE-B4DA4129.pf

O45 - LFCP:[MD5.251045374ADB482024BD4E1BE7363D76] - 08/01/2012 - 14:49:02 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-5F5DD665.pf

O45 - LFCP:[MD5.C4F9229D4E50B130E1B63F2058710D2E] - 08/01/2012 - 17:01:08 ---A- - C:\Windows\Prefetch\ZHPDIAG2.EXE-038E2534.pf

O45 - LFCP:[MD5.3FB587A8223DB617213FEABEDEB1B3C0] - 08/01/2012 - 17:01:08 ---A- - C:\Windows\Prefetch\ZHPDIAG2.TMP-07873DC5.pf

O45 - LFCP:[MD5.430F9098895835A4FE0A3FB870FF3EEF] - 08/01/2012 - 17:48:58 ---A- - C:\Windows\Prefetch\OIS.EXE-4A1EA293.pf

O45 - LFCP:[MD5.86561B181B1B42C6F744AF43819D9A22] - 08/01/2012 - 17:50:23 ---A- - C:\Windows\Prefetch\AVCENTER.EXE-80E01349.pf

O45 - LFCP:[MD5.ABB3E199439F06C525CDFC1B1FC51769] - 08/01/2012 - 17:51:13 ---A- - C:\Windows\Prefetch\REGCLEANER.EXE-8C1F1792.pf

O45 - LFCP:[MD5.507D2A37A9328B8732BC31DFABE69A4A] - 08/01/2012 - 17:51:25 ---A- - C:\Windows\Prefetch\REVOUNINSTALLER.EXE-EAF109AB.pf

O45 - LFCP:[MD5.CA6EA3B43B144B43195610AD5FDEFC47] - 08/01/2012 - 17:51:49 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-A010D183.pf

O45 - LFCP:[MD5.D93F521B3B32B3E8C2C78F83C0E564BD] - 08/01/2012 - 17:52:01 ---A- - C:\Windows\Prefetch\APNSTUB.EXE-477EF6D2.pf

O45 - LFCP:[MD5.F001BAFC58141F7F1E43F8694457518A] - 08/01/2012 - 17:52:02 ---A- - C:\Windows\Prefetch\SETUP.EXE-2C97F1C6.pf

O45 - LFCP:[MD5.AFA86B24A13DDD3B9C9239F30C035318] - 08/01/2012 - 17:52:17 ---A- - C:\Windows\Prefetch\GRPCONV.EXE-A548DBA8.pf

O45 - LFCP:[MD5.1F7E3FA5F2D1D51A53BD62C12970F5E7] - 08/01/2012 - 17:52:17 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-A37644FF.pf

O45 - LFCP:[MD5.9FBFE5EB0FF35881A577E04EE969057A] - 08/01/2012 - 17:52:18 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-048E4929.pf

O45 - LFCP:[MD5.699385CC5BA20F2F9364729956B14455] - 08/01/2012 - 17:52:18 ---A- - C:\Windows\Prefetch\RUNONCE.EXE-BD8A4C8F.pf

O45 - LFCP:[MD5.6BC22DBEE6D89E1C1C214A81E7C0F34E] - 08/01/2012 - 17:52:19 ---A- - C:\Windows\Prefetch\AVCONFIG.EXE-9E1DD892.pf

O45 - LFCP:[MD5.65E4EA3F64895494FCE2BF268B969205] - 08/01/2012 - 17:52:19 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-B31EC963.pf

O45 - LFCP:[MD5.6168A9A720FC10660589D262B11A5054] - 08/01/2012 - 17:53:16 ---A- - C:\Windows\Prefetch\AVRESTART.EXE-B17D61E5.pf

O45 - LFCP:[MD5.724FDBDE89948A09DA21968F13F12571] - 08/01/2012 - 17:56:52 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-8B06FAAA.pf

O45 - LFCP:[MD5.386EA2EB929F25D860A97378F6E7F1A9] - 08/01/2012 - 17:57:50 ---A- - C:\Windows\Prefetch\ZHPDIAG.EXE-2192C001.pf

O45 - LFCP:[MD5.86A30D17F949A07B4651700A169CC458] - 08/01/2012 - 18:01:01 ---A- - C:\Windows\Prefetch\LADS.EXE-2D89D86A.pf

O45 - LFCP:[MD5.B804B89C43CD27C4D801020EBB5B3743] - 08/01/2012 - 18:01:11 ---A- - C:\Windows\Prefetch\SIGCHECK.EXE-9B70C1D3.pf

O45 - LFCP:[MD5.35E6EFBE92F851C7F7C6E182470371E6] - 08/01/2012 - 18:02:34 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-6E1A6101.pf

O45 - LFCP:[MD5.51947397DB25D87807C281193A956723] - 08/01/2012 - 18:02:58 ---A- - C:\Windows\Prefetch\NSLOOKUP.EXE-6BC3CE14.pf

O45 - LFCP:[MD5.9D6F3476E1BBF55324BC7C69937BAE6A] - 08/01/2012 - 18:03:01 ---A- - C:\Windows\Prefetch\MBRCHECK.EXE-D3EAECB1.pf

O45 - LFCP:[MD5.A6FE7A6FF72E01586A87DBD9EEE4879B] - 08/01/2012 - 18:03:09 ---A- - C:\Windows\Prefetch\MBR.EXE-6CA2ED7B.pf

O45 - LFCP:[MD5.71EFBC431E3AC3234448FC0F9DF89DB5] - 08/01/2012 - 18:07:33 ---A- - C:\Windows\Prefetch\CMD.EXE-0BD30981.pf

O45 - LFCP:[MD5.991951E1EBEDF76F1A919A2CD03BE7A0] - 08/01/2012 - 18:07:33 ---A- - C:\Windows\Prefetch\CSCRIPT.EXE-BF1500E5.pf

O45 - LFCP:[MD5.DCAC75FDE308E5B69C070BA063A0F3E9] - 08/01/2012 - 18:07:39 ---A- - C:\Windows\Prefetch\PV.EXE-68AF5B64.pf

O45 - LFCP:[MD5.34F32335C738401731A502E36091CA7E] - 08/01/2012 - 18:07:41 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-8B6144A9.pf

O45 - LFCP:[MD5.80CBE1F080C99C795CA042088B270D32] - 09/12/2010 - 17:35:23 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db

