[Resolvido] &nbsp log do HijackThis

ilkkinha · Outubro 12, 2012

Bom dia!

Por favor, será que alguém poderia avaliar o log do HijackThis para mim? Estava tentando tirar malwares do meu pc, após passar o spybot, após reiniciar o spybot passou de novo e ficou aparecendo uma janela preta piscando com o nome do system 32. Depois de várias "piscadas" o windows iniciou normalmente, porém a página do google que eu coloquei como página inicial, ficou bloqueada.

Grata

Ilkinha

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:24:30, on 12/10/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16450)

Boot mode: Normal

Running processes:

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Real\RealPlayer\Update\realsched.exe

C:\Program Files\PSafe\PSafeSysTray.exe

C:\Program Files\Elantech\ETDCtrl.exe

C:\windows\system32\taskeng.exe

C:\Program Files\CyberLink\YouCam\YCMMirage.exe

C:\Program Files\PSafe\PSafeWDS.exe

C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe

C:\Users\Felipe\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000&st=10&barid={EACC4AD3-9F51-4B94-B191-09E2B351D4BA}

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files\PriceGong\2.6.4\PriceGongIE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL

O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (file missing)

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll

O2 - BHO: Samsung BHO Helper - {AA609D72-8482-4076-8991-8CDAE5B93BCB} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll

O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\Softonic\1.5.24.3\bh\Softonic.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll

O3 - Toolbar: Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.5.24.3\SoftonicTlbr.dll

O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (file missing)

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\Update\realsched.exe" -osboot

O4 - HKLM\..\Run: [PSafeSysTray] "C:\Program Files\PSafe\PSafeSysTray.exe"

O4 - HKLM\..\Run: [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Samsung AnyWeb Print - {328ECD19-C167-40eb-A0C7-16FE7634105E} - C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: AMD External Events Utility - AMD - C:\windows\system32\atiesrxx.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe

O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe

O23 - Service: PSafeLockBoxSvc - PSafe - C:\Program Files\PSafe\PSafeCategoryFinder.exe

O23 - Service: PSafeSVC - PSafe S/A - C:\Program Files\PSafe\PSafesvc.exe

O23 - Service: PSafeWD - PSafe - C:\Program Files\PSafe\PSafeWD.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

O23 - Service: Samsung UPD Service - Samsung Electronics CO., LTD. - C:\windows\System32\SUPDSvc.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: vToolbarUpdater12.2.6 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe

O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

O23 - Service: WebOptimizer - Unknown owner - C:\windows\system32\dmwu.exe

--

End of file - 7292 bytes

DigRam · Outubro 12, 2012

Boa Tarde! ilkkinha

|- Desinstale o Spybot! <- Software ultrapassado!

-/-

|- Baixe: < > ( ... par Xplode )

|- Ao acessar,clique na imagem: < >

|- Salve-o no desktop!

|- Clique direito em adwcleaner.exe,e escolha sua execução como "administrador".

|- Ps: Dê início ao scan,clicando em "Delete" ou "Suppression".

|- Ao concluir,poste o relatório: C:\AdwCleaner[S1].txt

Abs!

ilkkinha · Outubro 12, 2012

Muito obrigada. segue o log solicitado

# AdwCleaner v2.004 - Logfile created 10/12/2012 at 19:20:03

# Updated 06/10/2012 by Xplode

# Operating system : Windows 7 Starter Service Pack 1 (32 bits)

# User : Felipe - FELIPEBADARO

# Boot Mode : Normal

# Running from : C:\Users\Felipe\Downloads\adwcleaner.exe

# Option [Delete]

***** [services] *****

Stopped & Deleted : Web Assistant Updater

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search

File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml

File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

File Deleted : C:\user.js

Folder Deleted : C:\Program Files\AVG Secure Search

Folder Deleted : C:\Program Files\PriceGong

Folder Deleted : C:\Program Files\Softonic

Folder Deleted : C:\Program Files\Web Assistant

Folder Deleted : C:\ProgramData\AVG Secure Search

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong

Folder Deleted : C:\Users\Felipe\AppData\Local\AVG Secure Search

Folder Deleted : C:\Users\Felipe\AppData\Local\Temp\avg@toolbar

Folder Deleted : C:\Users\Felipe\AppData\LocalLow\AVG Secure Search

Folder Deleted : C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\eqqhlhiz.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Key Deleted : HKCU\Software\IM

Key Deleted : HKCU\Software\ImInstaller

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77}

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\PriceGongIE.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}

Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc

Key Deleted : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1

Key Deleted : HKLM\SOFTWARE\Classes\I

Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd

Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1

Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr

Key Deleted : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1

Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore

Key Deleted : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}

Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils

Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1

Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator

Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1

Key Deleted : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO

Key Deleted : HKLM\SOFTWARE\Classes\PriceFactorIE.PriceGongBHO.1

Key Deleted : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl

Key Deleted : HKLM\SOFTWARE\Classes\PriceGongIE.PriceGongCtrl.1

Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol

Key Deleted : HKLM\SOFTWARE\Classes\S

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd

Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1

Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr

Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1

Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore

Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1

Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc

Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

Key Deleted : HKLM\Software\incredibar.com

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\NEW_CORRECT_incredibar_install_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\incredibar

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\Software\Softonic

Key Deleted : HKLM\Software\Web Assistant

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{5018CFD2-804D-4C99-9F81-25EAEA2769DE}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{F9639E4A-801B-4843-AEE3-03D9DA199E77}]

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://home.sweetim.com/?crg=3.1010000&st=10&barid={EACC4AD3-9F51-4B94-B191-09E2B351D4BA} --> hxxp://www.google.com

Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.softonic.com/MON00082/tb_v1?SearchSource=15&cc= --> hxxp://www.google.com

-\\ Mozilla Firefox v15.0.1 (pt-BR)

Profile name : default

File : C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\eqqhlhiz.default\prefs.js

C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\eqqhlhiz.default\user.js ... Deleted !

Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\12.2.5.34");

Deleted : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=108293&tt=040912_ccp_3612_2&babsrc[...]

Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");

Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");

Deleted : user_pref("extensions.BabylonToolbar.admin", false);

Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst");

Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");

Deleted : user_pref("extensions.BabylonToolbar.autoRvrt", "false");

Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en");

Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false);

Deleted : user_pref("extensions.BabylonToolbar.id", "4cbdc239000000000000e81132aede30");

Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15588");

Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");

Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");

Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]

Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");

Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");

Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");

Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=108293&tt=040912_ccp_3612_2");

Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);

Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.121:58:22");

Deleted : user_pref("extensions.Softonic.admin", false);

Deleted : user_pref("extensions.Softonic.aflt", "orgnl");

Deleted : user_pref("extensions.Softonic.autoRvrt", "false");

Deleted : user_pref("extensions.Softonic.cntry", "BR");

Deleted : user_pref("extensions.Softonic.cv", "cv5");

Deleted : user_pref("extensions.Softonic.dfltLng", "");

Deleted : user_pref("extensions.Softonic.dfltSrch", true);

Deleted : user_pref("extensions.Softonic.dfltlng", "br");

Deleted : user_pref("extensions.Softonic.dfltsrch", true);

Deleted : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");

Deleted : user_pref("extensions.Softonic.dspOld", "");

Deleted : user_pref("extensions.Softonic.envrmnt", "production");

Deleted : user_pref("extensions.Softonic.excTlbr", false);

Deleted : user_pref("extensions.Softonic.hdrMd5", "761F1209EA40C4F876BC54DCF35E1152");

Deleted : user_pref("extensions.Softonic.hmpg", true);

Deleted : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MON00082/tb_v1?SearchSource=13&[...]

Deleted : user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/MON00082/tb_v1?SearchSource=13&cc[...]

Deleted : user_pref("extensions.Softonic.hpOld", "");

Deleted : user_pref("extensions.Softonic.hrdid", "4cbdc239000000000000e81132aede30");

Deleted : user_pref("extensions.Softonic.id", "4cbdc239000000000000e81132aede30");

Deleted : user_pref("extensions.Softonic.instlDay", "15518");

Deleted : user_pref("extensions.Softonic.instlRef", "MON00001");

Deleted : user_pref("extensions.Softonic.instlday", "15518");

Deleted : user_pref("extensions.Softonic.instlref", "MON00001");

Deleted : user_pref("extensions.Softonic.isDcmntCmplt", false);

Deleted : user_pref("extensions.Softonic.isdcmntcmplt", "false");

Deleted : user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/MON00082/tb_v1?SearchSource=[...]

Deleted : user_pref("extensions.Softonic.keywordurl", "hxxp://search.softonic.com/MON00082/tb_v1?SearchSource=[...]

Deleted : user_pref("extensions.Softonic.lastVrsnTs", "1.5.24.310:31:59");

Deleted : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");

Deleted : user_pref("extensions.Softonic.newTab", false);

Deleted : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MON00082/tb_v1?SearchSource=1[...]

Deleted : user_pref("extensions.Softonic.newtab", true);

Deleted : user_pref("extensions.Softonic.newtaburl", "hxxp://search.softonic.com/MON00082/tb_v1?SearchSource=1[...]

Deleted : user_pref("extensions.Softonic.prdct", "Softonic");

Deleted : user_pref("extensions.Softonic.propectorlck", 88581622);

Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");

Deleted : user_pref("extensions.Softonic.prtnrid", "softonic");

Deleted : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]

Deleted : user_pref("extensions.Softonic.savedVrsnTs", "1");

Deleted : user_pref("extensions.Softonic.sg", "az");

Deleted : user_pref("extensions.Softonic.smplGrp", "none");

Deleted : user_pref("extensions.Softonic.smplgrp", "none");

Deleted : user_pref("extensions.Softonic.srch", "");

Deleted : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");

Deleted : user_pref("extensions.Softonic.srchprvdr", "Search the web (Softonic)");

Deleted : user_pref("extensions.Softonic.tlbrId", "base");

Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00001/tb_v1?SearchSource[...]

Deleted : user_pref("extensions.Softonic.tlbrid", "base");

Deleted : user_pref("extensions.Softonic.tlbrsrchurl", "hxxp://search.softonic.com/MON00001/tb_v1?SearchSource[...]

