Ir para conteúdo

POWERED BY:

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

IuriMattos

 [Resolvido]  Virut / Parite-B

Recommended Posts

Olá. Gostaria de agradecer a Antonio Vieira Sobrinho, DigRam e ao Wings pela grande ajuda nos tópicos abaixo

 

http://forum.imasters.com.br/topic/447247-virutbrontokacumulo-de-memoria/

http://forum.imasters.com.br/topic/454405-tela-azul-memoria-ou-erro-no-sistema/

http://forum.imasters.com.br/topic/467159-processo-executa-mas-programa-nao-abre/

 

Estou dando continuidade no ultimo tópico apoiado pelo Wings.

Preciso desinfectar totalmente meu computador pois, eu uso 2 hd, um pequeno onde fica apenas o sistema operacional e o outro com toda a "tralha".

 

Minhas tralhas estão infectadas então eu preciso desinfecta-las antes que prejudiquem todo sistema operacional novamente. Segue abaixo os scans:

 

• Hijackthis.

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:35:57, on 11/09/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16448)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskhost.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Ask.com\Updater\Updater.exe

C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe

C:\Windows\system32\taskeng.exe

C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe

C:\Windows\system32\wuauclt.exe

C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\chrome.exe

D:\IuriMattos\INSTALADORES_ESSENCIAIS\Analise_Virus\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dis&o=14676

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\IuriMattos\Faculdade\jre6\bin\ssv.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\IuriMattos\Faculdade\jre6\bin\jp2ssv.dll

O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file)

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O4 - HKLM\..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\IuriMattos\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVIÇO DE REDE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVIÇO DE REDE')

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: c:\progra~2\browse~1\22630~1.40\{16cdf~1\browse~1.dll

O23 - Service: Browser Manager - Unknown owner - C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

 

--

End of file - 5065 bytes

 

• OTL.

 

OTL logfile created on: 11/09/2012 11:36:45 - Run 1

OTL by OldTimer - Version 3.2.48.0 Folder = D:\IuriMattos\INSTALADORES_ESSENCIAIS\Analise_Virus

Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

 

3,24 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 40,53% Memory free

6,48 Gb Paging File | 4,33 Gb Available in Paging File | 66,77% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 74,53 Gb Total Space | 5a3,89 Gb Free Space | 72,30% Space Free | Partition Type: NTFS

Drive D: | 298,09 Gb Total Space | 63,44 Gb Free Space | 21,28% Space Free | Partition Type: NTFS

 

Computer Name: IURIMATTOS-PC | User Name: IuriMattos | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Processes (SafeList) ==========

 

PRC - [2012/09/11 08:18:30 | 000,596,480 | ---- | M] (OldTimer Tools) -- D:\IuriMattos\INSTALADORES_ESSENCIAIS\Analise_Virus\OTL.exe

PRC - [2012/09/10 19:51:57 | 001,701,912 | ---- | M] () -- C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe

PRC - [2012/08/13 03:55:20 | 006,132,616 | ---- | M] (DsNET) -- C:\Arquivos de Programas\DsNET Corp\aTube Catcher 2.0\yct.exe

PRC - [2012/06/06 21:33:42 | 001,564,872 | ---- | M] (Ask) -- C:\Arquivos de Programas\Ask.com\Updater\Updater.exe

PRC - [2011/06/24 01:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

PRC - [2011/02/25 02:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2010/11/20 18:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de Programas\Windows Media Player\wmpnetwk.exe

PRC - [2010/11/20 18:29:19 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2010/11/20 18:29:06 | 000,179,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe

 

 

========== Modules (No Company Name) ==========

 

MOD - [2012/09/10 19:51:57 | 002,073,112 | ---- | M] () -- c:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll

MOD - [2012/09/10 19:51:57 | 001,701,912 | ---- | M] () -- C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe

MOD - [2012/08/29 23:58:45 | 000,442,392 | ---- | M] () -- C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll

MOD - [2012/08/29 23:58:44 | 012,237,336 | ---- | M] () -- C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll

MOD - [2012/08/29 23:58:42 | 003,997,720 | ---- | M] () -- C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll

MOD - [2012/08/29 23:57:27 | 000,526,872 | ---- | M] () -- C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\21.0.1180.89\libglesv2.dll

MOD - [2012/08/29 23:57:26 | 000,104,984 | ---- | M] () -- C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\21.0.1180.89\libegl.dll

MOD - [2012/08/29 23:57:15 | 000,144,424 | ---- | M] () -- C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\21.0.1180.89\avutil-51.dll

MOD - [2012/08/29 23:57:13 | 000,266,792 | ---- | M] () -- C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\21.0.1180.89\avformat-54.dll

MOD - [2012/08/29 23:57:12 | 002,480,680 | ---- | M] () -- C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll

 

 

========== Win32 Services (SafeList) ==========

 

SRV - [2012/09/11 00:31:49 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2012/09/10 19:51:57 | 001,701,912 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)

SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Running] -- C:\Arquivos de Programas\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2010/11/20 18:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de Programas\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)

SRV - [2009/07/13 22:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)

SRV - [2009/07/13 22:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/13 22:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

SRV - [2009/07/13 22:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de Programas\Windows Defender\MpSvc.dll -- (WinDefend)

 

 

========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\IURIMA~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys -- (cpuz134)

DRV - [2011/09/08 12:40:24 | 000,363,112 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)

DRV - [2010/11/20 18:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2010/11/20 18:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)

DRV - [2010/11/20 18:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)

DRV - [2010/11/20 18:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)

DRV - [2010/11/20 18:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)

DRV - [2010/11/20 18:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV - [2010/11/20 18:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)

DRV - [2010/11/20 18:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)

DRV - [2006/11/02 08:57:08 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com/?affID=110823&tt=3712_8&babsrc=HP_ss&mntrId=24fef9ee000000000000001fe23188ce

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dis&o=14676

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C1 F4 B1 0C 81 8F CD 01 [binary data]

IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Arquivos de Programas\Ask.com\GenericAskToolbar.dll (Ask)

IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110823&tt=3712_8&babsrc=SP_ss&mntrId=24fef9ee000000000000001fe23188ce

IE - HKCU\..\SearchScopes\{FB67DFCB-FBDE-4A05-B19F-6072E00839A2}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14674&src=kw&q={searchTerms}&locale=&apn_ptnrs=T9&apn_dtid=YYYYYYYYUS&apn_uid=e23ee96f-2eb1-49e6-9c9a-b73d08262621&apn_sauid=E9BBAB27-9B1E-422F-9208-988EF4B4357E

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

========== FireFox ==========

 

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\IuriMattos\Faculdade\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\IuriMattos\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\IuriMattos\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

 

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012/09/10 19:51:58 | 000,000,000 | ---D | M]

 

[2012/09/10 19:51:21 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de Programas\Mozilla Firefox\extensions

 