O45 - LFCP:[MD5.839C7782B5E5DA3FE31424180BB64664] - 09/12/2010 - 17:35:23 ---A- - C:\Windows\Prefetch\AgRobust.db

O45 - LFCP:[MD5.CC7D0F7F67AFE6E4437BF4791F817043] - 09/12/2010 - 17:35:24 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db

O45 - LFCP:[MD5.FBFE6A5DA45C4BA1F39FAF23871036A3] - 09/12/2010 - 17:35:24 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db

O45 - LFCP:[MD5.4F2576101E7667992C4BCF7F187F53F6] - 09/12/2010 - 17:53:39 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin

O45 - LFCP:[MD5.A9C39DB945588B184FD25FBEBD19CB72] - 11/12/2010 - 13:22:08 ---A- - C:\Windows\Prefetch\AgCx_SC4.db

O45 - LFCP:[MD5.78367721DCE41C43D778EDCE34D6A245] - 11/12/2010 - 17:18:20 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx

O45 - LFCP:[MD5.A28D8294F1B843DAE84BF29A279282DD] - 11/12/2010 - 17:19:21 ---A- - C:\Windows\Prefetch\AgCx_SC1.db

O45 - LFCP:[MD5.947E618F368AE038CCEFD13843E28873] - 11/12/2010 - 22:05:21 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1491894536-370497875-2230607580-1000.db

O45 - LFCP:[MD5.7AF6D393B0CED34C6AB1A6935BDD6FF0] - 11/12/2010 - 22:05:21 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1491894536-370497875-2230607580-1000.db

O45 - LFCP:[MD5.3CF66DEF822EBFD73140ADB2E7A7455B] - 14/12/2010 - 21:57:40 ---A- - C:\Windows\Prefetch\Layout.ini

O45 - LFCP:[MD5.DCEE7DD4905AE84199CD26D17759CD02] - 21/12/2011 - 13:23:55 ---A- - C:\Windows\Prefetch\PPPOE.EXE-2C7CE3A4.pf

O45 - LFCP:[MD5.5D8C60F4C602184D16CB2F78BFD22D34] - 26/12/2011 - 10:12:44 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6FD72002.pf

O45 - LFCP:[MD5.2A98835B4E5536123D090F7FAECD04F0] - 28/12/2011 - 14:11:53 ---A- - C:\Windows\Prefetch\DEFRAG.EXE-3D9E8D72.pf

O45 - LFCP:[MD5.8AA99281D81AE364D781C5975A2B701F] - 28/12/2011 - 14:11:56 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-67EC2DA7.pf

O45 - LFCP:[MD5.9E776B4201EB52E30CB2B8FCC75D1266] - 30/01/2011 - 22:58:12 ---A- - C:\Windows\Prefetch\AgCx_SC2.db

O45 - LFCP:[MD5.423DE8E300369DD08CBE52254AC1EEC9] - 30/12/2011 - 10:19:46 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-51CCB287.pf

O45 - LFCP:[MD5.1269F3699CD372A94849B18E4244BC83] - 30/12/2011 - 13:21:56 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-0D53616E.pf

O45 - LFCP:[MD5.7574572E3C26409F9F4E82DF7BEA65BC] - 30/12/2011 - 17:51:45 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-6A249820.pf

O45 - LFCP:[MD5.7A90851FCB76340F4F3CA157A7550195] - 30/12/2011 - 17:51:45 ---A- - C:\Windows\Prefetch\VSSVC.EXE-6C8F0C66.pf

O45 - LFCP:[MD5.A32FE92710CE23B226989500D93DDE3A] - 30/12/2011 - 21:24:37 ---A- - C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-766EFF52.pf

~ Scan Prefetcher in 00mn 00s

---\\ Local Security Authority-LSA Deny (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Notification Packages . (...) -- C:\Program Files\Protector Suite\psqlpwd.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll

~ Scan Keys in 00mn 00s

---\\ Safe Boot Control (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

---\\ MountPoints2 Shell Key (MPKS) (O51) (None)

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll

O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\DivX.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.9.2 Codec" . (...) -- (.not file.)

~ Scan Keys in 00mn 00s

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O53 - SMSR:HKLM\...\startupreg\AppleSyncNotifier [Key] . (.Apple Inc. - AppleSyncNotifier.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O53 - SMSR:HKLM\...\startupreg\APSDaemon [Key] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe

O53 - SMSR:HKLM\...\startupreg\avgnt [Key] . (...) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\DivXUpdate [Key] . (.Unknown owner - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe

O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Google Installer.) -- C:\Users\Natália Castro\AppData\Local\Google\Update\GoogleUpdate.exe

O53 - SMSR:HKLM\...\startupreg\GrooveMonitor [Key] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

O53 - SMSR:HKLM\...\startupreg\HotKeysCmds [Key] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe

O53 - SMSR:HKLM\...\startupreg\IgfxTray [Key] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe

O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe

O53 - SMSR:HKLM\...\startupreg\Malwarebytes Anti-Malware [Key] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

O53 - SMSR:HKLM\...\startupreg\Persistence [Key] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe

O53 - SMSR:HKLM\...\startupreg\PlusService [Key] . (.Yuna Software - Messenger Plus! 5.) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe

O53 - SMSR:HKLM\...\startupreg\PSQLLauncher [Key] . (...) -- C:\Program Files\Protector Suite\launcher.exe

O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe

O53 - SMSR:HKLM\...\startupreg\SynTPEnh [Key] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O53 - SMSR:HKLM\...\startupreg\TkBellExe [Key] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe

~ Scan SMSR Keys in 00mn 00s

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

~ Scan Keys in 00mn 00s

---\\ System Drivers List (SDL) (O58)

O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 10/06/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422976]

O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 13/07/2009 - 22:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297552]

O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 13/07/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [146512]

O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 13/07/2009 - 22:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14400]

O58 - SDL:[MD5.19CE906B4CDC11FC4FEF5745F33A63B6] - 05/01/2012 - 02:43:46 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [80256]

O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 10/06/2009 - 22:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\system32\drivers\amdsbs.sys [159312]

O58 - SDL:[MD5.869E67D66BE326A5A9159FBA8746FA70] - 05/01/2012 - 02:43:46 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [22400]

O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 13/07/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [76368]

O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 13/07/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [86608]