Deleted : user_pref("extensions.Softonic.vrsn", "1.5.24.3");

Deleted : user_pref("extensions.Softonic.vrsnTs", "1.5.24.310:31:59");

Deleted : user_pref("extensions.Softonic.vrsni", "1.5.24.3");

Deleted : user_pref("extensions.Softonic.vrsnts", "1.5.24.310:31:59");

Deleted : user_pref("extensions.Softonic_i.dnsErr", true);

Deleted : user_pref("extensions.Softonic_i.hmpg", true);

Deleted : user_pref("extensions.Softonic_i.newTab", false);

Deleted : user_pref("extensions.Softonic_i.smplGrp", "none");

Deleted : user_pref("extensions.Softonic_i.vrsnTs", "1.5.24.310:31:59");

Deleted : user_pref("extensions.incredibar.cntry", "BR");

Deleted : user_pref("extensions.incredibar.did", "10665");

Deleted : user_pref("extensions.incredibar.envrmnt", "production");

Deleted : user_pref("extensions.incredibar.hdrMd5", "");

Deleted : user_pref("extensions.incredibar.hmpg", false);

Deleted : user_pref("extensions.incredibar.installerproductid", "26");

Deleted : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1416:29:52");

Deleted : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");

Deleted : user_pref("extensions.incredibar.newTab", false);

Deleted : user_pref("extensions.incredibar.ppd", "");

Deleted : user_pref("extensions.incredibar.productid", "26");

Deleted : user_pref("extensions.incredibar.sg", "none");

Deleted : user_pref("extensions.incredibar.smplGrp", "none");

Deleted : user_pref("extensions.incredibar.upn2", "6R8v6xQKCP");

Deleted : user_pref("extensions.incredibar.upn2n", "92824484594721935");

Deleted : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1416:29:52");

Deleted : user_pref("extensions.incredibar_i.aflt", "orgnl");

Deleted : user_pref("extensions.incredibar_i.dfltLng", "");

Deleted : user_pref("extensions.incredibar_i.did", "10665");

Deleted : user_pref("extensions.incredibar_i.excTlbr", false);

Deleted : user_pref("extensions.incredibar_i.id", "4cbdc239000000000000e81132aede30");

Deleted : user_pref("extensions.incredibar_i.installerproductid", "26");

Deleted : user_pref("extensions.incredibar_i.instlDay", "15496");

Deleted : user_pref("extensions.incredibar_i.instlRef", "");

Deleted : user_pref("extensions.incredibar_i.ms_url_id", "");

Deleted : user_pref("extensions.incredibar_i.newTab", false);

Deleted : user_pref("extensions.incredibar_i.ppd", "");

Deleted : user_pref("extensions.incredibar_i.prdct", "incredibar");

Deleted : user_pref("extensions.incredibar_i.productid", "26");

Deleted : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");

Deleted : user_pref("extensions.incredibar_i.smplGrp", "none");

Deleted : user_pref("extensions.incredibar_i.tlbrId", "base");

Deleted : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8v6xQKCP&loc=IB[...]

Deleted : user_pref("extensions.incredibar_i.upn2", "6R8v6xQKCP");

Deleted : user_pref("extensions.incredibar_i.upn2n", "92824484594721935");

Deleted : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");

Deleted : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1416:29:52");

Deleted : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");

Deleted : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid=%7B3bae0627-eb6e-4421-b169-bda2e71dafc8[...]

Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxp://search.babylon.c[...]

Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://search.babyl[...]

Deleted : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

*************************

AdwCleaner[s1].txt - [25566 octets] - [12/10/2012 19:20:03]

########## EOF - C:\AdwCleaner[s1].txt - [25627 octets] ##########

DigRam · Outubro 12, 2012

Boa Noite! ilkkinha

|- Baixe: < > ( ... par Nicolas Coolman )

|- Salve-o no desktop!

|- Desabilite seu antivírus!

|- Caso utilize o Avast,estabeleça esta configuração à SandBox.

|- Para Windows Vista ou 7,clique direito e execute o arquivo como administrador.

|- Aguarde a conclusão do scan e clique em "Copier". <- Aguarde!

|- Além do relatório,teremos no desktop: ZHP_uninstall, MBRCheck, ZHPDiag, ZHPFix

|- Poste e/ou cole aqui,o link que será gerado,logo após o relatório.

Abs!

ilkkinha · Outubro 13, 2012

não consegui ver o link apenas o relatório

Rapport de ZHPDiag v1.31.24 par Nicolas Coolman, Update du 22/09/2012

Run by Felipe at 13/10/2012 16:15:02

Web site : http://nicolascoolman.skyrock.com/

State :

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421

MFIE: Mozilla Firefox 15.0.1 v15.0.1 (Defaut)

GCIE: Google Chrome

---\\ Windows Product Information

~ Langage: Anglais

Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

---\\ System Information

~ Processor: x86 Family 20 Model 2 Stepping 0, AuthenticAMD

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 1788 MB (52% free)

System Restore: Activé (Enable)

System drive C: has 62 GB (54%) free of 113 GB

---\\ Logged in mode

~ Computer Name: FELIPEBADARO

~ User Name: Felipe

~ All Users Names: Felipe, Convidado, Administrador,

~ Unselected Option: O45,O61,O62,O65,O82

Logged in as Administrator

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\Felipe\AppData\Roaming\

~ %Desktop% : C:\Users\Felipe\Desktop\

~ %Favorites% : C:\Users\Felipe\Favorites\

~ %LocalAppData% : C:\Users\Felipe\AppData\Local\

~ %StartMenu% : C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\System32\

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 62 Go of 113 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 35 Go of 168 Go)

E:\ CD-ROM drive (Free 0 Go of 2 Go)

F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

---\\ Security Center & Tools Informations

UAC deactivate by program

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

~ Scan Security Center in 00mn 00s

---\\ Search Generic System Files

[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Windows Explorer.) (.25/02/2011 - 02:30:54.) -- C:\Windows\Explorer.exe [2616320]

[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\System32\Wininit.exe [96256]

[MD5.5553611E2F9EA6F613079177F1233068] - (.Microsoft Corporation - Internet Extensions para Win32.) (.24/08/2012 - 03:51:27.) -- C:\Windows\System32\wininet.dll [1129472]

[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.20/11/2010 - 18:29:06.) -- C:\Windows\System32\Winlogon.exe [286720]

[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioteca de Licenciamento de Software.) (.20/11/2010 - 18:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]

[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.24/04/2011 - 23:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]

[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]

[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]

[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]

[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]

[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 18:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]

[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]

[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]

[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.26/04/2011 - 23:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]

[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 18:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]

[MD5.0D87503986BB3DFED58E343FE39DDE13] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.31/08/2012 - 14:18:09.) -- C:\Windows\system32\Drivers\ntfs.sys [1211760]

[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]

[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]

[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]

[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 18:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]

[MD5.C37AEE5966EB5929E2051AC7409B5730] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.25/02/2011 - 02:40:54.) -- C:\Windows\system32\Drivers\volsnap.sys [246144]

~ Scan Generic Processes in 00mn 00s

---\\ Hidden files state (Hidden/Total)

~ Mes Favoris (My Favorites) : 1/8

~ Mes Documents (My Documents) : 1/18

~ Mon Bureau (My Desktop) : 1/197

~ Menu demarrer (Programs) : 1/22

~ Scan Hidden Files in 00mn 00s

---\\ Running Processes

[MD5.E78A365CC3E0FBFC018A33DCE01909F8] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [130008] [PID.]

[MD5.141EE12CB2423FF8C7DE30DE66A1ACA1] - (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11463272] [PID.3524]

[MD5.8E53B67FA3816E854B07C5DC66E10730] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [296056] [PID.3556]

[MD5.9A82F53D7B860CCDF48250869C7684C9] - (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe [2193744] [PID.3688]

[MD5.D6C4B257BBD494F08B2984E533B072A0] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [945232] [PID.4060]

[MD5.B00F98FF6FE8682FF941BEB2559BF191] - (.CyberLink - YouCam Mirage.) -- C:\Program Files\CyberLink\YouCam\YCMMirage.exe [136488] [PID.4068]

[MD5.CAF103ABAE8D7AC48C6283C9EA0C942F] - (.Samsung Electronics Co., Ltd. - Wifi Manager.) -- C:\Program Files\Samsung\Easy Display Manager\WifiManager.exe [7060560] [PID.2164]

[MD5.144E681D7ECCCEF7984BCEB10209933D] - (.ELAN Microelectronics Corp. - ETD Control Center Helper.) -- C:\Program Files\Elantech\ETDCtrlHelper.exe [1643344] [PID.3360]

[MD5.9C376F42BDE37F18D0A39AF7415D9BE6] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [917984] [PID.508]

[MD5.7F6EC840E0954055D58CD57B6ACA9D92] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16864] [PID.2596]

[MD5.3A93E2D1CD533B894B834DB23DB044A6] - (.Adobe Systems, Inc. - Adobe Flash Player 11.4 r402.) -- C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe [1807800] [PID.3776]

[MD5.EE34DEB598BFB6E0FAF3C483AA3E73F8] - (.SEC - Samsung Recovery Solution 5.) -- C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [4399696] [PID.4320]

[MD5.D9C70E8552670E7A67778ED238C18975] - (.Samsung Electronics Co., Ltd. - Smart Restarter Program.) -- C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2208624] [PID.4968]

[MD5.9F71DDE0A8C47254B9DA3AB6094915CC] - (.Samsung Electronics Co., Ltd. - MovieColorEnhancer.exe.) -- C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [775848] [PID.5372]

[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.5428]

[MD5.2C7CF4D4A17B5765E23F6B82C16AF4EB] - (.CyberLink Corp. - Media+Player RC Service.) -- C:\Program Files\CyberLink\Media+Player10\Media+Player10Serv.exe [87336] [PID.5452]

[MD5.5AFC1F763562C453C64B70886B460CDD] - (.Samsung Electronics Co., Ltd. - EasySpeedUpManager.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [719360] [PID.5600]

[MD5.1E20F1E969193B6763630EAC6CFDC2EB] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [1757264] [PID.5664]

[MD5.C861851A0BBD9903E324487011AA3705] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [299008] [PID.6020]

[MD5.D28C5A1411BB0B47E05E0D6AAF896690] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [299008] [PID.2880]

[MD5.B8C44BF5A86B4662458F4AA8F901C94B] - (.Samsung Electronics - Samsung Update Plus Background.) -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2782064] [PID.4460]

[MD5.E897110EE5E67FABB83B154DF9C68D6A] - (...) -- C:\Users\Felipe\Desktop\ZHPDiag_silent.exe [794216] [PID.5148]

[MD5.A1999D0386C241AACEA536FF39E6E2D9] - (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [3765248] [PID.5828]

~ Scan Processes Running in 00mn 02s

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)

C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\eqqhlhiz.default\prefs.js

M3 - MFPP: Plugins - [Felipe] -- C:\Program Files\Mozilla FireFox\searchplugins\buscape.xml

M3 - MFPP: Plugins - [Felipe] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [Felipe] -- C:\Program Files\Mozilla FireFox\searchplugins\mercadolivre.xml

M3 - MFPP: Plugins - [Felipe] -- C:\Program Files\Mozilla FireFox\searchplugins\twitter.xml

M3 - MFPP: Plugins - [Felipe] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-br.xml

M3 - MFPP: Plugins - [Felipe] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-br.xml

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10329.0.) -- C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@real.com/nppl3260;version=15.0.4.53] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

P2 - FPN: [HKLM] [@real.com/nprjplug;version=15.0.4.53] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

P2 - FPN: [HKLM] [@real.com/nprpchromebrowserrecordext;version=15.0.4.53] - (.RealNetworks, Inc. - RealNetworks RealPlayer Chrome Background Extension Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrec

P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=15.0.4.53] - (.RealNetworks, Inc. - RealPlayer HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

P2 - FPN: [HKLM] [@real.com/nprpplugin;version=15.0.4.53] - (.RealPlayer - RealPlayer Download Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll

P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (...) -- C:\Users\Felipe\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (.not file.)