========== Chrome ==========

 

CHR - default_search_provider: Ask (Enabled)

CHR - default_search_provider: search_url = http://websearch.ask.com/redirect?client=cr&src=kw&tb=ATU2&o=14674&locale=pt_US&apn_uid=e23ee96f-2eb1-49e6-9c9a-b73d08262621&apn_ptnrs=T9&apn_sauid=E9BBAB27-9B1E-422F-9208-988EF4B4357E&apn_dtid=YYYYYYYYUS&q={searchTerms}

CHR - default_search_provider: suggest_url = http://ss.websearch.ask.com/query?qsrc=2922&li=ff&sstype=prefix&q={searchTerms},

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\IuriMattos\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll

CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

CHR - plugin: Google Update (Enabled) = C:\Users\IuriMattos\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - Extension: YouTube = C:\Users\IuriMattos\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Pesquisa do Google = C:\Users\IuriMattos\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Desprotetor de Links = C:\Users\IuriMattos\AppData\Local\Google\Chrome\User Data\Default\Extensions\imcbnnnoghiihopefblgehihofbfbmei\1.2.9_0\

CHR - Extension: Auto Refresh Plus = C:\Users\IuriMattos\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih\1.8.9.14_0\

CHR - Extension: Gmail = C:\Users\IuriMattos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2009/06/10 18:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Arquivos de Programas\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll (Babylon BHO)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\IuriMattos\Faculdade\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de Programas\Ask.com\GenericAskToolbar.dll (Ask)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\IuriMattos\Faculdade\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.

O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Arquivos de Programas\Ask.com\GenericAskToolbar.dll (Ask)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)

O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8A7D37EE-6CFC-4BE2-BA1F-6684E89AB4F0}: DhcpNameServer = 192.168.0.1

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de Programas\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20 - AppInit_DLLs: (c:\progra~2\browse~1\22630~1.40\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.2.630.40\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 18:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2006/09/18 18:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

========== Files/Folders - Created Within 30 Days ==========

 

[2012/09/11 11:28:53 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\AppData\Roaming\Skype

[2012/09/11 11:28:47 | 000,000,000 | R--D | C] -- C:\Program Files\Skype

[2012/09/11 11:28:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

[2012/09/11 11:28:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype

[2012/09/11 11:28:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

[2012/09/11 08:30:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MTA San Andreas 1.3

[2012/09/11 08:23:40 | 000,000,000 | ---D | C] -- C:\ProgramData\MTA San Andreas All

[2012/09/11 07:31:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab

[2012/09/11 07:22:21 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET

[2012/09/11 00:31:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat

[2012/09/10 19:58:27 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com

[2012/09/10 19:58:17 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\AppData\Local\APN

[2012/09/10 19:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher

[2012/09/10 19:57:58 | 000,000,000 | ---D | C] -- C:\Program Files\DsNET Corp

[2012/09/10 19:57:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask

[2012/09/10 19:52:00 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\Start Menu

[2012/09/10 19:52:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins

[2012/09/10 19:52:00 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions

[2012/09/10 19:52:00 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\AppData\Roaming\BabylonToolbar

[2012/09/10 19:51:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager

[2012/09/10 19:51:21 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2012/09/10 19:51:21 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar

[2012/09/10 19:50:48 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\AppData\Roaming\Babylon

[2012/09/10 19:50:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon

[2012/09/10 19:44:56 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\AppData\Roaming\Media Player Classic

[2012/09/10 16:38:49 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll

[2012/09/10 16:38:49 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll

[2012/09/10 16:38:49 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll

[2012/09/10 16:38:49 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll

[2012/09/10 16:38:49 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll

[2012/09/10 16:38:47 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information

[2012/09/10 16:38:47 | 000,000,000 | ---D | C] -- C:\Riot Games

[2012/09/10 16:38:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewFeature1

[2012/09/10 16:34:46 | 000,000,000 | ---D | C] -- C:\League of Legends

[2012/09/10 16:34:25 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\AppData\Local\PMB Files

[2012/09/10 16:34:25 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files

[2012/09/10 16:33:49 | 000,000,000 | ---D | C] -- C:\Program Files\Pando Networks

[2012/09/10 16:29:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2012/09/10 16:29:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2012/09/10 16:28:45 | 000,000,000 | ---D | C] -- C:\Program Files\Sun

[2012/09/10 16:28:36 | 000,476,960 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll

[2012/09/10 16:28:36 | 000,472,864 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2012/09/10 16:28:31 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2012/09/10 16:28:31 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2012/09/10 16:28:31 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2012/09/10 16:27:02 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2012/09/10 16:01:31 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat

[2012/09/10 16:01:31 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2012/09/10 16:01:31 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2012/09/10 16:01:31 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2012/09/10 16:01:31 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2012/09/10 16:01:31 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll

[2012/09/10 16:01:31 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2012/09/10 16:01:31 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll

[2012/09/10 16:01:31 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2012/09/10 16:01:31 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2012/09/10 16:01:31 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll

[2012/09/10 16:01:31 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll

[2012/09/10 16:01:31 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2012/09/10 16:01:31 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll

[2012/09/10 16:01:31 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll

[2012/09/10 16:01:31 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll

[2012/09/10 16:01:31 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe

[2012/09/10 16:01:31 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe

[2012/09/10 16:01:31 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2012/09/10 16:01:31 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll

[2012/09/10 16:01:31 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2012/09/10 16:01:31 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll

[2012/09/10 16:01:31 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll

[2012/09/10 16:01:31 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2012/09/10 16:01:31 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll

[2012/09/10 16:01:31 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe

[2012/09/10 16:01:31 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe

[2012/09/10 16:01:31 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2012/09/10 16:01:31 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2012/09/10 16:01:31 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2012/09/10 16:01:31 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll

[2012/09/10 16:01:31 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll

[2012/09/10 16:01:31 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2012/09/10 16:01:31 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll

[2012/09/10 16:01:31 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2012/09/10 16:01:31 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2012/09/10 16:01:31 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2012/09/10 15:57:50 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2012/09/10 15:57:47 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdosys.dll