O58 - SDL:[MD5.271CFD1A989209B1964E24D969552BF7] - 21/12/2011 - 16:58:03 ---A- . (.Avira GmbH - Avira Manager Driver.) -- C:\Windows\system32\drivers\avkmgr.sys [36000]

O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 13/07/2009 - 19:02:49 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60x.sys [229888]

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 13/07/2009 - 19:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 13/07/2009 - 19:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]

O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 13/07/2009 - 21:57:25 ---A- . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [272128]

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 13/07/2009 - 19:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 13/07/2009 - 19:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 13/07/2009 - 19:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]

O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 10/06/2009 - 19:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbdx.sys [430080]

O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 13/07/2009 - 22:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [15952]

O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 10/06/2009 - 22:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [70720]

O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 10/06/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [453712]

O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 10/06/2009 - 19:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbdx.sys [3100160]

O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 28/05/2011 - 13:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]

O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [26624]

O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 13/07/2009 - 22:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [67152]

O58 - SDL:[MD5.71F1A494FEDF4B33C02C4A6A28D6D9E9] - 05/01/2012 - 02:43:55 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys [332160]

O58 - SDL:[MD5.315AAAA2BC9BC778ADC0454B3CA8DCCE] - 20/07/2010 - 08:00:10 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [5946368]

O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 13/07/2009 - 22:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41040]

O58 - SDL:[MD5.264632ADE8127B7BAA2190CF6FAD435B] - 20/07/2010 - 06:44:52 ---A- . (.Intel® Corporation - Intel® High Definition Audio HDMI.) -- C:\Windows\system32\drivers\IntcHdmi.sys [122880]

O58 - SDL:[MD5.F93A8AE3FE12910CFFA81F72FE34C6F2] - 20/07/2010 - 11:23:56 ---A- . (.Windows ® Win 7 DDK provider - KBFiltr.) -- C:\Windows\system32\drivers\LiveGpdKBFilter.sys [4096]

O58 - SDL:[MD5.58A6EB33EA17CCC8042771634097A32B] - 20/07/2010 - 13:16:34 ---A- . (...) -- C:\Windows\system32\drivers\LiveIO.sys [15312]

O58 - SDL:[MD5.7FB4274918F694C0153472B094C9AFF8] - 20/07/2010 - 11:32:08 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\system32\drivers\Livekbc.sys [4096]

O58 - SDL:[MD5.3B20D5249084A9B0D87ECC1C1D59D9A6] - 20/07/2010 - 11:28:42 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\system32\drivers\Livemouclass.sys [3968]

O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 13/07/2009 - 22:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [95824]

O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 13/07/2009 - 22:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89168]

O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 13/07/2009 - 22:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [54864]

O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 13/07/2009 - 22:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96848]

O58 - SDL:[MD5.B7CA8CC3F978201856B6AB82F40953C3] - 04/01/2012 - 14:24:06 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20464]

O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 10/06/2009 - 22:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\system32\drivers\megasas.sys [30800]

O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 13/07/2009 - 22:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [235584]

O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 13/07/2009 - 22:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [44624]

O58 - SDL:[MD5.F1B0BED906F97E16F6D0C3629D2F21C6] - 05/01/2012 - 02:44:01 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [117120]

O58 - SDL:[MD5.4520B63899E867F354EE012D34E11536] - 05/01/2012 - 02:44:01 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [143744]

O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 10/06/2009 - 22:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1383488]

O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 13/07/2009 - 22:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106064]

O58 - SDL:[MD5.35336259C701DF23FEC318F5C8A030E5] - 20/07/2010 - 14:55:26 ---A- . (...) -- C:\Windows\system32\drivers\RLVrtAuCbl.sys [37072]

O58 - SDL:[MD5.26A9D6227D12B9D9DA5A81BB9B55D810] - 20/07/2010 - 08:35:04 ---A- . (.Realtek - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\Windows\system32\drivers\Rt86win7.sys [167936]

O58 - SDL:[MD5.15D839BB1BD1BDE95AAE98B10AD88D8C] - 20/07/2010 - 18:14:18 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2375776]

O58 - SDL:[MD5.CA5A4FBFE341F13733955B8AAC98F0B5] - 10/06/2009 - 19:02:53 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\system32\drivers\RTL8187B.sys [347136]

O58 - SDL:[MD5.7AC9F43613CD0EE40BEBBF150FF3A189] - 20/07/2010 - 17:55:06 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) -- C:\Windows\system32\drivers\rtl8192se.sys [996896]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 14/07/2009 - 17:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 10/06/2009 - 22:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [40016]

O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 13/07/2009 - 22:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [77888]

O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 21/12/2011 - 13:14:27 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys [28520]

O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [21072]

O58 - SDL:[MD5.6BEF3ACD6EE22EEC55B68699E8AACE09] - 20/07/2010 - 08:34:58 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [228784]

O58 - SDL:[MD5.83CAFCB53201BBAC04D822F32438E244] - 11/07/2011 - 08:06:08 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys [42496]

O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 13/07/2009 - 22:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [16976]

O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 10/06/2009 - 22:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [141904]

O58 - SDL:[MD5.C2215C6ADA8B1E9FEB507CEE9B446661] - 22/12/2011 - 08:38:00 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbmdm6k.sys [104960]

O58 - SDL:[MD5.9862F9D2FF50AE748ED42C022E6AAC15] - 22/12/2011 - 08:38:10 ---A- . (.ZTE Corporation. - USB NDIS Miniport Driver.) -- C:\Windows\system32\drivers\ZTEusbnet.sys [110592]

O58 - SDL:[MD5.F16CE3C7690AB7426DC96520D54A737E] - 22/12/2011 - 08:38:18 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbnmea.sys [105344]

O58 - SDL:[MD5.C2215C6ADA8B1E9FEB507CEE9B446661] - 22/12/2011 - 08:38:20 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbser6k.sys [104960]

O58 - SDL:[MD5.F16CE3C7690AB7426DC96520D54A737E] - 22/12/2011 - 08:38:30 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbvoice.sys [105344]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\system32\country.sys [27097]

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]

O58 - SDL:[MD5.F93A8AE3FE12910CFFA81F72FE34C6F2] - 20/07/2010 - 11:23:56 ---A- . (.Windows ® Win 7 DDK provider - KBFiltr.) -- C:\Windows\system32\LiveGpdKBFilter.sys [4096]

O58 - SDL:[MD5.58A6EB33EA17CCC8042771634097A32B] - 20/07/2010 - 13:16:34 ---A- . (...) -- C:\Windows\system32\LiveIO.sys [15312]