~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung.msn.com

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.google.com

R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

---\\ Changed inifile Value, Mapped to Registry (F2)

F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\Windows\explorer.exe

F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

---\\ Hosts file redirection (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

~ Nombre de lignes (Lines number): 20

---\\ Browser Helper Objects (O2)

O2 - BHO: (no name) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} Orphean Key

O2 - BHO: (no name) - {3049C3E9-B461-4BC5-8870-4C09146192CA} Orphean Key

O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} Orphean Key

O2 - BHO: (no name) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} Orphean Key

O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} Orphean Key

O2 - BHO: (no name) - {AA609D72-8482-4076-8991-8CDAE5B93BCB} Orphean Key

~ Scan BHO in 00mn 00s

---\\ Internet Explorer toolbars (O3)

O3 - Toolbar: (no name) - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (...) -- (.not file.)

~ Scan Toolbar in 00mn 00s

---\\ Auto loading programs from Registry and folders (O4)

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gerenciador de áudio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe

O4 - HKLM\..\Run: [PSafeSysTray] . (.PSafe - PSafe System Tray.) -- C:\Program Files\PSafe\PSafeSysTray.exe

O4 - HKLM\..\Run: [ETDCtrl] . (.ELAN Microelectronics Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

~ Scan Application in 00mn 00s

---\\ Other User Links (O4)

O4 - Global Startup: C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Felipe\Desktop\MBRCheck.lnk . (...) -- C:\Program Files\ZHPDiag\mbrcheck.exe

O4 - Global Startup: C:\Users\Felipe\Desktop\ZHPDiag.lnk . (...) -- C:\Program Files\ZHPDiag\ZHPDiags.exe

O4 - Global Startup: C:\Users\Felipe\Desktop\ZHPFix.lnk . (...) -- C:\Program Files\ZHPDiag\ZHPFix.exe

O4 - Global Startup: C:\Users\Felipe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Felipe\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MP3 Cutter.lnk . (.MP3 Cutter, Inc..) -- C:\MP3Cutter\MP3Cutter.exe

~ Scan Global Startup in 00mn 00s

---\\ IE Options icon not visible in Control Panel (O5)

O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no

~ Scan IE Control Panel in 00mn 00s

---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {328ECD19-C167-40eb-A0C7-16FE7634105E} . (...) -- C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll

~ Scan IE Extra Buttons in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\windows\system32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\windows\system32\wshbth.dll

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll

O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll

~ Scan Winsock in 00mn 00s

---\\ Lop.com/Domain Hijackers (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{30BCAC89-9D8E-4D4F-BEB6-76743329E5A8}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{A057F364-69DB-4F24-93B0-B1E0A1FE08F1}: DhcpNameServer = 8.8.8.8 8.8.4.4 192.168.0.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{30BCAC89-9D8E-4D4F-BEB6-76743329E5A8}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{A057F364-69DB-4F24-93B0-B1E0A1FE08F1}: DhcpNameServer = 8.8.8.8 8.8.4.4 192.168.0.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{30BCAC89-9D8E-4D4F-BEB6-76743329E5A8}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{A057F364-69DB-4F24-93B0-B1E0A1FE08F1}: DhcpNameServer = 8.8.8.8 8.8.4.4 192.168.0.1

~ Scan Domain in 00mn 00s

---\\ Extra protocols (O18)

O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll

O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll

O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll

O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\Program Files\Common Files\Skype\Skype4COM.dll

O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll

O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

~ Scan Protocole Additionnel in 00mn 00s

---\\ ShellServiceObjectDelayLoad (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ Scan SSODL in 00mn 00s

---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)

O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe

O23 - Service: Norton Internet Security (NIS) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe

O23 - Service: Norton Online Backup (NOBU) . (.Symantec Corporation - Norton Online Backup Service.) - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe

O23 - Service: PSafeLockBoxSvc (PSafeLockBoxSvc) . (.PSafe - PSafe CategoryFinder.) - C:\Program Files\PSafe\PSafeCategoryFinder.exe

O23 - Service: PSafeSVC (PSafeSVC) . (.PSafe S/A - PSafe-SVC.) - C:\Program Files\PSafe\PSafesvc.exe

O23 - Service: PSafeWD (PSafeWD) . (.PSafe - PSafeWD.) - C:\Program Files\PSafe\PSafeWD.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Unknown owner - RichVideo Module.) - C:\Program Files\CyberLink\Shared files\RichVideo.exe

O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: (vToolbarUpdater12.2.6) . (.Unknown owner - ToolbarU Application.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe

O23 - Service: (WebOptimizer) . (...) - C:\Windows\System32\dmwu.exe

~ Scan Services in 00mn 01s

---\\ Windows Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

---\\

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s

---\\ Task Planned Automatically(039)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-896558980-977426591-2796425657-1000Core.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-896558980-977426591-2796425657-1000UA.job

[MD5.44C00A385CA9DBC1D5CF3781F8C26AEA] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[MD5.EE34DEB598BFB6E0FAF3C483AA3E73F8] [APT] [advSRS5] (.SEC.) -- C:\Program Files\Samsung\Samsung Recovery Solution 5\WCScheduler.exe

[MD5.37293B4DBC673DFC3CA4DAF8A52F575D] [APT] [batteryLifeExtender] (.Samsung Electronics. Co. Ltd..) -- C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe

[MD5.00000000000000000000000000000000] [APT] [DealPlyUpdate] (...) -- C:\Program Files\DealPly\DealPlyUpdate.exe (.not file.)

[MD5.D6C4B257BBD494F08B2984E533B072A0] [APT] [EasyDisplayMgr] (.Samsung Electronics Co., Ltd..) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe

[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-896558980-977426591-2796425657-1000Core] (...) -- C:\Users\Felipe\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-896558980-977426591-2796425657-1000UA] (...) -- C:\Users\Felipe\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.)

[MD5.B00F98FF6FE8682FF941BEB2559BF191] [APT] [MirageAgent] (.CyberLink.) -- C:\Program Files\CyberLink\YouCam\YCMMirage.exe

[MD5.9F71DDE0A8C47254B9DA3AB6094915CC] [APT] [MovieColorEnhancer] (.Samsung Electronics Co., Ltd..) -- C:\Program Files\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe

[MD5.D412AC27FE3C9F8BC19741DAC0E0329D] [APT] [RealUpgradeLogonTaskS-1-5-21-896558980-977426591-2796425657-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe

[MD5.D412AC27FE3C9F8BC19741DAC0E0329D] [APT] [RealUpgradeScheduledTaskS-1-5-21-896558980-977426591-2796425657-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe

[MD5.FDA6B888126372205BA642775AEB486E] [APT] [Norton Error Analyzer 18.7.2.3] (.Symantec Corporation.) -- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\SymErr.exe

[MD5.FDA6B888126372205BA642775AEB486E] [APT] [Norton Error Processor 18.7.2.3] (.Symantec Corporation.) -- C:\Program Files\Norton Internet Security\Engine\18.7.2.3\SymErr.exe

~ Scan Scheduled Task in 00mn 13s

---\\ ActiveSetup Installed Components (O40)

O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll

O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Identidade visual IEAK.) -- C:\Windows\System32\iedkcs32.dll

O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll

O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\Windows\System32\themeui.dll

O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe

O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\Windows\System32\msieftp.dll

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Recursos do Windows Media Player.) -- C:\Windows\System32\wmploc.dll

O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll

O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll

~ Scan Active Setup in 00mn 00s

---\\ Drivers launched at startup (O41)

O41 - Driver: (360FileOem) . (.360.cn - 360FileOem.) - C:\windows\system32\drivers\360FileOem.sys

O41 - Driver: (360RegOem) . (.360???? - 360RegOem.) - C:\windows\system32\drivers\360RegOem.sys

O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (avgtp) . (.AVG Technologies - No comment.) - C:\windows\system32\drivers\avgtpx86.sys

O41 - Driver: (BHDrvx86) . (.Symantec Corporation - BASH Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120711.002\BHDrvx86.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

O41 - Driver: (IDSVix86) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120713.001\IDSvix86.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Driver do Subsistema de Buffer da Unidade R.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: (SABI) . (.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - C:\windows\system32\Drivers\SABI.sys

O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\NIS\1207020.003\SRTSPX.sys

O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\Windows\system32\drivers\NIS\1207020.003\Ironx86.sys

O41 - Driver: (SymNetS) . (.Symantec Corporation - Network Security Driver.) - C:\Windows\system32\Drivers\NIS\1207020.003\SYMNETS.sys

O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

~ Scan Drivers in 00mn 01s

---\\ Software installed (O42)

O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM] -- {A25FF1C0-80B6-4B8B-A551-DC525697A408}

O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM] -- {4CD66A84-FC42-8E7C-9A50-0E6FA711F439}

O42 - Logiciel: ActiveX ???????? ?? Windows Live Mesh ?? ?????????? ?????? - (.Microsoft Corporation.) [HKLM] -- {B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}

O42 - Logiciel: ActiveX-kontroll för fjärranslutningar för Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}

O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Reader 9.1 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A91000000001}

O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {28006915-2739-4EBE-B5E8-49B25D32EB33}

O42 - Logiciel: BatteryLifeExtender - (.Samsung.) [HKLM] -- {FFD0E594-823B-4E2B-B680-720B3C852588}

O42 - Logiciel: Broadcom 802.11 Network Adapter - (.Broadcom Corporation.) [HKLM] -- Broadcom 802.11 Network Adapter

O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM] -- {01125F9F-9BBC-4937-B30D-76E8C5D68D37}

O42 - Logiciel: Control ActiveX Windows Live Mesh pentru conexiuni la distan?a - (.Microsoft Corporation.) [HKLM] -- {260E3D78-94E6-47EC-8E29-46301572BB1E}

O42 - Logiciel: Control ActiveX de Windows Live Mesh para conexiones remotas - (.Microsoft Corporation.) [HKLM] -- {04668DF2-D32F-4555-9C7E-35523DCD6544}

O42 - Logiciel: Controle ActiveX do Windows Live Mesh para Conexões Remotas - (.Microsoft Corporation.) [HKLM] -- {39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}

O42 - Logiciel: Controlo ActiveX do Windows Live Mesh para Ligações Remotas - (.Microsoft Corporation.) [HKLM] -- {E54EEB5D-41ED-40FE-B4A8-8565DB81469B}