[2012/09/10 15:57:36 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys

[2012/09/10 15:57:34 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe

[2012/09/10 15:57:34 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe

[2012/09/10 15:57:32 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll

[2012/09/10 15:57:32 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll

[2012/09/10 15:57:32 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll

[2012/09/10 15:57:32 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll

[2012/09/10 15:57:32 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll

[2012/09/10 15:57:32 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll

[2012/09/10 15:57:28 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll

[2012/09/10 15:57:28 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll

[2012/09/10 15:57:28 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll

[2012/09/10 15:57:28 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll

[2012/09/10 15:57:26 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll

[2012/09/10 15:57:22 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe

[2012/09/10 15:57:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3r.dll

[2012/09/10 15:57:20 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll

[2012/09/10 15:57:20 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll

[2012/09/10 15:57:20 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax

[2012/09/10 15:57:18 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe

[2012/09/10 15:57:17 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl

[2012/09/10 15:57:17 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe

[2012/09/10 15:57:12 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll

[2012/09/10 15:57:09 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll

[2012/09/10 15:57:09 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll

[2012/09/10 15:57:09 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll

[2012/09/10 15:57:09 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll

[2012/09/10 15:57:09 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll

[2012/09/10 15:57:08 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll

[2012/09/10 15:57:08 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll

[2012/09/10 15:57:08 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax

[2012/09/10 15:57:07 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

[2012/09/10 15:57:07 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll

[2012/09/10 15:57:07 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll

[2012/09/10 15:57:07 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll

[2012/09/10 15:57:06 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll

[2012/09/10 15:57:06 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll

[2012/09/10 15:57:06 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll

[2012/09/10 15:57:06 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll

[2012/09/10 15:57:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll

[2012/09/10 15:57:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll

[2012/09/10 15:57:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll

[2012/09/10 15:57:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll

[2012/09/10 15:57:06 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll

[2012/09/10 15:57:06 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll

[2012/09/10 15:57:05 | 000,314,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll

[2012/09/10 15:57:05 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll

[2012/09/10 15:57:04 | 000,870,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll

[2012/09/10 15:57:04 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll

[2012/09/10 15:57:04 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll

[2012/09/10 15:57:00 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll

[2012/09/10 15:57:00 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll

[2012/09/10 15:56:59 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll

[2012/09/10 15:56:59 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll

[2012/09/10 15:56:58 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll

[2012/09/10 15:56:57 | 002,616,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe

[2012/09/10 15:56:57 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe

[2012/09/10 15:56:56 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll

[2012/09/10 15:56:55 | 001,077,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll

[2012/09/10 15:56:55 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll

[2012/09/10 15:56:55 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll

[2012/09/10 15:56:55 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe

[2012/09/10 15:54:20 | 000,027,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys

[2012/09/10 15:54:19 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys

[2012/09/10 15:52:54 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\AppData\Local\Google

[2012/09/10 15:52:31 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll

[2012/09/10 15:51:04 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\AppData\Local\Deployment

[2012/09/10 15:51:04 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\AppData\Local\Apps

[2012/09/10 15:49:05 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll

[2012/09/10 15:49:04 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll

[2012/09/10 15:49:00 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll

[2012/09/10 15:49:00 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll

[2012/09/10 15:49:00 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll

[2012/09/10 15:48:55 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll

[2012/09/10 15:48:55 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe

[2012/09/10 15:47:23 | 000,398,336 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\TVWizudlg.exe

[2012/09/10 15:47:22 | 000,000,000 | ---D | C] -- C:\Program Files\Intel

[2012/09/10 15:46:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader

[2012/09/10 15:46:01 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software

[2012/09/10 15:45:57 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

[2012/09/10 15:45:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack

[2012/09/10 15:45:49 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack

[2012/09/10 15:44:56 | 000,363,112 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys

[2012/09/10 15:44:56 | 000,100,896 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RTNUninst32.dll

[2012/09/10 15:44:52 | 001,002,008 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igxpun.exe

[2012/09/10 15:44:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\x64

[2012/09/10 15:44:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\Lang

[2012/09/10 15:44:42 | 000,059,392 | ---- | C] (Intel Corporation) -- C:\Windows\System32\oemdspif.dll

[2012/09/10 15:44:40 | 000,257,536 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxTMM.dll

[2012/09/10 15:44:40 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxCoIn_v1930.dll

[2012/09/10 15:44:40 | 000,051,712 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.dll

[2012/09/10 15:44:39 | 005,702,656 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxress.dll

[2012/09/10 15:44:39 | 000,536,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumdx32.dll

[2012/09/10 15:44:39 | 000,199,680 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxpph.dll

[2012/09/10 15:44:39 | 000,130,048 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdo.dll

[2012/09/10 15:44:39 | 000,023,552 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxexps.dll

[2012/09/10 15:44:38 | 004,104,192 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4icd32.dll

[2012/09/10 15:44:38 | 002,686,976 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4dev32.dll

[2012/09/10 15:44:38 | 000,094,208 | ---- | C] (Intel Corporation) -- C:\Windows\System32\hccutils.dll

[2012/09/10 15:44:36 | 008,198,680 | ---- | C] (Intel® Corporation) -- C:\Windows\System32\TVWSetup.exe

[2012/09/10 15:44:36 | 000,672,792 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcfg.exe

[2012/09/10 15:44:35 | 000,304,640 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrita.lrc

[2012/09/10 15:44:35 | 000,299,520 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnld.lrc

[2012/09/10 15:44:35 | 000,294,912 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptg.lrc

[2012/09/10 15:44:35 | 000,291,328 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrrus.lrc

[2012/09/10 15:44:35 | 000,289,280 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptb.lrc

[2012/09/10 15:44:35 | 000,288,256 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrhun.lrc

[2012/09/10 15:44:35 | 000,287,744 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrplk.lrc

[2012/09/10 15:44:35 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsve.lrc

[2012/09/10 15:44:35 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsky.lrc

[2012/09/10 15:44:35 | 000,280,064 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnor.lrc

[2012/09/10 15:44:35 | 000,279,040 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtrk.lrc

[2012/09/10 15:44:35 | 000,277,504 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrslv.lrc

[2012/09/10 15:44:35 | 000,262,656 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtha.lrc

[2012/09/10 15:44:35 | 000,249,856 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrheb.lrc

[2012/09/10 15:44:35 | 000,206,848 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrjpn.lrc

[2012/09/10 15:44:35 | 000,205,312 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrkor.lrc

[2012/09/10 15:44:34 | 000,310,784 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrell.lrc

[2012/09/10 15:44:34 | 000,303,616 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfra.lrc

[2012/09/10 15:44:34 | 000,303,616 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdeu.lrc

[2012/09/10 15:44:34 | 000,303,104 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxresp.lrc

[2012/09/10 15:44:34 | 000,282,624 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcsy.lrc

[2012/09/10 15:44:34 | 000,281,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfin.lrc

[2012/09/10 15:44:34 | 000,280,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdan.lrc

[2012/09/10 15:44:34 | 000,275,968 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrenu.lrc

[2012/09/10 15:44:34 | 000,252,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrara.lrc

[2012/09/10 15:44:34 | 000,179,712 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcht.lrc

[2012/09/10 15:44:34 | 000,178,176 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrchs.lrc

[2012/09/10 15:44:32 | 000,119,296 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcpl.cpl