O58 - SDL:[MD5.7FB4274918F694C0153472B094C9AFF8] - 20/07/2010 - 11:32:08 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\system32\Livekbc.sys [4096]

O58 - SDL:[MD5.3B20D5249084A9B0D87ECC1C1D59D9A6] - 20/07/2010 - 11:28:42 ---A- . (.Systems Internals - Windows NT Caps-lock Ctrl Swapper.) -- C:\Windows\system32\Livemouclass.sys [3968]

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]

~ Scan Drivers in 00mn 00s

---\\ Last modified or created user files (O61)

O61 - LFC:Last File Created 03/01/2012 - 17:53:35 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Visited Links [131072]

O61 - LFC:Last File Created 04/01/2011 - 17:54:37 ---A- C:\Users\Todos os Usuários\Microsoft\Wlansvc\Profiles\Interfaces\{70943582-C6E0-4018-A0D1-1509722B5A03}\{C4BB07AD-DD67-4749-99A6-8F13F573C802}.xml [1278]

O61 - LFC:Last File Created 04/01/2012 - 12:09:09 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.youtube.com_0.localstorage [3072]

O61 - LFC:Last File Created 04/01/2012 - 17:54:56 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\MSS.chk [8192]

O61 - LFC:Last File Created 05/01/2012 - 12:59:40 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid [65536]

O61 - LFC:Last File Created 05/01/2012 - 12:59:44 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.ci [49152]

O61 - LFC:Last File Created 05/01/2012 - 12:59:44 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.dir [4096]

O61 - LFC:Last File Created 05/01/2012 - 17:28:56 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid [65536]

O61 - LFC:Last File Created 05/01/2012 - 17:28:57 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.ci [4096]

O61 - LFC:Last File Created 05/01/2012 - 17:28:57 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.dir [4096]

O61 - LFC:Last File Created 05/01/2012 - 23:33:25 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.gthr [11368]

O61 - LFC:Last File Created 06/01/2012 - 00:07:23 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid [65536]

O61 - LFC:Last File Created 06/01/2012 - 00:07:24 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.ci [8192]

O61 - LFC:Last File Created 06/01/2012 - 00:07:24 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.dir [4096]

O61 - LFC:Last File Created 06/01/2012 - 09:54:49 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Bookmarks [2342]

O61 - LFC:Last File Created 06/01/2012 - 10:35:15 ---A- C:\Users\Natália Castro\AppData\Local\Temp\RLFMThumb.db [491862]

O61 - LFC:Last File Created 06/01/2012 - 11:20:20 ---A- C:\Users\Natália Castro\Downloads\The.Help.DVDRip.XviD-DiAMOND.[sharethefiles.com].rmvb [499115717]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\128.png [3524]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\ar\messages.json [401]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\bg\messages.json [427]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\ca\messages.json [250]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\cs\messages.json [255]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\da\messages.json [242]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\de\messages.json [226]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\el\messages.json [475]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\en\messages.json [227]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\es\messages.json [240]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\fi\messages.json [222]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\fil\messages.json [236]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\fr\messages.json [249]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\he\messages.json [419]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\hi\messages.json [408]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\hr\messages.json [220]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\hu\messages.json [253]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\id\messages.json [231]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\it\messages.json [224]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\ja\messages.json [349]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\ko\messages.json [323]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\lt\messages.json [266]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\lv\messages.json [245]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\nl\messages.json [225]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\no\messages.json [216]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\pl\messages.json [274]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\pt_BR\messages.json [237]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\pt_PT\messages.json [236]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\ro\messages.json [248]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\ru\messages.json [394]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\sk\messages.json [241]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\sl\messages.json [245]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\sr\messages.json [437]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\sv\messages.json [238]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\th\messages.json [365]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\tr\messages.json [255]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\uk\messages.json [442]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\vi\messages.json [310]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\zh_CN\messages.json [257]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\_locales\zh_TW\messages.json [269]

O61 - LFC:Last File Created 06/01/2012 - 13:08:52 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.3_0\manifest.json [702]

O61 - LFC:Last File Created 06/01/2012 - 13:33:01 ---A- C:\Users\Natália Castro\AppData\Local\Temp\wmplog00.sqm [1730]

O61 - LFC:Last File Created 06/01/2012 - 13:44:18 ---A- C:\Users\Natália Castro\AppData\Local\Ares\Data\PHashIdx.dat [41642]

O61 - LFC:Last File Created 06/01/2012 - 20:51:26 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.wid [65536]

O61 - LFC:Last File Created 06/01/2012 - 20:51:29 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.ci [57344]

O61 - LFC:Last File Created 06/01/2012 - 20:51:29 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010006.dir [4096]

O61 - LFC:Last File Created 06/01/2012 - 21:24:45 ---A- C:\Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\Microsoft Office\Microsoft Office Word 2007.lnk [2699]

O61 - LFC:Last File Created 06/01/2012 - 21:24:46 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.ci [380928]

O61 - LFC:Last File Created 06/01/2012 - 21:24:46 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.dir [4096]

O61 - LFC:Last File Created 06/01/2012 - 21:24:46 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010007.wid [65536]

O61 - LFC:Last File Created 06/01/2012 - 21:24:53 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.3.gthr [4832]

O61 - LFC:Last File Created 06/01/2012 - 21:24:55 ---A- C:\Users\Natália Castro\AppData\Roaming\Microsoft\Office\Recente\Filmes.LNK [1301]

O61 - LFC:Last File Created 06/01/2012 - 21:24:55 ---A- C:\Users\Natália Castro\AppData\Roaming\Microsoft\Office\Recente\Malinha.LNK [1169]

O61 - LFC:Last File Created 06/01/2012 - 21:38:15 ---A- C:\Users\Natália Castro\Tracing\WindowsLiveMessenger-uccapi-0.uccapilog [0]

O61 - LFC:Last File Created 06/01/2012 - 21:38:16 ---A- C:\Users\All Users\Messenger Plus!\Promotions\Cache\p_534.dat [1119]

O61 - LFC:Last File Created 06/01/2012 - 21:38:16 ---A- C:\Users\Todos os Usuários\Messenger Plus!\Promotions\Cache\p_534.dat [1119]

O61 - LFC:Last File Created 06/01/2012 - 21:38:17 ---A- C:\Users\All Users\Messenger Plus!\Promotions\Cache\p_547.dat [1792]