O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}

O42 - Logiciel: CyberLink Media Suite - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: CyberLink Media Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: CyberLink Media+ Player10 - (.CyberLink Corp..) [HKLM] -- InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}

O42 - Logiciel: CyberLink Media+ Player10 - (.CyberLink Corp..) [HKLM] -- {34FBC7C4-CD31-4D93-A428-0E524EAC4586}

O42 - Logiciel: CyberLink MediaShow - (.CyberLink Corp..) [HKLM] -- InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}

O42 - Logiciel: CyberLink MediaShow - (.CyberLink Corp..) [HKLM] -- {80E158EA-7181-40FE-A701-301CE6BE64AB}

O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}

O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: ETDWare PS/2-X86 10.7.14.12_WHQL - (.ELAN Microelectronic Corp..) [HKLM] -- Elantech

O42 - Logiciel: Easy Content Share - (.Samsung Electronics Co., LTD.) [HKLM] -- {2DDC70C1-C77A-4D08-89D2-9AB648504533}

O42 - Logiciel: Easy Display Manager - (.Samsung Electronics Co., Ltd..) [HKLM] -- {17283B95-21A8-4996-97DA-547A48DB266F}

O42 - Logiciel: Easy Network Manager - (.Samsung.) [HKLM] -- {8732818E-CA78-4ACB-B077-22311BF4C0E4}

O42 - Logiciel: Easy SpeedUp Manager - (.Samsung Electronics Co.,Ltd..) [HKLM] -- {EF367AA4-070B-493C-9575-85BE59D789C9}

O42 - Logiciel: EasyBatteryManager - (.Samsung.) [HKLM] -- {607DA1C8-34EC-4D7A-AD83-F8E5C70736DF}

O42 - Logiciel: EasyFileShare - (.Samsung.) [HKLM] -- {16880765-677F-440B-B16A-BFD9B9C00012}

O42 - Logiciel: Facebook Video Calling 1.2.0.159 - (.Skype Limited.) [HKLM] -- {7CAC6A44-C3DE-4153-ACA6-7524602C789E}

O42 - Logiciel: Fast Start - (.SAMSUNG.) [HKLM] -- {77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}

O42 - Logiciel: Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsluge polacz - (.Microsoft Corporation.) [HKLM] -- {B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}

O42 - Logiciel: Fotogalerija Windows Live - (.Microsoft Corporation.) [HKLM] -- {E59969EA-3B5B-4B24-8B94-43842A7FBFE9}

O42 - Logiciel: Galeria de Fotografias do Windows Live - (.Microsoft Corporation.) [HKLM] -- {0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}

O42 - Logiciel: Galeria fotografii uslugi Windows Live - (.Microsoft Corporation.) [HKLM] -- {CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}

O42 - Logiciel: Galerie foto Windows Live - (.Microsoft Corporation.) [HKLM] -- {CB66242D-12B1-4494-82D2-6F53A7E024A3}

O42 - Logiciel: Galería fotográfica de Windows Live - (.Microsoft Corporation.) [HKLM] -- {E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}

O42 - Logiciel: Internet Explorer Toolbar 4.6 by SweetPacks - (.SweetIM Technologies Ltd..) [HKLM] -- {774C0434-9948-4DEE-A14E-69CDD316E36C}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

O42 - Logiciel: Kontrola Windows Live Mesh ActiveX za daljinske veze - (.Microsoft Corporation.) [HKLM] -- {19CBDE24-2761-49A5-816B-D2BA65D0CA8D}

O42 - Logiciel: Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave - (.Microsoft Corporation.) [HKLM] -- {CA227A9D-09BE-4BFB-9764-48FED2DA5454}

O42 - Logiciel: MP3 Cutter 1.1.1 - (.MP3Cutter.org.) [HKLM] -- MP3 Cutter_is1

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: Malwarebytes Anti-Malware versão 1.65.0.1400 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile PTB Language Pack - (.Microsoft Corporation.) [HKLM] -- {20A15757-4AE4-3C82-9711-863C84AFE6AA}

O42 - Logiciel: Microsoft Office 2010 - (.Microsoft Corporation.) [HKLM] -- {95140000-0070-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Starter 2010 - Português (Brasil) - (.Microsoft Corporation.) [HKLM] -- {90140011-0066-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office com Clique para Executar 2010 - (.Microsoft Corporation.) [HKLM] -- Office14.Click2Run

O42 - Logiciel: Microsoft Office com Clique para Executar 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-006D-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {196BB40D-1578-3D01-B289-BEFC77A11A1E}

O42 - Logiciel: Movie Color Enhancer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}

O42 - Logiciel: Mozilla Firefox 15.0.1 (x86 pt-BR) - (.Mozilla.) [HKLM] -- Mozilla Firefox 15.0.1 (x86 pt-BR)

O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService

O42 - Logiciel: Multimedia POP - (.Unknown owner.) [HKLM] -- {331ECF61-69AF-4F57-AC35-AFED610231C3}

O42 - Logiciel: Norton Internet Security - (.Symantec Corporation.) [HKLM] -- NIS

O42 - Logiciel: Norton Online Backup - (.Symantec Corporation.) [HKLM] -- {40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}

O42 - Logiciel: Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená pripojení - (.Microsoft Corporation.) [HKLM] -- {B6190387-0036-4BEB-8D74-A0AFC5F14706}

O42 - Logiciel: Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia - (.Microsoft Corporation.) [HKLM] -- {C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}

O42 - Logiciel: PSafe - (.PSafe.) [HKLM] -- PSafe

O42 - Logiciel: Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile PTB Language Pack

O42 - Logiciel: Poczta uslugi Windows Live - (.Microsoft Corporation.) [HKLM] -- {64376910-1860-4CEF-8B34-AA5D205FC5F1}

O42 - Logiciel: Podstawowe programy Windows Live - (.Microsoft Corporation.) [HKLM] -- {7A9D47BA-6D50-4087-866F-0800D8B89383}

O42 - Logiciel: Pošta Windows Live - (.Microsoft Corporation.) [HKLM] -- {7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}

O42 - Logiciel: Raccolta foto di Windows Live - (.Microsoft Corporation.) [HKLM] -- {ED16B700-D91F-44B0-867C-7EB5253CA38D}

O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime - (.RealNetworks, Inc.) [HKLM] -- {7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}

O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 15.0

O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}

O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Samsung AnyWeb Print - (.Samsung Electronics Co., Ltd..) [HKLM] -- {318DBE01-1E6B-4243-84B0-210391FE789A}

O42 - Logiciel: Samsung Printer Live Update - (.Samsung Electronics Co., Ltd..) [HKLM] -- Samsung Printer Live Update

O42 - Logiciel: Samsung Recovery Solution 5 - (.Samsung.) [HKLM] -- {145DE957-0679-4A2A-BB5C-1D3E9808FAB2}

O42 - Logiciel: Samsung Support Center - (.Samsung.) [HKLM] -- {F687E657-F636-44DF-8125-9FEEA2C362F5}

O42 - Logiciel: Samsung Universal Print Driver - (.Samsung Electronics Co., Ltd..) [HKLM] -- Samsung Universal Print Driver

O42 - Logiciel: Samsung Universal Scan Driver - (.Samsung Electronics Co., Ltd..) [HKLM] -- Samsung Universal Scan Driver

O42 - Logiciel: Samsung Update Plus - (.Samsung Electronics Co., Ltd..) [HKLM] -- {142D8CA7-2C6F-45A7-83E3-099AAFD99133}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2604121

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656351

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656368

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656368v2

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656405

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2686827

O42 - Logiciel: Skype™ 5.10 - (.Skype Technologies S.A..) [HKLM] -- {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}

O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM] -- {7683B745-6060-41FD-AA75-0BBB383FEAD4}

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217

O42 - Logiciel: User Guide - (.Unknown owner.) [HKLM] -- {BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}

O42 - Logiciel: Uzak Baglantilar Için Windows Live Mesh ActiveX Denetimi - (.Microsoft Corporation.) [HKLM] -- {241E7104-937A-4366-AD57-8FDDDB003939}

O42 - Logiciel: Visualizador do Microsoft PowerPoint - (.Microsoft Corporation.) [HKLM] -- {95140000-00AF-0416-0000-0000000FF1CE}

O42 - Logiciel: Web Optimizer - (.Unknown owner.) [HKLM] -- WNLT

O42 - Logiciel: WinZip 16.5 - (.WinZip Computing, S.L. .) [HKLM] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240D4}

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {17835B63-8308-427F-8CF5-D76E0D5FE457}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {17F99FCE-8F03-4439-860A-25C5A5434E18}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {2A07C35B-8384-4DA4-9A95-442B6C89A073}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {3B72C1E0-26A1-40F6-8516-D50C651DFB3C}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {410DF0AA-882D-450D-9E1B-F5397ACFFA80}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {43B43577-2514-4CE0-B14A-7E85C17C0453}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {4A04DB63-8F81-4EF4-9D09-61A2057EF419}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {6491AB99-A11E-41FD-A5E7-32DE8A097B8E}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {71684DFF-CDED-450C-AF0C-4A1A6438A1A5}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {7D1C7B9F-2744-4388-B128-5C75B8BCCC84}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {827D3E4A-0186-48B7-9801-7D1E9DD40C07}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {84A411F9-40A5-4CDA-BF46-E09FBB2BC313}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {A1668729-C4D2-49AE-877B-FB608362FFF1}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {ABD534B7-E951-470E-92C2-CD5AF1735726}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {B0AD205F-60D0-4084-AFB8-34D9A706D9A8}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {B618C3BF-5142-4630-81DD-F96864F97C7E}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {C01FCACE-CC3D-49A2-ADC2-583A49857C58}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {DEF91E0F-D266-453D-B6F2-1BA002B40CB6}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {F0F9505B-3ACF-4158-9311-D0285136AA00}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {FE044230-9CA5-43F7-9B58-5AC5A28A1F33}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {FE62C88B-425B-4BDE-8B70-CD5AE3B83176}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {FEEF7F78-5876-438B-B554-C4CC426A4302}

O42 - Logiciel: Windows Live Foto-galerija - (.Microsoft Corporation.) [HKLM] -- {B81722D3-0A95-4BDE-AA1A-A2A5D12FCDB2}

O42 - Logiciel: Windows Live Fotogalerie - (.Microsoft Corporation.) [HKLM] -- {B113D18C-67B0-4FB7-B329-E89B66194AE6}

O42 - Logiciel: Windows Live Fotogalerie - (.Microsoft Corporation.) [HKLM] -- {FB79FDB7-4DE1-453D-99FE-9A880F57380E}

O42 - Logiciel: Windows Live Fotogalleri - (.Microsoft Corporation.) [HKLM] -- {5C2F5C1B-9732-4F81-8FBF-6711627DC508}