[2012/09/10 15:43:46 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM

[2012/09/10 15:43:46 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek

[2012/09/10 15:43:39 | 003,296,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll

[2012/09/10 15:43:39 | 000,345,944 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll

[2012/09/10 15:43:39 | 000,103,256 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll

[2012/09/10 15:43:39 | 000,088,408 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll

[2012/09/10 15:43:39 | 000,061,272 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll

[2012/09/10 15:43:36 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll

[2012/09/10 15:43:36 | 001,725,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll

[2012/09/10 15:43:35 | 004,238,440 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll

[2012/09/10 15:43:35 | 003,327,320 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll

[2012/09/10 15:43:35 | 002,276,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll

[2012/09/10 15:43:35 | 001,836,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll

[2012/09/10 15:43:35 | 001,379,760 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tosade.dll

[2012/09/10 15:43:35 | 001,329,768 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll

[2012/09/10 15:43:35 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll

[2012/09/10 15:43:35 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll

[2012/09/10 15:43:35 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll

[2012/09/10 15:43:35 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll

[2012/09/10 15:43:35 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll

[2012/09/10 15:43:35 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll

[2012/09/10 15:43:35 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll

[2012/09/10 15:43:35 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll

[2012/09/10 15:43:35 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll

[2012/09/10 15:43:35 | 000,178,624 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo2.dll

[2012/09/10 15:43:35 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll

[2012/09/10 15:43:35 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll

[2012/09/10 15:43:35 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll

[2012/09/10 15:43:35 | 000,134,584 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\System32\tadefxapo.dll

[2012/09/10 15:43:35 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll

[2012/09/10 15:43:35 | 000,083,048 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll

[2012/09/10 15:43:35 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll

[2012/09/10 15:43:35 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll

[2012/09/10 15:43:35 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll

[2012/09/10 15:43:35 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll

[2012/09/10 15:43:35 | 000,058,264 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\System32\TepeqAPO.dll

[2012/09/10 15:43:34 | 001,740,352 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll

[2012/09/10 15:43:34 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll

[2012/09/10 15:43:34 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll

[2012/09/10 15:43:34 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll

[2012/09/10 15:43:34 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll

[2012/09/10 15:43:34 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll

[2012/09/10 15:43:34 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll

[2012/09/10 15:43:34 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll

[2012/09/10 15:43:34 | 000,413,696 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll

[2012/09/10 15:43:34 | 000,390,656 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll

[2012/09/10 15:43:34 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll

[2012/09/10 15:43:34 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll

[2012/09/10 15:43:34 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll

[2012/09/10 15:43:34 | 000,327,168 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll

[2012/09/10 15:43:34 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll

[2012/09/10 15:43:34 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll

[2012/09/10 15:43:34 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll

[2012/09/10 15:43:33 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll

[2012/09/10 15:43:33 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll

[2012/09/10 15:43:20 | 001,873,920 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat

[2012/09/10 15:43:20 | 001,497,704 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl

[2012/09/10 15:42:51 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe

[2012/09/10 15:11:33 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\AppData\Local\Diagnostics

[2012/09/10 15:08:05 | 000,000,000 | R--D | C] -- C:\Users\IuriMattos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2012/09/10 15:08:05 | 000,000,000 | R--D | C] -- C:\Users\IuriMattos\Searches

[2012/09/10 15:08:05 | 000,000,000 | R--D | C] -- C:\Users\IuriMattos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2012/09/10 15:07:57 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\AppData\Roaming\Identities

[2012/09/10 15:07:56 | 000,000,000 | R--D | C] -- C:\Users\IuriMattos\Contacts

[2012/09/10 15:07:52 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\AppData\Local\VirtualStore

[2012/09/10 15:07:51 | 000,000,000 | --SD | C] -- C:\Users\IuriMattos\AppData\Roaming\Microsoft

[2012/09/10 15:07:51 | 000,000,000 | R--D | C] -- C:\Users\IuriMattos\Videos

[2012/09/10 15:07:51 | 000,000,000 | R--D | C] -- C:\Users\IuriMattos\Saved Games

[2012/09/10 15:07:51 | 000,000,000 | R--D | C] -- C:\Users\IuriMattos\Pictures

[2012/09/10 15:07:51 | 000,000,000 | R--D | C] -- C:\Users\IuriMattos\Music

[2012/09/10 15:07:51 | 000,000,000 | R--D | C] -- C:\Users\IuriMattos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2012/09/10 15:07:51 | 000,000,000 | R--D | C] -- C:\Users\IuriMattos\Links

[2012/09/10 15:07:51 | 000,000,000 | R--D | C] -- C:\Users\IuriMattos\Favorites

[2012/09/10 15:07:51 | 000,000,000 | R--D | C] -- C:\Users\IuriMattos\Downloads

[2012/09/10 15:07:51 | 000,000,000 | R--D | C] -- C:\Users\IuriMattos\Documents

[2012/09/10 15:07:51 | 000,000,000 | R--D | C] -- C:\Users\IuriMattos\Desktop

[2012/09/10 15:07:51 | 000,000,000 | R--D | C] -- C:\Users\IuriMattos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2012/09/10 15:07:51 | 000,000,000 | -HSD | C] -- C:\Users\IuriMattos\AppData\Local\Temporary Internet Files

[2012/09/10 15:07:51 | 000,000,000 | -HSD | C] -- C:\Users\IuriMattos\SendTo

[2012/09/10 15:07:51 | 000,000,000 | -HSD | C] -- C:\Users\IuriMattos\Recent

[2012/09/10 15:07:51 | 000,000,000 | -HSD | C] -- C:\Users\IuriMattos\Modelos

[2012/09/10 15:07:51 | 000,000,000 | -HSD | C] -- C:\Users\IuriMattos\Documents\Minhas músicas

[2012/09/10 15:07:51 | 000,000,000 | -HSD | C] -- C:\Users\IuriMattos\Documents\Minhas imagens

[2012/09/10 15:07:51 | 000,000,000 | -HSD | C] -- C:\Users\IuriMattos\Documents\Meus vídeos

[2012/09/10 15:07:51 | 000,000,000 | -HSD | C] -- C:\Users\IuriMattos\Meus documentos

[2012/09/10 15:07:51 | 000,000,000 | -HSD | C] -- C:\Users\IuriMattos\Menu Iniciar

[2012/09/10 15:07:51 | 000,000,000 | -HSD | C] -- C:\Users\IuriMattos\AppData\Local\Histórico

[2012/09/10 15:07:51 | 000,000,000 | -HSD | C] -- C:\Users\IuriMattos\Dados de aplicativos

[2012/09/10 15:07:51 | 000,000,000 | -HSD | C] -- C:\Users\IuriMattos\AppData\Local\Dados de aplicativos