O61 - LFC:Last File Created 06/01/2012 - 21:38:17 ---A- C:\Users\Todos os Usuários\Messenger Plus!\Promotions\Cache\p_547.dat [1792]

O61 - LFC:Last File Created 06/01/2012 - 22:05:16 ---A- C:\Users\Natália Castro\AppData\Roaming\Microsoft\MSN Messenger\sqmnoopt00.sqm [284]

O61 - LFC:Last File Created 06/01/2012 - 22:05:23 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.wid [65536]

O61 - LFC:Last File Created 06/01/2012 - 22:05:25 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.ci [36864]

O61 - LFC:Last File Created 06/01/2012 - 22:05:25 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010008.dir [4096]

O61 - LFC:Last File Created 06/01/2012 - 23:33:25 ---A- C:\Users\Natália Castro\Downloads\The.Help.DVDRip.XviD-DiAMOND.txt [246]

O61 - LFC:Last File Created 06/01/2012 - 23:33:28 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.3.Crwl [2]

O61 - LFC:Last File Created 08/01/2012 - 13:21:11 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.4.Crwl [2]

O61 - LFC:Last File Created 08/01/2012 - 13:44:27 ---A- C:\Users\Natália Castro\Downloads\381939_273654106027928_100001500211040_758417_435311215_n.jpg [66461]

O61 - LFC:Last File Created 08/01/2012 - 14:38:23 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\no\messages.json [210]

O61 - LFC:Last File Created 08/01/2012 - 14:38:23 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\se\messages.json [210]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\128.png [5920]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ar\messages.json [556]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\bg\messages.json [492]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ca\messages.json [262]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\cs\messages.json [289]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\da\messages.json [240]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\de\messages.json [239]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\el\messages.json [624]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\en\messages.json [215]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\es\messages.json [281]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fi\messages.json [284]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fil\messages.json [234]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\fr\messages.json [272]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hi\messages.json [391]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hr\messages.json [246]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\hu\messages.json [234]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\id\messages.json [242]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\it\messages.json [260]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ja\messages.json [364]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ko\messages.json [328]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lt\messages.json [269]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\lv\messages.json [262]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\nl\messages.json [232]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pl\messages.json [292]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_BR\messages.json [230]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\pt_PT\messages.json [231]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ro\messages.json [281]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\ru\messages.json [482]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sk\messages.json [238]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sl\messages.json [249]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\sr\messages.json [511]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\th\messages.json [471]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\tr\messages.json [250]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\uk\messages.json [536]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\vi\messages.json [257]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_CN\messages.json [339]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\_locales\zh_TW\messages.json [321]

O61 - LFC:Last File Created 08/01/2012 - 14:38:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\manifest.json [755]

O61 - LFC:Last File Created 08/01/2012 - 17:01:07 ---A- C:\Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk [974]

O61 - LFC:Last File Created 08/01/2012 - 17:53:39 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.ci [57344]

O61 - LFC:Last File Created 08/01/2012 - 17:53:39 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.dir [4096]

O61 - LFC:Last File Created 08/01/2012 - 17:53:39 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010009.wid [65536]

O61 - LFC:Last File Created 08/01/2012 - 17:54:57 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.4.gthr [2100]

O61 - LFC:Last File Created 08/01/2012 - 17:55:16 ---A- C:\Users\Natália Castro\AppData\Roaming\Lightcomm\reg.xml [485]

O61 - LFC:Last File Created 08/01/2012 - 17:56:45 ---A- C:\Users\Todos os Usuários\Microsoft\Windows Defender\Definition Updates\{27159CD6-08D9-493B-AADD-DF3F81AE0E63}\offreg.dll [56200]

O61 - LFC:Last File Created 08/01/2012 - 18:00:16 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom [6470604]

O61 - LFC:Last File Created 08/01/2012 - 18:00:16 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Safe Browsing Download [2617124]

O61 - LFC:Last File Created 08/01/2012 - 18:00:17 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist [134252]

O61 - LFC:Last File Created 08/01/2012 - 18:06:22 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Login Data-journal [8736]

O61 - LFC:Last File Created 08/01/2012 - 18:06:25 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Favicons-journal [1152872]

O61 - LFC:Last File Created 08/01/2012 - 18:06:25 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal [83568]

O61 - LFC:Last File Created 08/01/2012 - 18:06:29 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Archived History [53248]

O61 - LFC:Last File Created 08/01/2012 - 18:06:29 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Archived History-journal [512]

O61 - LFC:Last File Created 08/01/2012 - 18:06:40 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\History-journal [1679048]

O61 - LFC:Last File Created 08/01/2012 - 18:06:40 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Top Sites [20480]

O61 - LFC:Last File Created 08/01/2012 - 18:07:06 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Local State [19542]

O61 - LFC:Last File Created 08/01/2012 - 18:07:37 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Preferences [110735]

O61 - LFC:Last File Created 08/01/2012 - 21:30:00 ---A- C:\Users\Natália Castro\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\16.0.912.75\chrome_updater.exe [230896]

O61 - LFC:Last File Created 08/01/2012 - 21:30:00 ---A- C:\Users\Natália Castro\AppData\Local\Google\Update\Install\{6F6ED5EE-7602-419A-AEEB-32EC04224EB5}\chrome_updater.exe [230896]

O61 - LFC:Last File Created 09/12/2010 - 12:06:04 ---A- C:\Users\Natália Castro\AppData\Local\GDIPFONTCACHEV1.DAT [108824]

O61 - LFC:Last File Created 09/12/2010 - 18:04:12 ---A- C:\Users\Todos os Usuários\Microsoft\RAC\StateData\RacWmiDataBookmarks.dat [16412]

O61 - LFC:Last File Created 09/12/2010 - 18:04:12 ---A- C:\Users\Todos os Usuários\Microsoft\RAC\StateData\RacWmiEventData.dat [15499292]

O61 - LFC:Last File Created 09/12/2010 - 18:04:13 ---A- C:\Users\Todos os Usuários\Microsoft\RAC\PublishedData\RacWmiDatabase.sdf [1658880]

O61 - LFC:Last File Created 09/12/2010 - 18:04:13 ---A- C:\Users\Todos os Usuários\Microsoft\RAC\StateData\RacDatabase.sdf [544768]