O42 - Logiciel: Windows Live Fotogaléria - (.Microsoft Corporation.) [HKLM] -- {97F77D62-5110-4FA3-A2D3-410B92D31199}

O42 - Logiciel: Windows Live Fotograf Galerisi - (.Microsoft Corporation.) [HKLM] -- {BD695C2F-3EA0-4DA4-92D5-154072468721}

O42 - Logiciel: Windows Live Fotótár - (.Microsoft Corporation.) [HKLM] -- {7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}

O42 - Logiciel: Windows Live Galeria de Fotos - (.Microsoft Corporation.) [HKLM] -- {F7A46527-DF1F-4B0F-9637-98547E189442}

O42 - Logiciel: Windows Live Galerija fotografija - (.Microsoft Corporation.) [HKLM] -- {E5377D46-83C5-445A-A1F1-830336B42A10}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {0D261C88-454B-46FE-B43B-640E621BDA11}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {10186F1A-6A14-43DF-A404-F0105D09BB07}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {249EE21B-8EDD-4F36-8A23-E580E9DBE80A}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {63CF7D0C-B6E7-4EE9-8253-816B613CC437}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {677AAD91-1790-4FC5-B285-0E6A9D65F7DC}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {753F0A72-59C3-41CE-A36A-F2DF2079275C}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {82803FF3-563F-414F-A403-8D4C167D4120}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {924B4D82-1B97-48EB-8F1E-55C4353C22DB}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9DA3F03B-2CEE-4344-838E-117861E61FAF}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {A0B91308-6666-4249-8FF6-1E11AFD75FE1}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {B1239994-A850-44E2-BED8-E70A21124E16}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {C454280F-3C3E-4929-B60E-9E6CED5717E7}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {C66824E4-CBB3-4851-BB3F-E8CFD6350923}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {D07B1FDA-876B-4914-9E9A-309732B6D44F}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {D31169F2-CD71-4337-B783-3E53F29F4CAD}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {D588365A-AE39-4F27-BDAE-B4E72C8E900C}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {DBAA2B17-D596-4195-A169-BA2166B0D69B}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {F66430D8-08E6-4C96-B9B7-90E66E27D58C}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {FA6CF94F-DACF-4FE7-959D-55C421B91B17}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {00884F14-05BD-4D8E-90E5-1ABF78948CA4}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {039480EE-6933-4845-88B8-77FD0C3D059D}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {110668B7-54C6-47C9-BAC4-1CE77F156AF5}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {11417707-1F72-4279-95A3-01E0B898BBF5}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {2C865FB0-051E-4D22-AC62-428E035AEAF0}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {2D3E034E-F76B-410A-A169-55755D2637BB}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {39F95B0B-A0B7-4FA7-BB6C-197DA2546468}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {3F4143A1-9C21-4011-8679-3BC1014C6886}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {46872828-6453-4138-BE1C-CE35FBF67978}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {588CE0C0-860B-49A8-AFCF-3C69465B345F}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {5CF5B1A5-CBC3-42F0-8533-5A5090665862}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {61506B53-EE02-46CE-8464-3F806947978F}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {644063FA-ABA3-42AC-A8AC-3EDC0706018B}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {71C95134-F6A9-45E7-B7B3-07CA6012BF2A}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {7496FD31-E5CB-4AE4-82D3-31099558BF6A}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {78DAE910-CA72-450E-AD22-772CB1A00678}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {80E8C65A-8F70-4585-88A2-ABC54BABD576}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {A0C91188-C88F-4E86-93E6-CD7C9A266649}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {AB0B2113-5B96-4B95-8AD1-44613384911F}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {ACFBE99B-6981-4513-B17E-A2683CEB9EE5}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {AF01B90A-D25C-4F60-AECD-6EEDF509DC11}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {C08D5964-C42F-48EE-A893-2396F9562A7C}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {D06F10C5-3EDD-4B29-A3B5-16BBB9A047F8}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {EAB1BDF2-734A-4D44-9169-7615D185C974}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {EC20FB81-9B5E-4B97-92A2-8DC52548EFCE}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {F7E80BA7-A09D-4DD1-828B-C4A0274D4720}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {FCDE76CB-989D-4E32-9739-6A272D2B0ED7}

O42 - Logiciel: Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen - (.Microsoft Corporation.) [HKLM] -- {C32CE55C-12BA-4951-8797-0967FDEF556F}

O42 - Logiciel: Windows Live Mesh ActiveX Control for Remote Connections - (.Microsoft Corporation.) [HKLM] -- {2902F983-B4C1-44BA-B85D-5C6D52E2C441}

O42 - Logiciel: Windows Live Mesh ActiveX Control for Remote Connections - (.Microsoft Corporation.) [HKLM] -- {C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}

O42 - Logiciel: Windows Live Mesh ActiveX control for remote connections - (.Microsoft Corporation.) [HKLM] -- {C5398A89-516C-4DAF-BA07-EE7949090E56}

O42 - Logiciel: Windows Live Mesh ActiveX kontrola za daljinske veze - (.Microsoft Corporation.) [HKLM] -- {8985AE5E-622A-4980-8BF8-0A1830643220}

O42 - Logiciel: Windows Live Mesh ActiveX vadikla attalajiem savienojumiem - (.Microsoft Corporation.) [HKLM] -- {A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}

O42 - Logiciel: Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger - (.Microsoft Corporation.) [HKLM] -- {09B7C7EB-3140-4B5E-842F-9C79A7137139}

O42 - Logiciel: Windows Live Mesh ActiveX-objekt til fjernforbindelser - (.Microsoft Corporation.) [HKLM] -- {57220148-3B2B-412A-A2E0-82B9DF423696}

O42 - Logiciel: Windows Live Mesh ActiveX-vezérlo távoli kapcsolatokhoz - (.Microsoft Corporation.) [HKLM] -- {6E29C4F7-C2C2-4B18-A15C-E09B92065F15}

O42 - Logiciel: Windows Live Meshin etäyhteyksien ActiveX-komponentti - (.Microsoft Corporation.) [HKLM] -- {4CF6F287-5121-483C-A5A2-07BDE19D8B4E}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {062E4D94-8306-46D5-81B6-45E6AD09C799}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {2D49C296-BCCA-4800-BAF6-A0269EBDCF74}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {2F54E453-8C93-4B3B-936A-233C909E6CAC}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {443B561F-DE1B-4DEF-ADD9-484B684653C7}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {48294D95-EE9A-4377-8213-44FC4265FB27}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {4B744C85-DBB1-4038-B989-4721EB22C582}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {542DA303-FB91-4731-9F37-6E518368D3B9}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6A67578E-095B-4661-88F7-0B199CEC3371}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {83D2FFB0-E378-49FE-8A53-580CA7B5761F}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {8FF3891F-01B5-4A71-BFCD-20761890471C}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {A3389C72-1782-4BB4-BBAA-33345DE52E3F}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {B2E90616-C50D-4B89-A40D-92377AC669E5}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {BAEE89D5-6E87-4F89-9603-A1C100479181}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {BD0C3887-64E6-41D8-9A38-BC6F34369352}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {BFC47A0B-D487-4DF0-889E-D6D392DF31E0}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {C95A5A77-622F-45CA-9540-84468FCB18B1}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {C9E1343D-E21E-4508-A1BE-04A089EC137D}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {D47C66BE-0EB5-4587-93FE-D1E176C4B25C}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E9AD2143-26D5-4201-BED1-19DCC03B407D}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {F2979AAA-FDD7-4CB3-93BC-5C24D965D679}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {F35DC85A-E96B-496B-ABE7-F04192824856}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {F783464C-C7C6-4E9B-AC40-BC90E5414BAF}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {FA20D803-14E5-4B00-8F03-B519D46F9D4A}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {FFFA0584-8E3D-4195-8283-CCA3AD73C746}

O42 - Logiciel: Windows Live Messenger - (.?????????? ??????????.) [HKLM] -- {CBFD061C-4B27-4A89-ADD8-210316EEFA11}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {0119B342-476F-4F5A-B712-144B5CFA781F}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {133D9D67-D475-4407-AC3C-D558087B2453}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {19BA08F7-C728-469C-8A35-BFBD3633BE08}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {5D273F60-0525-48BA-A5FB-D0CAA4A952AE}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {60C3C026-DB53-4DAB-8B97-7C1241F9A847}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {640798A0-A4FB-4C52-AC72-755134767F1E}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6B3BAE39-4ED1-4EEB-9769-A3AA0AA58CB4}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6CB36609-E3A6-446C-A3C1-C71E311D2B9C}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6EF2BE2C-3121-48B7-B7A6-C56046B3A588}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {7465A996-0FCA-4D2D-A52C-F833B0829B5B}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {7AF8E500-B349-4A77-8265-9854E9A47925}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {903EDF14-4E28-4463-AA5E-4AEE71C0263B}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {9E771D5B-C429-4CBC-8730-3EBD9EC99E4C}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {A101F637-2E56-42C0-8E08-F1E9086BFAF3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {BF022D76-9F72-4203-B8FA-6522DC66DFDA}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {CD442136-9115-4236-9C14-278F6A9DCB3F}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {CF9DEFAA-12CD-4D04-AA45-F9F667D21E2E}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {DDC1E1BD-7615-4186-89E1-F5F43F9B6491}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {E4E88B54-4777-4659-967A-2EED1E6AFD83}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {F80E5450-3EF3-4270-B26C-6AC53BEC5E76}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {FF105207-8423-4E13-B0B1-50753170B245}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {FF3DFA01-1E98-46B4-A065-DA8AD47C9598}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {FF737490-5A2D-4269-9D82-97DB2F7C0B09}

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {000F2A10-9CDF-47BF-9CF2-9AC87567B433}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {0654EA5D-308A-4196-882B-5C09744A5D81}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {073F306D-9851-4969-B828-7B6444D07D55}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {168E7302-890A-4138-9109-A225ACAF7AD1}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {28B9D2D8-4304-483F-AD71-51890A063A74}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {29373E24-AC72-424E-8F2A-FB0F9436F21F}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {370F888E-42A7-4911-9E34-7D74632E17EB}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {442032CB-900C-49C7-B4B4-2B76525DD403}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {4D83F339-5A5C-4B21-8FD3-5D407B981E72}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {4F35DF91-F834-41F7-A287-0E377D55C486}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {5D163056-96B7-440F-A836-89BA5D3CFF2F}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {6B556C37-8919-4991-AC34-93D018B9EA49}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {6F37D92B-41AA-44B7-80D2-457ABDE11896}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {73FC3510-6421-40F7-9503-EDAE4D0CF70D}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {77BC9EAF-14C7-4338-9B1C-D5A3E142C0B8}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {78906B56-0E81-42A7-AC25-F54C946E1538}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {7D0DE76C-874E-4BDE-A204-F4240160693E}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {84267681-BF16-40B6-9564-27BC57D7D71C}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {85373DA7-834E-4850-8AF5-1D99F7526857}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {9BD262D0-B788-4546-A0A5-F4F56EC3834B}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A41A708E-3BE6-4561-855D-44027C1CF0F8}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {ADFE4AED-7F8E-4658-8D6E-742B15B9F120}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {B33B61FE-701F-425F-98AB-2B85725CBF68}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C2AB7DC4-489E-4BE9-887A-52262FBADBE0}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {CD7CB1E6-267A-408F-877D-B532AD2C882E}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {D436F577-1695-4D2F-8B44-AC76C99E0002}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {34F4D9A4-42C2-4348-BEF4-E553C84549E7}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {861B1145-7762-4794-B40C-3FF0A389DFE6}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {885F1BCD-C344-4758-85BD-09640CF449A5}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {CF671BFE-6BA3-44E7-98C1-500D9C51D947}