[2012/09/10 15:07:51 | 000,000,000 | -HSD | C] -- C:\Users\IuriMattos\Cookies

[2012/09/10 15:07:51 | 000,000,000 | -HSD | C] -- C:\Users\IuriMattos\Configurações locais

[2012/09/10 15:07:51 | 000,000,000 | -HSD | C] -- C:\Users\IuriMattos\Ambiente de rede

[2012/09/10 15:07:51 | 000,000,000 | -HSD | C] -- C:\Users\IuriMattos\Ambiente de impressão

[2012/09/10 15:07:51 | 000,000,000 | -H-D | C] -- C:\Users\IuriMattos\AppData

[2012/09/10 15:07:51 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\AppData\Local\Temp

[2012/09/10 15:07:51 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\AppData\Local\Microsoft

[2012/09/10 15:07:51 | 000,000,000 | ---D | C] -- C:\Users\IuriMattos\AppData\Roaming\Media Center Programs

[2012/09/10 15:07:42 | 000,000,000 | -HSD | C] -- C:\Program Files\Common Files\Sistema

[2012/09/10 15:07:42 | 000,000,000 | -HSD | C] -- C:\Recovery

[2012/09/10 15:07:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelos

[2012/09/10 15:07:42 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas músicas

[2012/09/10 15:07:42 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas imagens

[2012/09/10 15:07:42 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Meus vídeos

[2012/09/10 15:07:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Iniciar

[2012/09/10 15:07:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritos

[2012/09/10 15:07:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documentos

[2012/09/10 15:07:42 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dados de aplicativos

[2012/09/10 15:07:42 | 000,000,000 | -HSD | C] -- C:\Arquivos de Programas

[2012/09/10 15:07:42 | 000,000,000 | -HSD | C] -- C:\Program Files\Arquivos Comuns

[2012/09/10 14:57:18 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2012/09/10 14:55:14 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

[2012/09/10 14:54:29 | 000,000,000 | -HSD | C] -- C:\System Volume Information

[2012/09/10 14:53:49 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[2012/09/10 14:53:35 | 000,000,000 | -HSD | C] -- C:\Boot

 

========== Files - Modified Within 30 Days ==========

 

[2012/09/11 11:39:47 | 095,273,638 | ---- | M] () -- C:\Users\IuriMattos\Desktop\Freedom Fighters Summer Mix 2012

[2012/09/11 11:28:47 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

[2012/09/11 11:08:53 | 000,057,397 | ---- | M] () -- C:\Users\IuriMattos\Desktop\552117_522166037797390_1170187949_n.jpg

[2012/09/11 11:05:32 | 015,684,886 | ---- | M] () -- C:\Users\IuriMattos\Desktop\Skazi Freedom Fighters Fallafel.mp3

[2012/09/11 11:05:12 | 009,384,497 | ---- | M] () -- C:\Users\IuriMattos\Desktop\Skazi Freedom Fighters Fallafel.flv

[2012/09/11 10:57:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1607783467-801403553-3036803400-1000UA.job

[2012/09/11 10:22:42 | 000,020,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/09/11 10:22:42 | 000,020,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/09/11 10:18:23 | 000,663,606 | ---- | M] () -- C:\Windows\System32\prfh0416.dat

[2012/09/11 10:18:23 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2012/09/11 10:18:23 | 000,127,896 | ---- | M] () -- C:\Windows\System32\prfc0416.dat

[2012/09/11 10:18:23 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2012/09/11 08:30:21 | 000,000,929 | ---- | M] () -- C:\Users\Public\Desktop\MTA San Andreas 1.3.lnk

[2012/09/11 08:20:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/09/11 08:20:25 | 2608,734,208 | -HS- | M] () -- C:\hiberfil.sys

[2012/09/11 07:40:59 | 000,185,176 | ---- | M] () -- C:\Users\IuriMattos\Desktop\parite-b.png

[2012/09/10 19:58:14 | 000,001,144 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk

[2012/09/10 19:51:21 | 000,000,304 | ---- | M] () -- C:\user.js

[2012/09/10 16:38:51 | 000,001,722 | ---- | M] () -- C:\Users\Public\Desktop\Jogar League Of Legends.lnk

[2012/09/10 16:28:31 | 000,476,960 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\npdeployJava1.dll

[2012/09/10 16:28:31 | 000,472,864 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2012/09/10 16:28:31 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2012/09/10 16:28:31 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2012/09/10 16:28:31 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2012/09/10 16:23:38 | 000,265,944 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2012/09/10 16:01:31 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat

[2012/09/10 16:01:31 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb

[2012/09/10 16:01:31 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll

[2012/09/10 16:01:31 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl

[2012/09/10 16:01:31 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll

[2012/09/10 16:01:31 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll

[2012/09/10 16:01:31 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec

[2012/09/10 16:01:31 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll

[2012/09/10 16:01:31 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll

[2012/09/10 16:01:31 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll

[2012/09/10 16:01:31 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll

[2012/09/10 16:01:31 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll

[2012/09/10 16:01:31 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll

[2012/09/10 16:01:31 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll

[2012/09/10 16:01:31 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll

[2012/09/10 16:01:31 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll

[2012/09/10 16:01:31 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe

[2012/09/10 16:01:31 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe

[2012/09/10 16:01:31 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe

[2012/09/10 16:01:31 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll

[2012/09/10 16:01:31 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll

[2012/09/10 16:01:31 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll

[2012/09/10 16:01:31 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll

[2012/09/10 16:01:31 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll

[2012/09/10 16:01:31 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll

[2012/09/10 16:01:31 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe

[2012/09/10 16:01:31 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe

[2012/09/10 16:01:31 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll

[2012/09/10 16:01:31 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe

[2012/09/10 16:01:31 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf

[2012/09/10 16:01:31 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll

[2012/09/10 16:01:31 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll

[2012/09/10 16:01:31 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll

[2012/09/10 16:01:31 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll

[2012/09/10 16:01:31 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll

[2012/09/10 16:01:31 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll

[2012/09/10 16:01:31 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll

[2012/09/10 16:01:31 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

[2012/09/10 15:57:52 | 000,002,392 | ---- | M] () -- C:\Users\IuriMattos\Desktop\Google Chrome.lnk

[2012/09/10 15:57:00 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1607783467-801403553-3036803400-1000Core.job

[2012/09/10 15:46:02 | 000,001,024 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk

[2012/09/10 14:57:58 | 000,190,868 | ---- | M] () -- C:\Windows\System32\license.rtf

[2012/09/10 14:56:20 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2012/09/10 14:53:37 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK

 

========== Files Created - No Company Name ==========

 

[2012/09/11 11:28:47 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk

[2012/09/11 11:17:27 | 091,036,666 | ---- | C] () -- C:\Users\IuriMattos\Desktop\Freedom Fighters Summer Mix 2012