O61 - LFC:Last File Created 10/12/2010 - 11:18:57 -SHA- C:\Users\Todos os Usuários\Microsoft\Windows\DRM\drmstore.hds [167936]

O61 - LFC:Last File Created 10/12/2010 - 13:44:18 ---A- C:\Users\Natália Castro\AppData\Local\Ares\Data\ShareH.dat [75081]

O61 - LFC:Last File Created 10/12/2010 - 13:44:18 ---A- C:\Users\Natália Castro\AppData\Local\Ares\Data\ShareL.dat [28371]

O61 - LFC:Last File Created 10/12/2010 - 13:57:06 ---A- C:\Users\Natália Castro\AppData\Local\Ares\Data\DHTnodes.dat [904]

O61 - LFC:Last File Created 10/12/2010 - 13:57:06 ---A- C:\Users\Natália Castro\AppData\Local\Ares\Data\FailedSNodes.dat [276]

O61 - LFC:Last File Created 10/12/2010 - 13:57:06 ---A- C:\Users\Natália Castro\AppData\Local\Ares\Data\SNodes.dat [22413]

O61 - LFC:Last File Created 10/12/2010 - 21:38:14 ---A- C:\Users\All Users\Messenger Plus!\Promotions\Cache\p_28.dat [1756]

O61 - LFC:Last File Created 10/12/2010 - 21:38:14 ---A- C:\Users\Todos os Usuários\Messenger Plus!\Promotions\Cache\p_28.dat [1756]

O61 - LFC:Last File Created 10/12/2010 - 21:38:15 ---A- C:\Users\All Users\Messenger Plus!\Promotions\Cache\p_305.dat [1042]

O61 - LFC:Last File Created 10/12/2010 - 21:38:15 ---A- C:\Users\All Users\Messenger Plus!\Promotions\Cache\p_349.dat [1471]

O61 - LFC:Last File Created 10/12/2010 - 21:38:15 ---A- C:\Users\Todos os Usuários\Messenger Plus!\Promotions\Cache\p_305.dat [1042]

O61 - LFC:Last File Created 10/12/2010 - 21:38:15 ---A- C:\Users\Todos os Usuários\Messenger Plus!\Promotions\Cache\p_349.dat [1471]

O61 - LFC:Last File Created 10/12/2010 - 21:38:17 ---A- C:\Users\All Users\Messenger Plus!\Promotions\Listing.dat [2718]

O61 - LFC:Last File Created 10/12/2010 - 21:38:17 ---A- C:\Users\Todos os Usuários\Messenger Plus!\Promotions\Listing.dat [2718]

O61 - LFC:Last File Created 11/12/2010 - 13:57:06 ---A- C:\Users\Natália Castro\AppData\Local\Ares\Data\default.m3u [2095]

O61 - LFC:Last File Created 12/12/2010 - 17:54:51 ---A- C:\Users\All Users\Real\RealUpgrade\RealUpgrade_12_0.xml [1257]

O61 - LFC:Last File Created 12/12/2010 - 17:54:51 ---A- C:\Users\Todos os Usuários\Real\RealUpgrade\RealUpgrade_12_0.xml [1257]

O61 - LFC:Last File Created 13/11/2011 - 17:53:35 --HA- C:\Users\Natália Castro\AppData\Local\IconCache.db [2933688]

O61 - LFC:Last File Created 14/07/2009 - 11:18:54 ---A- C:\Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [1515]

O61 - LFC:Last File Created 14/07/2009 - 17:57:32 ---A- C:\Users\Todos os Usuários\Microsoft\Network\Downloader\qmgr0.dat [4194304]

O61 - LFC:Last File Created 14/07/2009 - 17:57:32 ---A- C:\Users\Todos os Usuários\Microsoft\Network\Downloader\qmgr1.dat [4194304]

O61 - LFC:Last File Created 15/03/2011 - 17:49:23 ---A- C:\Users\Natália Castro\AppData\Roaming\Microsoft\OIS\Toolbars.dat [723]

O61 - LFC:Last File Created 15/03/2011 - 17:49:23 ---A- C:\Users\Natália Castro\AppData\Roaming\Microsoft\Office\OIS12.pip [432]

O61 - LFC:Last File Created 15/12/2010 - 21:39:42 ---A- C:\Users\Natália Castro\AppData\Roaming\Microsoft\IdentityCRL\Production\MetaConfig.xml [163]

O61 - LFC:Last File Created 16/08/2011 - 21:38:16 ---A- C:\Users\All Users\Messenger Plus!\Promotions\Cache\p_487.dat [964]

O61 - LFC:Last File Created 16/08/2011 - 21:38:16 ---A- C:\Users\Todos os Usuários\Messenger Plus!\Promotions\Cache\p_487.dat [964]

O61 - LFC:Last File Created 20/07/2010 - 17:54:37 ---A- C:\Users\Todos os Usuários\Microsoft\Vault\AC658CB4-9126-49BD-B877-31EEDAB3F204\Policy.vpol [1496]

O61 - LFC:Last File Created 20/07/2010 - 18:04:13 ---A- C:\Users\Todos os Usuários\Microsoft\RAC\StateData\RacMetaData.dat [8]

O61 - LFC:Last File Created 22/12/2011 - 09:54:49 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Bookmarks.bak [2342]

O61 - LFC:Last File Created 22/12/2011 - 18:00:17 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Filter 2 [1978784]

O61 - LFC:Last File Created 22/12/2011 - 18:06:22 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Login Data [12288]

O61 - LFC:Last File Created 22/12/2011 - 18:06:23 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Cookies [407552]

O61 - LFC:Last File Created 22/12/2011 - 18:06:25 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Favicons [22528]

O61 - LFC:Last File Created 22/12/2011 - 18:06:25 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\Web Data [145408]

O61 - LFC:Last File Created 22/12/2011 - 18:06:29 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [11]

O61 - LFC:Last File Created 22/12/2011 - 18:06:39 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\History [86016]

O61 - LFC:Last File Created 24/12/2010 - 14:49:02 ---A- C:\Users\Natália Castro\AppData\Roaming\Microsoft\Office\Groove12.pip [144]

O61 - LFC:Last File Created 24/12/2010 - 21:24:55 --HA- C:\Users\Natália Castro\AppData\Roaming\Microsoft\Office\Recente\index.dat [826]