O42 - Logiciel: Windows Live Pošta - (.Microsoft Corporation.) [HKLM] -- {517EAAB9-C35E-4949-B8C2-20C241162BBB}

O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {19A4A990-5343-4FF7-B3B5-6F046C091EDF}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {02602409-9189-4567-BC07-562605243B69}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {071A7A87-F72C-4239-BAF8-92FF44EB82AF}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {143DB9C9-3F0D-4DC7-A57B-A7E4F26FA12E}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {18088C5C-323A-4E56-AA4A-6D3F2EE34102}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {208762DE-34A1-44B1-B597-509C8D05D39E}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {244C5A67-39DC-4C6C-BF1B-BCC9D342A4C4}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {2852BC06-B850-4518-97E6-CD136FE75683}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {2B3EA5DA-D040-48FB-813F-1CF8C0123698}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {30E82CD5-6E97-4381-86EB-548202A6D5B7}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {3BC3B1A5-30E3-4DDB-BE08-E7262B838B5F}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {41B72CAF-036B-4E0A-8D22-F5DF7C970434}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {454F5782-A4C3-480E-A629-D435795DEFD8}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {464B3406-A4D0-4914-910F-7CA4380DCC13}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {4B1EDAFC-B0EB-465F-886C-24FAC1BED2AC}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {5C8BC258-A629-4DF2-97D0-E106C2A9B1BD}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {6255D9FC-427F-4867-84DB-164DBEA0661F}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {66B0B400-22AB-47E6-8673-38A5D37F6331}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {7234BD6D-5394-4572-A87D-0279C5ED535D}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {7846B719-862C-468A-9FD0-4769D2590535}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {7A143876-9658-4A58-82E7-B5F02D942957}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {84D3CB13-C7EE-4A29-817E-D82697320BF5}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {A4C16B19-10AA-4990-AA87-D14F653E3345}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {A9ABC0A6-DC01-4102-BEC9-86974A73B214}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {B512307E-543D-457E-B759-75E0D5B0BCDF}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {B6F55C3E-30EE-4D25-8BAD-CEE4BF8C78EB}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {C30628D8-D3A0-4F23-90F0-F145808087B6}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {CD6CB7F1-1B8E-424A-9B81-F8D2F03958EC}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {E1629C45-9CEF-498E-83CD-D6A09CADA176}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {E7FB0043-24A5-4B30-AED6-01B47B44CB67}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {EAEA7ED1-22F0-4C1E-B001-E56F10E1A100}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {F0CCBE54-9132-44E9-82DF-CD364AD5C22D}

O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {02E1EAF5-F1B6-41EC-B500-E6BC728A5E20}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {065241D0-A178-4F24-8A09-691761A8957B}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {0891B708-EF3F-4D7E-9724-265245F46276}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {0A1651F1-7E0F-4613-93FE-967F5BC3C1B7}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {17504ED4-DB08-40A8-81C2-27D8C01581DA}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {201B5096-AF6E-423E-B987-023E040D9B42}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {20C21396-4F89-4044-806B-326C993A3996}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {354FF1E9-5D3F-4D91-A433-7626AC6B55EA}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {3A65A74A-5B6E-451A-92D8-50F1182BBE9A}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {3BFB2388-64EE-4AAA-9235-5FE725FED6DE}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {41B07C21-145D-496F-B029-0899514099C7}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {41E4FA4B-9376-4C32-AA46-65FCC0087CD5}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {448702D4-83DD-4EFC-B09B-94AD6CA0D978}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {5008BC55-FD3D-4A32-A1B7-610E18F4D220}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {61A5DE19-BE38-45AF-A9BC-73E49703315E}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {7612E28A-C4DB-4259-AA91-CB02B1BCF623}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {82EE333F-45A9-4585-A5D9-31FE16B7FB25}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {845E0BCB-8C8D-4FAB-8588-AD5FFD156C95}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {8E9CB7DE-8087-48A0-8280-1658F423AAEF}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {93C6647F-AFE0-4CC2-8809-28A0B320D11B}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {97124033-1253-4474-8B25-1AB314A920E6}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AB93C51F-71F9-4A28-8134-FE1B5B9373E9}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AC0628FF-532F-4800-91EC-40903B04682F}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AC259A12-6CD9-486D-A97A-B619EB46225A}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {BA8D4CEF-D23D-44AB-8A89-66E602253791}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {C411942C-C26B-4450-8B9A-173DCC22AEC6}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {C4E7704D-5AFB-44CA-B8BA-F16C8FA46D5F}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {D378BEA1-912E-4827-B9DB-D3B2C3D0BD4A}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {D3CAE2CA-BE71-4CA4-9EB9-46E1C82E778B}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {DEDF8BAB-98D7-4CFA-9C42-27431EC4BD1F}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {E6617B44-D556-49AC-B2A3-01451E115043}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {F81DB83D-A016-45A6-A6A0-135B1E6939EF}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live Temel Parçalar - (.Microsoft Corporation.) [HKLM] -- {1203DC60-D9BD-44F9-B372-2B8F227E6094}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {09922FFE-D153-44AE-8B60-EA3CB8088F93}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {0C1931EB-8339-4837-8BEC-75029BF42734}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {128133D3-037A-4C62-B1B7-55666A10587A}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {1DA6D447-C54D-4833-84D4-3EA31CAECE9B}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {220C7F8C-929D-4F71-9DC7-F7A6823B38E4}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {24DF33E0-F924-4D0D-9B96-11F28F0D602D}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {2CC0789D-D31B-445F-8970-6E058BE39754}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {368BEC2C-B7A2-4762-9213-2D8465D533CA}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {37B33B16-2535-49E7-8990-32668708A0A3}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {3B8F240C-B75E-4A1E-BDCC-6C7F033078A3}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {40BFD84C-64CD-42CC-9909-8734C50429C6}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {4C378B16-46B7-4DA1-A2CE-2EE676F74680}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {4D141929-141B-4605-95D6-2B8650C1C6DA}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {506FC723-8E6C-4417-9CFF-351F99130425}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {523DF2BB-3A85-4047-9898-29DC8AEB7E69}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {545192D4-E817-4EAA-834D-623EA50CF268}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {5E627606-53B9-42D1-97E1-D03F6229E248}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {6A4ABCDC-0A49-4132-944E-01FBCCB3465C}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {7327080F-6673-421F-BBD9-B618F357EEB3}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {77477AEA-5757-47D8-8B33-939F43D82218}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {7780682A-47C9-480D-90BE-247539342595}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {8CF5D47D-27B7-49D6-A14F-10550B92749D}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {D299197D-CDEA-41A6-A363-F532DE4114FD}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {D6F25CF9-4E87-43EB-B324-C12BE9CDD668}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {DF71ABBB-B834-41C0-BB58-80B0545D754C}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {E5DD4723-FE0B-436E-A815-DC23CF902A0B}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {EA777812-4905-4C08-8F6E-13BDCC734609}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {11778DA1-0495-4ED9-972F-F9E0B0367CD5}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {198EA334-8A3F-4CB2-9D61-6C10B8168A6F}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {1A82AE99-84D3-486D-BAD6-675982603E14}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {1D6C2068-807F-4B76-A0C2-62ED05656593}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {1FC83EAE-74C8-4C72-8400-2D8E40A017DE}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {317D56AC-0DB3-48F5-929A-42032DAC9AD7}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4264C020-850B-4F08-ACBE-98205D9C336C}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {48C0DC5E-820A-44F2-890E-29B68EDD3C78}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {69C9C672-400A-43A0-B2DE-9DB38C371282}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {71A81378-79D5-40CC-9BDC-380642D1A87F}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {7E017923-16F8-4E32-94EF-0A150BD196FE}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {804DE397-F82C-4867-9085-E0AA539A3294}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {859D4022-B76D-40DE-96EF-C90CDA263F44}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {86E6D3A7-3ADC-44C0-B94E-85D2A9DD36B0}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAF454FC-82CA-4F29-AB31-6A109485E76E}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {B3BE54A4-8DFE-4593-8E66-56AB7133B812}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {B9B66F77-9D00-4CA4-BDF1-BBA8236B4DB6}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {C1C9D199-B4DD-4895-92DD-9A726A2FE341}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {C8A2793D-EFF2-4069-95BF-A28192E39DEB}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {CDC39BF2-9697-4959-B893-A2EE05EF6ACB}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {D27DF849-C8C7-4892-A7F1-E0B381A1BD01}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {DA29F644-2420-4448-8128-1331BE588999}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {DCAB6BA7-6533-44BF-9235-E5BF33B7431C}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {E55E0C35-AC3C-4683-BA2F-834348577B80}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {E62E0550-C098-43A2-B54B-03FB1E634483}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {E8524B28-3BBB-4763-AC83-0E83FE31C350}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {14B441B7-774D-4170-98EA-A13667AE6218}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {2511AAD7-82DF-4B97-B0B3-E1B933317010}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {26E3C07C-7FF7-4362-9E99-9E49E383CF16}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {3125D9DE-8D7A-4987-95F3-8A42389833D8}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {458F399F-62AC-4747-99F5-499BBF073D29}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {5D2E7BD7-4B6F-4086-BA8A-E88484750624}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {6807427D-8D68-4D30-AF5B-0B38F8F948C8}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {69CAC24D-B1DC-4B97-A1BE-FE21843108FE}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {6DCE9C3E-3DB7-4C3C-8B80-BC55781BB7B6}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {734104DE-C2BF-412F-BB97-FCCE1EC94229}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {77DAF553-291A-4471-988C-5677D90DB57E}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {7E90B133-FF47-48BB-91B8-36FC5A548FE9}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {7FF11E53-C002-4F40-8D68-6BE751E5DD62}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {93E464B3-D075-4989-87FD-A828B5C308B1}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {AB78C965-5C67-409B-8433-D7B5BDB12073}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {B4712CB7-27D7-4F61-8805-BCF9BE1CFC4A}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {B7B67AA5-12DA-4F01-918D-B1BF66779D8A}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {C29FC15D-E84B-4EEC-8505-4DED94414C59}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {D987098B-3AD4-4E88-B80E-CF27A32D1955}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {DDC8BDEE-DCAC-404D-8257-3E8D4B782467}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {F52C5BE7-3F57-464E-8A54-908402E43CE8}