[2012/09/11 11:08:56 | 000,057,397 | ---- | C] () -- C:\Users\IuriMattos\Desktop\552117_522166037797390_1170187949_n.jpg

[2012/09/11 11:05:15 | 015,684,886 | ---- | C] () -- C:\Users\IuriMattos\Desktop\Skazi Freedom Fighters Fallafel.mp3

[2012/09/11 11:00:38 | 009,384,497 | ---- | C] () -- C:\Users\IuriMattos\Desktop\Skazi Freedom Fighters Fallafel.flv

[2012/09/11 08:30:21 | 000,000,929 | ---- | C] () -- C:\Users\Public\Desktop\MTA San Andreas 1.3.lnk

[2012/09/11 07:40:59 | 000,185,176 | ---- | C] () -- C:\Users\IuriMattos\Desktop\parite-b.png

[2012/09/10 19:58:14 | 000,001,144 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk

[2012/09/10 19:51:21 | 000,000,304 | ---- | C] () -- C:\user.js

[2012/09/10 16:38:51 | 000,001,722 | ---- | C] () -- C:\Users\Public\Desktop\Jogar League Of Legends.lnk

[2012/09/10 16:01:31 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf

[2012/09/10 15:57:52 | 000,002,392 | ---- | C] () -- C:\Users\IuriMattos\Desktop\Google Chrome.lnk

[2012/09/10 15:52:55 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1607783467-801403553-3036803400-1000UA.job

[2012/09/10 15:52:54 | 000,001,046 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1607783467-801403553-3036803400-1000Core.job

[2012/09/10 15:47:23 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll

[2012/09/10 15:47:23 | 000,121,232 | ---- | C] () -- C:\Windows\System32\IScrNB.bmp

[2012/09/10 15:46:02 | 000,001,024 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk

[2012/09/10 15:45:51 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2012/09/10 15:45:43 | 000,039,656 | ---- | C] () -- C:\Windows\System32\OEMLOGO.bmp

[2012/09/10 15:44:56 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

[2012/09/10 15:44:35 | 000,060,254 | ---- | C] () -- C:\Windows\System32\iglhxg32.vp

[2012/09/10 15:44:35 | 000,060,226 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp

[2012/09/10 15:44:35 | 000,060,015 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp

[2012/09/10 15:44:35 | 000,039,440 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp

[2012/09/10 15:44:35 | 000,001,090 | ---- | C] () -- C:\Windows\System32\iglhxa32.vp

[2012/09/10 15:44:32 | 001,921,265 | ---- | C] () -- C:\Windows\System32\iglhxa32.cpa

[2012/09/10 15:43:20 | 000,150,996 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT

[2012/09/10 15:08:05 | 000,001,389 | ---- | C] () -- C:\Users\IuriMattos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2012/09/10 14:57:37 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk

[2012/09/10 14:57:28 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk

[2012/09/10 14:56:20 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2012/09/10 14:54:29 | 2608,734,208 | -HS- | C] () -- C:\hiberfil.sys

[2012/09/10 14:53:37 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK

[2012/09/10 14:53:35 | 000,383,786 | RHS- | C] () -- C:\bootmgr

[2011/04/12 01:47:17 | 000,663,606 | ---- | C] () -- C:\Windows\System32\prfh0416.dat

[2011/04/12 01:47:17 | 000,323,154 | ---- | C] () -- C:\Windows\System32\prfi0416.dat

[2011/04/12 01:47:17 | 000,127,896 | ---- | C] () -- C:\Windows\System32\prfc0416.dat

[2011/04/12 01:47:17 | 000,038,536 | ---- | C] () -- C:\Windows\System32\prfd0416.dat

[2010/11/20 18:29:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

 

< End of report >

 

• OTL-Extras

 

OTL Extras logfile created on: 11/09/2012 11:36:45 - Run 1

OTL by OldTimer - Version 3.2.48.0 Folder = D:\IuriMattos\INSTALADORES_ESSENCIAIS\Analise_Virus

Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

 

3,24 Gb Total Physical Memory | 1,31 Gb Available Physical Memory | 40,53% Memory free

6,48 Gb Paging File | 4,33 Gb Available in Paging File | 66,77% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 74,53 Gb Total Space | 53,89 Gb Free Space | 72,30% Space Free | Partition Type: NTFS

Drive D: | 298,09 Gb Total Space | 63,44 Gb Free Space | 21,28% Space Free | Partition Type: NTFS

 

Computer Name: IURIMATTOS-PC | User Name: IuriMattos | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{09B47CBC-52AC-4350-838A-4E35976BDF68}" = lport=445 | protocol=6 | dir=in | app=system |

"{0CAEC51D-D523-4C4F-92BB-3BC26CFE1E42}" = lport=2869 | protocol=6 | dir=in | app=system |

"{27615537-D8BF-44D6-8C4C-C60CD2BD79DC}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{2B4207A5-74F5-42B9-BCE6-B960117A95C1}" = lport=139 | protocol=6 | dir=in | app=system |

"{3182AFC1-DAA4-4C5E-9B90-B6CA9F963241}" = rport=137 | protocol=17 | dir=out | app=system |

"{363EBE86-70A7-409D-8D0B-9AC2A911DDCC}" = lport=10243 | protocol=6 | dir=in | app=system |

"{37A68111-B80C-4F52-8D9D-EDC2E49BD691}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{38822732-B518-4C48-A356-6572248477F6}" = rport=139 | protocol=6 | dir=out | app=system |

"{38B26FB7-7B02-4C88-865E-B2EEA391D806}" = rport=138 | protocol=17 | dir=out | app=system |

"{3A4EEF15-1EA4-4364-A21E-20E4FE97B73E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{3EEBC9B6-CBA4-4463-89BE-30B2DCDDE079}" = rport=445 | protocol=6 | dir=out | app=system |

"{431D2984-DAA8-4432-B25C-53FBD4192E10}" = rport=10243 | protocol=6 | dir=out | app=system |

"{587F8754-88A6-4C05-83B3-5C6532F46923}" = lport=56949 | protocol=17 | dir=in | name=pando media booster |

"{6881A2F3-FE20-451E-930E-038833C13A2C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{68ED67E4-8683-4137-B338-E1B65B8AF35F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{925D1157-C755-4D6F-B3B5-12DA61D338FA}" = lport=56949 | protocol=6 | dir=in | name=pando media booster |

"{9BBF758A-D72E-4BD8-BF9A-B91CA245E400}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{C314FCE1-A049-4977-BCDD-F24569D1DDA3}" = lport=137 | protocol=17 | dir=in | app=system |

"{CCD2BF73-7352-4E23-ADC9-1C62C9569C2E}" = lport=56949 | protocol=17 | dir=in | name=pando media booster |

"{D737C442-17C9-430E-BCCD-E650184951F3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{D7BA1DE5-F258-4A34-8556-A66CBC650C81}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{E2CFA0EA-BE15-48EC-BE99-7AEF774C4372}" = lport=138 | protocol=17 | dir=in | app=system |