O61 - LFC:Last File Created 24/12/2010 - 21:25:00 ---A- C:\Users\Natália Castro\AppData\Roaming\Microsoft\Office\Word12.pip [1728]

O61 - LFC:Last File Created 26/06/2011 - 21:38:16 ---A- C:\Users\All Users\Messenger Plus!\Promotions\Cache\p_446.dat [1608]

O61 - LFC:Last File Created 26/06/2011 - 21:38:16 ---A- C:\Users\Todos os Usuários\Messenger Plus!\Promotions\Cache\p_446.dat [1608]

O61 - LFC:Last File Created 28/12/2011 - 18:06:24 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db [7168]

O61 - LFC:Last File Created 28/12/2011 - 18:06:55 ---A- C:\Users\Natália Castro\AppData\Local\Google\Chrome\User Data\Default\QuotaManager [13312]

~ Scan Files in 00mn 12s

---\\ List all tools cleaner (LATC) (O63)

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

---\\ List all legacy services(LALS) (O64)

O64 - Services: CurCS - 01/12/2011 - C:\Windows\system32\DRIVERS\avkmgr.sys (avkmgr) .(.Avira GmbH - Avira Manager Driver.) - LEGACY_AVKMGR

O64 - Services: CurCS - 09/12/2010 - C:\WINDOWS\GSensor3201.sys (GSensor3201) .(.Windows ® 2000 DDK provider - EC IO Control Driver.) - LEGACY_GSENSOR3201

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: CurCS - 17/06/2010 - C:\Windows\system32\DRIVERS\ssmdrv.sys (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV

~ Scan Services in 00mn 00s

---\\ List unsigned files (LUF) (O65) (None)

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\system32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\system32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Natália Castro\AppData\Local\Google\Chrome\Application\chrome.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Natália Castro\AppData\Local\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Users\Natália Castro\AppData\Local\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\InstallInfo\ShowIconsCommand] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Users\Natália Castro\AppData\Local\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\InstallInfo\ReinstallCommand] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Users\Natália Castro\AppData\Local\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <Safari.exe> <Safari>[HKLM\..\InstallInfo\HideIconsCommand] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe

~ Scan Keys in 00mn 00s

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: SearchScopes [HKCU] {29D59FE6-4103-4CE2-8618-C003B2024023} [DefaultScope] - (Google) - http://www.google.com

O69 - SBI: SearchScopes [HKCU] {B719F3D3-5575-4045-844D-3A86EAEA369D} - (Google) - http://www.google.com

~ Scan Keys in 00mn 00s

---\\ Search Svchost Services (SSS) (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\system32\aelupsvc.dll [62464]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\system32\certprop.dll [67584]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\system32\certprop.dll [67584]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\system32\srvsvc.dll [168448]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\Windows\system32\gpsvc.dll [591360]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\system32\ikeext.dll [667136]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\system32\Audiosrv.dll [473088]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acesso Remoto.) -- C:\Windows\system32\rasauto.dll [90624]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\system32\rasmans.dll [285184]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\system32\mprdim.dll [75264]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\Windows\system32\sens.dll [49664]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\system32\ipnathlp.dll [300544]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft® Windows.) -- C:\Windows\system32\tapisrv.dll [241664]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor Host da Sessão da Área de.) -- C:\Windows\system32\termsrv.dll [543232]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [1912832]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de plano de fundo.) -- C:\Windows\system32\qmgr.dll [589312]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\system32\shsvcs.dll [328192]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em uma rede IPv4..) -- C:\Windows\system32\iphlpsvc.dll [497152]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [21504]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\system32\appinfo.dll [46592]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\system32\iscsiexe.dll [114688]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\system32\mmcss.dll [49664]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\system32\wercplsupport.dll [61440]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\system32\eapsvc.dll [98304]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [162816]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\system32\schedsvc.dll [749056]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\system32\kmsvc.dll [71168]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho Remota.) -- C:\Windows\system32\sessenv.dll [99328]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [168960]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\system32\browser.dll [102400]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\system32\themeservice.dll [37376]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\system32\bdesvc.dll [76800]

~ Scan Services in 00mn 00s

---\\ Search Particular Root Folder (SPRF) (O84)

[MD5.B4746563EBF36A45DCF151C03D7C48CE] [sPRF][27/12/2011] (...) -- C:\Users\Natália Castro\AppData\Local\Temp\.gbas.dll [389207]

[MD5.ED92900BF225E26A4E54C2C14FA1424F] [sPRF][09/09/2011] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\Natália Castro\AppData\Local\Temp\AskSLib.dll [246440]

[MD5.5151C17D942E3E5C18D6DB1C4500511A] [sPRF][29/12/2011] (.Skype Technologies S.A. - Skype.) -- C:\Users\Natália Castro\AppData\Local\Temp\SkypeSetup.exe [23803016]

[MD5.A1B87538FD91118308A5207BF6C66FBE] [sPRF][27/11/2010] (.Jeffrey Harris - SharePod.) -- C:\Users\Natália Castro\Desktop\SharePod.exe [5470720]

[MD5.E9B21E953DF453FEA764B47166BDF743] [sPRF][08/01/2012] (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag2.exe [4162815]

~ Scan Files in 00mn 00s

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "TCP Query User{1DA60DFB-94B0-4516-923D-CB65B4E46148}C:\program files\guiamultimidia\guiamultimidia.exe" | In - Public - P6 - TRUE | .(.SEMP TOSHIBA - IDEAS & TECHNOLOGY.) -- C:\Program Files\GuiaMultimidia\GuiaMultimidia.exe

O87 - FAEL: "UDP Query User{BCB8DB7A-9E0A-42B0-876C-BC6C91C7BE92}C:\program files\guiamultimidia\guiamultimidia.exe" | In - Public - P17 - TRUE | .(.SEMP TOSHIBA - IDEAS & TECHNOLOGY.) -- C:\Program Files\GuiaMultimidia\GuiaMultimidia.exe

O87 - FAEL: "{0C558B65-0EB8-4331-8E34-FB0A451FF1B4}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O87 - FAEL: "TCP Query User{33494B3A-B0B9-4055-8DD2-1BF1DFB7DA17}C:\program files\java\jre6\bin\javaw.exe" | In - Public - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\javaw.exe

O87 - FAEL: "UDP Query User{802A32A9-B14E-460F-83CF-41F09A40E8D8}C:\program files\java\jre6\bin\javaw.exe" | In - Public - P17 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\javaw.exe