O42 - Logiciel: Windows Live fotoattelu galerija - (.Microsoft Corporation.) [HKLM] -- {CF936193-C584-458C-B793-15FA945621AF}

O42 - Logiciel: Windows Live ???? - (.Microsoft Corporation.) [HKLM] -- {EEF99142-3357-402C-B298-DEC303E12D92}

O42 - Logiciel: Windows Live ??? - (.Microsoft Corporation.) [HKLM] -- {7B982EBD-D017-4527-BF1A-FC489EC6B100}

O42 - Logiciel: Windows Live ??? - (.Microsoft Corporation.) [HKLM] -- {EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}

O42 - Logiciel: Windows Live ??? - (.Microsoft Corporation.) [HKLM] -- {03241D8D-2217-42F7-9FCB-6A68D141C14D}

O42 - Logiciel: Windows Live ?? - (.Microsoft Corporation.) [HKLM] -- {51FFAC89-B6B0-4E6E-B76F-6D4E2E83086A}

O42 - Logiciel: Windows Live ?? ??? - (.Microsoft Corporation.) [HKLM] -- {D57D43BF-699A-429F-AF8C-AF1867222800}

O42 - Logiciel: Windows Live ?? ??? - (.Microsoft Corporation.) [HKLM] -- {07E15DDE-CAD9-434D-B24D-35708E3BEA09}

O42 - Logiciel: Windows Liven asennustyökalu - (.Microsoft Corporation.) [HKLM] -- {8909CFA8-97BF-4077-AC0F-6925243FFE08}

O42 - Logiciel: Windows Liven sähköposti - (.Microsoft Corporation.) [HKLM] -- {0C975FCC-A06E-4CB6-8F54-A9B52CF37781}

O42 - Logiciel: Windows Liven valokuvavalikoima - (.Microsoft Corporation.) [HKLM] -- {1A72337E-D126-4BAF-AC89-E6122DB71866}

O42 - Logiciel: St???e?? e?????? ActiveX t?? Windows Live Mesh ??a ap?µa???sµ??e? s??d?se?? - (.Microsoft Corporation.) [HKLM] -- {F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}

O42 - Logiciel: S?????? f?t???af??? t?? Windows Live - (.Microsoft Corporation.) [HKLM] -- {C00C2A91-6CB3-483F-80B3-2958E29468F1}

O42 - Logiciel: ???????? ?????????? Windows Live - (.Microsoft Corporation.) [HKLM] -- {E83DC314-C926-4214-AD58-147691D6FE9F}

O42 - Logiciel: ????? Windows Live - (.?????????? ??????????.) [HKLM] -- {B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}

O42 - Logiciel: ?????????? Windows Live - (.Microsoft Corporation.) [HKLM] -- {77F69CA1-E53D-4D77-8BA3-FA07606CC851}

O42 - Logiciel: ??????????? ?? Windows Live - (.Microsoft Corporation.) [HKLM] -- {4444F27C-B1A8-464E-9486-4C37BAB39A09}

O42 - Logiciel: ??????? ?????????? Windows Live Mesh ActiveX ??? ????????? ??????????? - (.Microsoft Corporation.) [HKLM] -- {BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}

O42 - Logiciel: ?????? ??????? ?? Windows Live - (.Microsoft Corporation.) [HKLM] -- {CE929F09-3853-4180-BD90-30764BFF7136}

O42 - Logiciel: ??? ActiveX ?? Windows Live Mesh ???? ??????? ??????? - (.Microsoft Corporation.) [HKLM] -- {9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}

O42 - Logiciel: ???? Windows Live - (.Microsoft Corporation.) [HKLM] -- {0A4C4B29-5A9D-4910-A13C-B920D5758744}

O42 - Logiciel: ???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ??????? - (.Microsoft Corporation.) [HKLM] -- {E18B30AA-6E2D-480C-B918-AF61009F4010}

O42 - Logiciel: ???? ??? Windows Live - (.Microsoft Corporation.) [HKLM] -- {FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}

O42 - Logiciel: ????????? ActiveX ?? Windows Live Mesh ????????????????????????? (???) - (.Microsoft Corporation.) [HKLM] -- {A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}

O42 - Logiciel: „Windows Live Essentials“ - (.Microsoft Corporation.) [HKLM] -- {19ADD3BF-C42B-47DC-81C6-5E9731B668C4}

O42 - Logiciel: „Windows Live Mail“ - (.„Microsoft Corporation“.) [HKLM] -- {2720009D-9566-45A7-A370-0E6DAC313F3F}

O42 - Logiciel: „Windows Live Mesh ActiveX“ nuotoliniu ryšiu valdiklis - (.Microsoft Corporation.) [HKLM] -- {9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}

O42 - Logiciel: „Windows Live Messenger“ - (.„Microsoft Corporation“.) [HKLM] -- {122800FE-3AAF-4974-9FBD-54B023FA756A}

O42 - Logiciel: „Windows Live“ fotogalerija - (.Microsoft Corporation.) [HKLM] -- {C877E454-FA36-409A-A00E-1240CEC61BBD}

O42 - Logiciel: ??????? Windows Live Mesh ActiveX ??(????) - (.Microsoft Corporation.) [HKLM] -- {F992409C-9D10-4AE2-BAEB-B5409AD3785E}

O42 - Logiciel: ??????? Windows Live Mesh ActiveX ??? - (.Microsoft Corporation.) [HKLM] -- {622DE1BE-9EDE-49D3-B349-29D64760342A}

O42 - Logiciel: ?? ??? ?? Windows Live Mesh ActiveX ??? - (.Microsoft Corporation.) [HKLM] -- {61920449-0393-4707-B7DD-E6C0013C8B2C}

---\\ HKCU & HKLM Software Keys

[HKCU\Software\2879d78550302fc6]

[HKCU\Software\ATI]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Baixaki]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\CyberLink]

[HKCU\Software\Elantech]

[HKCU\Software\Gabest]

[HKCU\Software\Google]

[HKCU\Software\IM Providers]

[HKCU\Software\IM]

[HKCU\Software\IncrediMail]

[HKCU\Software\InstallCore]

[HKCU\Software\MSOLoad]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\Netscape]

[HKCU\Software\Nico Mak Computing]

[HKCU\Software\Norton]

[HKCU\Software\Policies]

[HKCU\Software\RealNetworks]

[HKCU\Software\Realtek]

[HKCU\Software\SSPrint]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\Samsung]

[HKCU\Software\SkypeRS]

[HKCU\Software\Skype]

[HKCU\Software\Trolltech]

[HKCU\Software\WNLT]

[HKCU\Software\WinRAR]

[HKCU\Software\WinZip Computing]

[HKCU\Software\Wow6432Node]

[HKLM\Software\360Safe]

[HKLM\Software\AMD]

[HKLM\Software\ATI Technologies]

[HKLM\Software\ATI]

[HKLM\Software\Adobe]

[HKLM\Software\AdwCleaner]

[HKLM\Software\Atheros]

[HKLM\Software\BcmSetup]

[HKLM\Software\CBSTEST]

[HKLM\Software\CDDB]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\CyberLink]

[HKLM\Software\DTS]

[HKLM\Software\Dolby]

[HKLM\Software\Google]

[HKLM\Software\IncrediMail]

[HKLM\Software\Intel]

[HKLM\Software\Khronos]

[HKLM\Software\Knowles]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\My Company Name]

[HKLM\Software\Nico Mak Computing]

[HKLM\Software\Norton]

[HKLM\Software\ODBC]

[HKLM\Software\Policies]

[HKLM\Software\RTLSetup]

[HKLM\Software\RealNetworks]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SRS Labs]

[HKLM\Software\SSPrint]

[HKLM\Software\SSScan]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Samsung Electronics Co., Ltd.]

[HKLM\Software\Samsung Printers]

[HKLM\Software\Samsung]

[HKLM\Software\Skype]

[HKLM\Software\SonicFocus]

[HKLM\Software\SuppHelpDir]

[HKLM\Software\Symantec]

[HKLM\Software\WOW6432Node]

[HKLM\Software\Waves Audio]

[HKLM\Software\Xing Technology Corp.]

[HKLM\Software\mozilla.org]

~ Scan Softwares in 00mn 02s

---\\ Contents of the Common Files folders (O43)

O43 - CFD: 15/05/2012 - 12:02:11 - [195,732] ----D C:\Program Files\Adobe

O43 - CFD: 28/11/2011 - 23:24:02 - [1,863] ----D C:\Program Files\AMD APP

O43 - CFD: 10/01/2012 - 22:50:55 - [0,034] ----D C:\Program Files\Atheros

O43 - CFD: 28/11/2011 - 23:22:28 - [16,799] ----D C:\Program Files\ATI

O43 - CFD: 28/11/2011 - 23:23:51 - [62,235] ----D C:\Program Files\ATI Technologies

O43 - CFD: 28/11/2011 - 23:27:39 - [11,073] ----D C:\Program Files\Broadcom

O43 - CFD: 02/10/2012 - 02:34:50 - [216,820] ----D C:\Program Files\Common Files

O43 - CFD: 15/05/2012 - 12:05:01 - [1083,925] ----D C:\Program Files\CyberLink

O43 - CFD: 31/07/2012 - 13:38:04 - [3,997] ----D C:\Program Files\DVD Maker

O43 - CFD: 10/09/2012 - 18:10:17 - [83,403] ----D C:\Program Files\Elantech

O43 - CFD: 15/05/2012 - 12:06:57 - [134,307] --H-D C:\Program Files\InstallShield Installation Information

O43 - CFD: 26/09/2012 - 13:27:31 - [5,150] ----D C:\Program Files\Internet Explorer

O43 - CFD: 11/10/2012 - 21:26:32 - [12,637] ----D C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 11/10/2012 - 21:20:41 - [0] ----D C:\Program Files\Microsoft

O43 - CFD: 29/06/2012 - 03:06:25 - [10,731] ----D C:\Program Files\Microsoft Application Virtualization Client

O43 - CFD: 14/07/2009 - 01:52:30 - [44,793] ----D C:\Program Files\Microsoft Games

O43 - CFD: 28/06/2012 - 10:13:01 - [40,203] ----D C:\Program Files\Microsoft Office

O43 - CFD: 28/05/2012 - 00:59:57 - [36,641] ----D C:\Program Files\Microsoft Silverlight

O43 - CFD: 29/11/2011 - 00:36:47 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 23/05/2012 - 05:52:31 - [0,015] ----D C:\Program Files\Microsoft.NET