"{E4A97E57-0625-445D-BD6B-952566CB551B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{F7AFC0FE-7AE5-4DB3-9147-82BC00870076}" = lport=56949 | protocol=6 | dir=in | name=pando media booster |

"{F991DAA7-A87E-4F6A-A312-D9C6B47E85D4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{07697FDC-7E4B-47BD-B497-E0DBEBC32AAA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{105F9950-715D-4F4B-BA79-66F5BC3ADF37}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{163E94F5-EBE6-4BE3-8037-5E4683854958}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{231149C1-5FBE-4746-89C9-92C7C6BD9B68}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{3DDFA58F-E6C6-4400-B3F0-92CA24C03074}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{3E94EC14-459C-4DA3-9C72-E5978E9CF001}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"{4C1C0D38-A180-4A9D-9D89-E9329A657D92}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{5CA555C3-2E9F-4298-A1A9-CE3555350160}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{773AACCF-6521-4DC1-899A-AD6EF3C2FDE2}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |

"{7C76CB5D-0068-48FC-AFF7-2D0EDEA6E3CD}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |

"{7D4FC4A7-20C3-4D53-9BE9-B8C5580C6E33}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{838809BF-1D84-4398-A5B4-3EFA84926752}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{8B441377-3FDF-4F1F-BA3D-1238E7250A50}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{8FE5C78C-4B5E-43D2-AE7B-C028EA38BF2B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{9083F924-C23F-4805-A1A9-D014F58A751A}" = protocol=6 | dir=out | app=system |

"{A305C040-41C7-46D7-B2BF-BBCBF5665D5F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{A5211611-265B-4DC6-85C9-EB9869FA57A1}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |

"{B6AB54D0-32CD-43C9-B120-67C483F5797F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{CBD0C6B3-C17D-450F-823C-101576F575FE}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |

"{E365FAAC-E1ED-42FF-99A8-B20CF5162173}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |

"{E543F68C-5835-4A41-9338-9E6587D64843}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{F49A65AD-4500-42D5-BEE8-5F69D3BECA89}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"TCP Query User{AF6CFFA3-8255-4051-8E52-C230D8DBC7BA}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |

"UDP Query User{FD3F5F44-D807-4A85-91C0-06F5683E30F9}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager

"{20A15757-4AE4-3C82-9711-863C84AFE6AA}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack

"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java 6 Update 32

"{32A3A4F4-B792-11D6-A78A-00B0D0160320}" = Java SE Development Kit 6 Update 32

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{73EC658D-A1C6-40CA-8E86-E05821BAACE7}" = Java DB 10.6.2.1

"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar

"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{BDDF6AEE-7AD7-4CDA-B57F-5BDF9417AD4F}" = Foxit Reader

"{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}" = BabylonObjectInstaller

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"aTube Catcher" = aTube Catcher

"BabylonToolbar" = Babylon toolbar on IE

"HDMI" = Intel® Graphics Media Accelerator Driver

"KLiteCodecPack_is1" = K-Lite Codec Pack 8.4.0 (Full)

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)

"MTA:SA 1.3" = MTA:SA v1.3

"TVWiz" = Intel® TV Wizard

 

========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{79A765E1-C399-405B-85AF-466F52E918B0}" = Ask Toolbar Updater

"Google Chrome" = Google Chrome

 

========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 10/09/2012 18:57:59 | Computer Name = IuriMattos-PC | Source = Application Error | ID = 1000

Description = Nome de aplicativo com falha: APN_ATU3_.exe, versão: 2.6.7.0, carimbo

de hora: 0x5049f43b Nome do módulo de falhas: jscript9.dll_unloaded, versão: 0.0.0.0,

carimbo de hora: 0x4fecf3f0 Código de exceção: 0xc0000005 Deslocamento com falha:

0x6a2fb796 Identificação do processo com falha: 0xea4 Hora de início do aplicativo

com falha: 0x01cd8fa7a3d6a091 Caminho do aplicativo com falha: C:\Users\IURIMA~1\AppData\Local\Temp\20CAE8E7-4089-4C24-90FB-E9ED753184D2\APN_ATU3_.exe

FCaminho

do módulo de falhas: jscript9.dll Identificação do Relatório: f6d7bf8f-fb9a-11e1-b54b-001fe23188ce

 

Error - 10/09/2012 19:57:02 | Computer Name = IuriMattos-PC | Source = Application Error | ID = 1000

Description = Nome de aplicativo com falha: GoogleUpdate.exe, versão: 1.3.21.103,

carimbo de hora: 0x4f3c6d6c Nome do módulo de falhas: GoogleUpdate.exe, versão:

1.3.21.103, carimbo de hora: 0x4f3c6d6c Código de exceção: 0xc0000005 Deslocamento

com falha: 0x0001e015 Identificação do processo com falha: 0x16e8 Hora de início

do aplicativo com falha: 0x01cd8faff7c293eb Caminho do aplicativo com falha: C:\Users\IuriMattos\AppData\Local\Google\Update\GoogleUpdate.exe

FCaminho

do módulo de falhas: C:\Users\IuriMattos\AppData\Local\Google\Update\GoogleUpdate.exe

Identificação

do Relatório: 36e272f4-fba3-11e1-b54b-001fe23188ce

 

Error - 10/09/2012 20:57:00 | Computer Name = IuriMattos-PC | Source = Application Error | ID = 1000

Description = Nome de aplicativo com falha: GoogleUpdate.exe, versão: 1.3.21.103,

carimbo de hora: 0x4f3c6d6c Nome do módulo de falhas: GoogleUpdate.exe, versão:

1.3.21.103, carimbo de hora: 0x4f3c6d6c Código de exceção: 0xc0000005 Deslocamento

com falha: 0x0001e015 Identificação do processo com falha: 0xf70 Hora de início do

aplicativo com falha: 0x01cd8fb859785e1c Caminho do aplicativo com falha: C:\Users\IuriMattos\AppData\Local\Google\Update\GoogleUpdate.exe

FCaminho

do módulo de falhas: C:\Users\IuriMattos\AppData\Local\Google\Update\GoogleUpdate.exe

Identificação

do Relatório: 9756e5e2-fbab-11e1-b54b-001fe23188ce

 

Error - 10/09/2012 23:06:32 | Computer Name = IuriMattos-PC | Source = Application Error | ID = 1000

Description = Nome de aplicativo com falha: GoogleUpdate.exe, versão: 1.3.21.103,

carimbo de hora: 0x4f3c6d6c Nome do módulo de falhas: GoogleUpdate.exe, versão:

1.3.21.103, carimbo de hora: 0x4f3c6d6c Código de exceção: 0xc0000005 Deslocamento

com falha: 0x0001e015 Identificação do processo com falha: 0x680 Hora de início do

aplicativo com falha: 0x01cd8fca71953dc8 Caminho do aplicativo com falha: C:\Users\IuriMattos\AppData\Local\Google\Update\GoogleUpdate.exe

FCaminho

do módulo de falhas: C:\Users\IuriMattos\AppData\Local\Google\Update\GoogleUpdate.exe

Identificação

do Relatório: afc67a82-fbbd-11e1-b54b-001fe23188ce

 

Error - 11/09/2012 06:18:35 | Computer Name = IuriMattos-PC | Source = Application Error | ID = 1000

Description = Nome de aplicativo com falha: GoogleUpdate.exe, versão: 1.3.21.103,

carimbo de hora: 0x4f3c6d6c Nome do módulo de falhas: GoogleUpdate.exe, versão:

1.3.21.103, carimbo de hora: 0x4f3c6d6c Código de exceção: 0xc0000005 Deslocamento

com falha: 0x0001e015 Identificação do processo com falha: 0x8e4 Hora de início do

aplicativo com falha: 0x01cd9006cca87856 Caminho do aplicativo com falha: C:\Users\IuriMattos\AppData\Local\Google\Update\GoogleUpdate.exe

FCaminho

do módulo de falhas: C:\Users\IuriMattos\AppData\Local\Google\Update\GoogleUpdate.exe

Identificação

do Relatório: 0b4ef3b3-fbfa-11e1-8a0e-001fe23188ce

 

Error - 11/09/2012 06:19:44 | Computer Name = IuriMattos-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 11/09/2012 06:26:39 | Computer Name = IuriMattos-PC | Source = MsiInstaller | ID = 11722

Description =

 

Error - 11/09/2012 06:38:28 | Computer Name = IuriMattos-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 11/09/2012 07:22:13 | Computer Name = IuriMattos-PC | Source = WinMgmt | ID = 10

Description =

 

Error - 11/09/2012 07:23:38 | Computer Name = IuriMattos-PC | Source = SideBySide | ID = 16842785

Description = Falha na geração de contexto de ativação para "D:\IuriMattos\Multi

Theft Auto\mta\netc.dll". Assembly dependente Microsoft.VC90.OpenMP,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"

não pôde ser localizado. Use o arquivo sxstrace.exe para obter um diagnóstico detalhado.

 

[ System Events ]

Error - 10/09/2012 15:27:07 | Computer Name = IuriMattos-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20

Description = Falha na Instalação: o Windows não pôde instalar a seguinte atualização

com o erro 0x80242016: Atualização de segurança do Internet Explorer 8 para o Windows

7 (KB2544521).

 

Error - 11/09/2012 06:18:11 | Computer Name = IuriMattos-PC | Source = Service Control Manager | ID = 7026

Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema

ou de inicialização: cdrom

 

Error - 11/09/2012 06:34:17 | Computer Name = IuriMattos-PC | Source = DCOM | ID = 10000

Description =

 

Error - 11/09/2012 06:34:24 | Computer Name = IuriMattos-PC | Source = Service Control Manager | ID = 7006

Description = A chamada ScRegSetValueExW falhou para Start com o seguinte erro:

%%5

 

Error - 11/09/2012 06:34:26 | Computer Name = IuriMattos-PC | Source = DCOM | ID = 10000

Description =

 

Error - 11/09/2012 06:34:28 | Computer Name = IuriMattos-PC | Source = Service Control Manager | ID = 7006

Description = A chamada ScRegSetValueExW falhou para Start com o seguinte erro:

%%5

 

Error - 11/09/2012 06:34:35 | Computer Name = IuriMattos-PC | Source = DCOM | ID = 10000

Description =

 

Error - 11/09/2012 06:36:54 | Computer Name = IuriMattos-PC | Source = Service Control Manager | ID = 7026

Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema

ou de inicialização: cdrom

 

Error - 11/09/2012 07:20:36 | Computer Name = IuriMattos-PC | Source = Service Control Manager | ID = 7026

Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema

ou de inicialização: cdrom

 

Error - 11/09/2012 08:15:49 | Computer Name = IuriMattos-PC | Source = bowser | ID = 8003

Description =

 

 

< End of report >

 

Ja usei, vários aplicativos.

 

Combofix, GMER, MalwareBytes, Kaspersky Virus Removal Tool Versão 11 faltando apenas o aswclnr que segue abaixo.

 

• aswclnr (MUITO GRANDE USEI O SHARETEXT)

 

http://sharetext.org/xYoj

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa tarde IuriMattos

 

 

:seta: Faça um novo scan com o aswclnr

 

*Caso os resultados sejam os mesmos, recomendo que formate o PC, pois este worm contamina todos os executáveis e seu PC está muito comprometido. Caso a formatação seja necessária, não salve arquivos .exe.

 

*Formate todas as partições.

 

*Instale o Windows, Office e um antivírus.

 

 

Um abraço.

Compartilhar este post


Link para o post
Compartilhar em outros sites

:seta: Delete o aswclnr e seu relatório

 

 

:seta: Baixe o AdwCleaner (...de Xplode) e salve-o no desktop (Área de Trabalho)

 

*Execute-o. Usuários do Windows Vista ou do Windows 7 devem clicar com o botão direito do mouse no arquivo e selecionar Executar como administrador

 

acbFQ3lq.jpg

 

*Clique [Delete]

 

*Cole o relatório apresentado

 

 

:seta: Instale o MalwareBytes

 

*Aguarde a atualização e o programa será aberto automaticamente

 

*Selecione [Verificação completa]

 

aakM9yex.jpg

 

*Clique [Verificar] e selecione a partição onde o Windows está instalado ( geralmente C:\ )

 

*Clique [Verificar]

 

*Ao término, clique [OK] > [Ver Resultados] > [Remover Selecionados]

 

*Cole o relatório apresentado

Compartilhar este post


Link para o post
Compartilhar em outros sites

No relatório do Malwarebytes, todas as opções estão: Nenhuma ação foi feita.

 

 

Você selecionou todos os resultados encontrados e clicou em [Remover selecionados]?

 

Refaça novamente o scan, amigo, está cheio de bicho ainda por aí.

Compartilhar este post


Link para o post
Compartilhar em outros sites

:seta: Faça um scan online com o NOD32

 

th_Nod32.gif

 

*Ao término cole o relatório criado em C:\Program Files (x86)\ESET\ESET Online Scanner\log

Compartilhar este post


Link para o post
Compartilhar em outros sites

Não vamos perder tempo.

 

O PC ainda está muito comprometido.

 

Há arquivos contaminados que não foram resolvidos. A contaminação é problemática.

 

Formate todas as partições do PC e não salve nenhum aplicativo.

 

Após formatação, instale logo um antivírus.

 

 

Um abraço.

Compartilhar este post


Link para o post
Compartilhar em outros sites

PROBLEMA RESOLVIDO

 

Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.