O87 - FAEL: "TCP Query User{558E9448-D561-481A-A3F0-F0D619B1DBAE}C:\program files\java\jre6\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\javaw.exe

O87 - FAEL: "UDP Query User{A7A46564-2934-4A89-AE02-8716AEA5AC19}C:\program files\java\jre6\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\javaw.exe

O87 - FAEL: "TCP Query User{D70DF461-5F35-47A2-A20F-EC7808EE3CFF}C:\program files\ares\ares.exe" | In - Private - P6 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\Program Files\Ares\Ares.exe

O87 - FAEL: "UDP Query User{5C446ED9-EB24-4A2F-B0CD-8FD66D3E78CA}C:\program files\ares\ares.exe" | In - Private - P17 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\Program Files\Ares\Ares.exe

O87 - FAEL: "TCP Query User{54C65CF5-E3DA-4A68-9D18-EDED28B1F684}C:\program files\ares\ares.exe" | In - Public - P6 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\Program Files\Ares\Ares.exe

O87 - FAEL: "UDP Query User{FF45D27C-94CE-4E54-9478-1077F151668B}C:\program files\ares\ares.exe" | In - Public - P17 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\Program Files\Ares\Ares.exe

O87 - FAEL: "{387BB276-7486-4FE6-B7CC-C56EF69A712C}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe

O87 - FAEL: "{8795757A-2015-4FE7-8DC2-882190705F48}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{21D54E97-F211-489D-BD6C-D18040B970B9}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{05759268-E16C-44B7-881E-4772C52E0D98}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe

O87 - FAEL: "TCP Query User{4D454BBD-3464-4D98-B7B4-A9A369AA3B89}C:\program files\real\realplayer\realplay.exe" | In - Public - P6 - TRUE | .(.RealNetworks, Inc. - RealPlayer.) -- C:\Program Files\Real\RealPlayer\realplay.exe

O87 - FAEL: "UDP Query User{86BFB2AA-6C9C-44E1-8C6E-F2F2822D6C5D}C:\program files\real\realplayer\realplay.exe" | In - Public - P17 - TRUE | .(.RealNetworks, Inc. - RealPlayer.) -- C:\Program Files\Real\RealPlayer\realplay.exe

~ Scan Firewall in 00mn 00s

---\\ Additionnal Scan (O88)

Database Version : 8954 - (06/01/2012)

Clés trouvées (Keys found) : 9

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 5

Fichiers trouvés (Files found) : 0

[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Adware.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon

[HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49dd-99D7-DC866BE87DBC}] =>Toolbar.Babylon

[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon

[HKLM\Software\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}] =>Toolbar.Babylon

[HKCU\Software\Grand Virtual] =>Spyware.AgenceExclusive

C:\ProgramData\Babylon =>Toolbar.Babylon

C:\Users\Natália Castro\AppData\Roaming\Babylon =>Toolbar.Babylon

C:\Users\Natália Castro\AppData\Local\Babylon =>Toolbar.Babylon

C:\Users\Natália Castro\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon

~ Scan Additionnel in 00mn 06s

---\\ Router Hijack DNS (O89)

Servidor: ns02-rj.velox.net.br

Address: 200.222.122.133

Nome: www.l.google.com

Addresses: 74.125.234.48

74.125.234.51

74.125.234.52

74.125.234.50

74.125.234.49

Aliases: www.google.fr

www.google.com

~ Scan DNS in 00mn 02s

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)

SS - | Disabled 18/06/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

SS - | Disabled 28/11/2011 55144 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SR - | Auto 05/01/2012 196176 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe

SS - | Disabled 28/11/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SS - | Disabled 10/12/2010 61440 | (cmpe) . (.LightComm.) - C:\Windows\System32\cmpe.exe

SS - | Disabled 13/12/2011 821608 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SS - | Disabled 20/07/2010 935208 | Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

SS - | Disabled 15/12/2010 136496 | (scpVista) . (.Scopus Tecnologia Ltda.) - C:\Program Files\Scpad\scpVista.exe

SR - | Auto 13/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Scan Services in 00mn 02s

---\\ Search Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

Run by Natália Castro at 08/01/2012 19:08:58

CreateFile("\\.\PHYSICALDRIVE0"): O arquivo já está sendo usado por outro processo.

device: opened successfully

user: error reading MBR

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll pciide.sys PCIIDEX.SYS atapi.sys

1 ntkrnlpa!IofCallDriver[0x82E40458] -> \Device\Harddisk0\DR0[0x861568F0]

3 CLASSPNP[0x8B3DF59E] -> ntkrnlpa!IofCallDriver[0x82E40458] -> \Device\Ide\IdeDeviceP0T0L0-0[0x85C9F908]

kernel: MBR read successfully

user != kernel MBR !!!

~ Scan MBR in 00mn 02s

---\\ Search Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by Natália Castro at 08/01/2012 19:09:00

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ Scan MBR in 00mn 04s

End of the scan (1591 lines in 01mn 30s)(0)

Já tentei mexer nos padrões de energia para forçar o desligmento e ainda não obtive êxito.

Espero que você possa me ajudar.

Obrigada!

DigRam · Janeiro 9, 2012

Boa Tarde! missbrightside

Já tentei mexer nos padrões de energia para forçar o desligmento e ainda não obtive êxito.
Espero que você possa me ajudar.

|- Quando,precisamente,ocorreu o problema? Foi devido a algum software que baixou?

|- Desinstale: C:\Program Files\Protector Suite

////°°°°////

|- Baixe: < adwcleaner0.zip >

|- Estando na página,clique em "Faça o download do seu fich..."

|- Aguarde até que zere a contagem Sfff...,que fica ao pé da página.

|- Clique em "Faça o download do seu ficheiro aqui".

|- Aguarde,até que apareça a janela: "Opening adwcleaner0.zip"

|- Marque: Save file --> OK.

|- Salve-a no desktop!

|- Dê início ao scan,clicando em "Suppression" < >

|- Ps: Ao executar a ferramenta,não esqueça de tirá-la do zip.

|- Ao concluir,poste o relatório: C:\AdwCleaner[S].txt

////°°°°////

|- Feche programas/pastas que estejam abertas.

|- Para Windows Vista,desabilite a UAC,para que sejam permitidas autorizações não autorizadas.

|- Dê um duplo clique em ZHPFix.

|- Clique no menu,H < >

===============////==============