O43 - CFD: 09/09/2012 - 23:25:50 - [38,599] ----D C:\Program Files\Mozilla Firefox

O43 - CFD: 10/09/2012 - 01:37:46 - [0,211] ----D C:\Program Files\Mozilla Maintenance Service

O43 - CFD: 05/06/2012 - 16:25:50 - [0,441] ----D C:\Program Files\mp3DirectCut

O43 - CFD: 14/07/2009 - 01:52:30 - [0,025] ----D C:\Program Files\MSBuild

O43 - CFD: 09/08/2012 - 11:51:21 - [63,476] ----D C:\Program Files\MSECache

O43 - CFD: 29/11/2011 - 00:01:40 - [218,199] ----D C:\Program Files\Norton Internet Security

O43 - CFD: 29/11/2011 - 00:00:46 - [27,467] ----D C:\Program Files\NortonInstaller

O43 - CFD: 13/10/2012 - 16:15:41 - [79,265] ----D C:\Program Files\PSafe

O43 - CFD: 28/05/2012 - 02:24:14 - [94,855] ----D C:\Program Files\Real

O43 - CFD: 11/01/2012 - 21:11:19 - [21,633] ----D C:\Program Files\Realtek

O43 - CFD: 14/07/2009 - 01:52:30 - [37,262] ----D C:\Program Files\Reference Assemblies

O43 - CFD: 28/11/2011 - 23:59:07 - [976,883] ----D C:\Program Files\Samsung

O43 - CFD: 28/11/2011 - 23:54:53 - [14,041] ----D C:\Program Files\Samsung AnyWeb Print

O43 - CFD: 28/11/2011 - 23:55:28 - [1,863] ----D C:\Program Files\SamsungPrinterLiveUpdate

O43 - CFD: 28/11/2011 - 23:55:28 - [1,747] ----D C:\Program Files\SamsungPrinterLiveUpdateInstaller

O43 - CFD: 08/09/2012 - 03:08:27 - [16,855] R---D C:\Program Files\Skype

O43 - CFD: 12/10/2012 - 19:18:48 - [1,100] ----D C:\Program Files\Spybot - Search & Destroy

O43 - CFD: 17/05/2012 - 04:34:21 - [4,976] ----D C:\Program Files\Symantec

O43 - CFD: 28/11/2011 - 23:24:55 - [0] --H-D C:\Program Files\Temp

O43 - CFD: 14/07/2009 - 01:53:23 - [0] --H-D C:\Program Files\Uninstall Information

O43 - CFD: 31/07/2012 - 13:38:04 - [2,897] ----D C:\Program Files\Windows Defender

O43 - CFD: 29/05/2012 - 18:15:55 - [563,225] ----D C:\Program Files\Windows Live

O43 - CFD: 31/07/2012 - 13:38:05 - [5,870] ----D C:\Program Files\Windows Mail

O43 - CFD: 31/07/2012 - 13:38:04 - [6,286] ----D C:\Program Files\Windows Media Player

O43 - CFD: 14/07/2009 - 01:52:30 - [11,630] ----D C:\Program Files\Windows NT

O43 - CFD: 31/07/2012 - 13:38:04 - [4,210] ----D C:\Program Files\Windows Photo Viewer

O43 - CFD: 20/11/2010 - 18:33:48 - [0,181] ----D C:\Program Files\Windows Portable Devices

O43 - CFD: 31/07/2012 - 13:38:05 - [10,506] ----D C:\Program Files\Windows Sidebar

O43 - CFD: 02/10/2012 - 02:36:59 - [80,692] ----D C:\Program Files\WinZip

O43 - CFD: 13/10/2012 - 16:15:23 - [10,681] ----D C:\Program Files\ZHPDiag

O43 - CFD: 15/05/2012 - 12:02:18 - [3,636] ----D C:\Program Files\Common Files\Adobe

O43 - CFD: 12/10/2012 - 19:20:08 - [0,689] ----D C:\Program Files\Common Files\AVG Secure Search

O43 - CFD: 28/11/2011 - 23:31:12 - [0] ----D C:\Program Files\Common Files\CyberLink

O43 - CFD: 28/06/2012 - 10:13:08 - [0,095] ----D C:\Program Files\Common Files\DESIGNER

O43 - CFD: 28/11/2011 - 23:24:06 - [5,114] ----D C:\Program Files\Common Files\InstallShield

O43 - CFD: 26/07/2012 - 12:54:45 - [150,286] ----D C:\Program Files\Common Files\microsoft shared

O43 - CFD: 28/11/2011 - 23:53:35 - [4,403] ----D C:\Program Files\Common Files\Samsung

O43 - CFD: 13/07/2009 - 23:37:05 - [0,003] ----D C:\Program Files\Common Files\Services

O43 - CFD: 08/09/2012 - 03:08:27 - [2,056] ----D C:\Program Files\Common Files\Skype

O43 - CFD: 13/07/2009 - 23:37:05 - [39,200] ----D C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 19/05/2012 - 13:48:54 - [1,255] ----D C:\Program Files\Common Files\Symantec Shared

O43 - CFD: 31/07/2012 - 13:38:04 - [9,748] ----D C:\Program Files\Common Files\System

O43 - CFD: 29/11/2011 - 00:27:03 - [0] ----D C:\Program Files\Common Files\Windows Live

O43 - CFD: 28/05/2012 - 02:24:10 - [0,336] ----D C:\Program Files\Common Files\xing shared

O43 - CFD: 15/05/2012 - 12:02:27 - [0,001] ----D C:\ProgramData\Adobe

O43 - CFD: 14/07/2009 - 01:53:55 - [0] --H-D C:\ProgramData\Application Data

O43 - CFD: 28/11/2011 - 23:26:55 - [0,018] ----D C:\ProgramData\Atheros

O43 - CFD: 29/11/2011 - 01:01:45 - [0,000] ----D C:\ProgramData\ATI

O43 - CFD: 24/09/2012 - 02:55:43 - [0,050] ----D C:\ProgramData\CyberLink

O43 - CFD: 14/07/2009 - 01:53:55 - [0] --H-D C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 01:53:55 - [0] --H-D C:\ProgramData\Documents

O43 - CFD: 14/07/2009 - 01:53:55 - [0] --H-D C:\ProgramData\Favorites

O43 - CFD: 11/10/2012 - 21:26:02 - [7,914] ----D C:\ProgramData\Malwarebytes

O43 - CFD: 11/10/2012 - 21:20:41 - [1940,395] -S--D C:\ProgramData\Microsoft

O43 - CFD: 25/08/2012 - 03:48:54 - [0,048] ----D C:\ProgramData\Microsoft Help

O43 - CFD: 15/05/2012 - 13:41:44 - [0,010] ----D C:\ProgramData\Mozilla

O43 - CFD: 16/05/2012 - 01:47:54 - [482,650] ----D C:\ProgramData\Norton

O43 - CFD: 29/11/2011 - 00:00:46 - [0,953] ----D C:\ProgramData\NortonInstaller

O43 - CFD: 12/10/2012 - 19:18:46 - [119,183] ----D C:\ProgramData\PSafe

O43 - CFD: 28/05/2012 - 02:25:22 - [1,579] ----D C:\ProgramData\Real

O43 - CFD: 29/11/2011 - 00:57:39 - [0,514] ----D C:\ProgramData\SAMSUNG

O43 - CFD: 08/09/2012 - 03:08:21 - [37,892] ----D C:\ProgramData\Skype

O43 - CFD: 12/10/2012 - 19:18:47 - [18,766] ----D C:\ProgramData\Spybot - Search & Destroy

O43 - CFD: 14/07/2009 - 01:53:55 - [0] --H-D C:\ProgramData\Start Menu

O43 - CFD: 29/11/2011 - 00:00:38 - [0,032] ----D C:\ProgramData\Symantec

O43 - CFD: 15/05/2012 - 12:03:33 - [0,293] ----D C:\ProgramData\Temp

O43 - CFD: 14/07/2009 - 01:53:55 - [0] --H-D C:\ProgramData\Templates

O43 - CFD: 12/10/2012 - 03:41:14 - [0] ----D C:\ProgramData\VirtualizedApplications

O43 - CFD: 30/05/2012 - 04:22:01 - [15,328] ----D C:\ProgramData\WinClon

O43 - CFD: 02/10/2012 - 02:40:51 - [2,302] ----D C:\ProgramData\WinZip

O43 - CFD: 28/05/2012 - 01:02:37 - [5,471] ----D C:\Users\Felipe\AppData\Roaming\Adobe

O43 - CFD: 15/05/2012 - 12:12:10 - [0] ----D C:\Users\Felipe\AppData\Roaming\ATI

O43 - CFD: 19/09/2012 - 15:57:23 - [0] ----D C:\Users\Felipe\AppData\Roaming\CyberLink

O43 - CFD: 15/05/2012 - 12:10:37 - [0] ----D C:\Users\Felipe\AppData\Roaming\Identities

O43 - CFD: 15/05/2012 - 12:22:39 - [0,023] ----D C:\Users\Felipe\AppData\Roaming\Macromedia

O43 - CFD: 11/10/2012 - 21:27:09 - [1,034] ----D C:\Users\Felipe\AppData\Roaming\Malwarebytes

O43 - CFD: 28/05/2012 - 01:09:46 - [0,000] ----D C:\Users\Felipe\AppData\Roaming\Media Player Classic

O43 - CFD: 25/08/2012 - 03:48:54 - [20,710] -S--D C:\Users\Felipe\AppData\Roaming\Microsoft

O43 - CFD: 15/05/2012 - 13:44:44 - [25,616] ----D C:\Users\Felipe\AppData\Roaming\Mozilla

O43 - CFD: 05/06/2012 - 16:28:57 - [0,002] ----D C:\Users\Felipe\AppData\Roaming\mp3DirectCut

O43 - CFD: 29/05/2012 - 01:12:47 - [1,911] ----D C:\Users\Felipe\AppData\Roaming\Real

O43 - CFD: 21/09/2012 - 13:36:49 - [4,410] ----D C:\Users\Felipe\AppData\Roaming\SoftGrid Client

O43 - CFD: 28/06/2012 - 10:17:59 - [0] ----D C:\Users\Felipe\AppData\Roaming\TP

O43 - CFD: 28/06/2012 - 10:48:58 - [40,954] ----D C:\Users\Felipe\AppData\Local\Adobe

O43 - CFD: 15/05/2012 - 12:12:10 - [0,064] ----D C:\Users\Felipe\AppData\Local\ATI

O43 - CFD: 24/09/2012 - 13:02:12 - [14,815] ----D C:\Users\Felipe\AppData\Local\CrashDumps

O43 - CFD: 24/05/2012 - 01:54:24 - [0,004] ----D C:\Users\Felipe\AppData\Local\CyberLink

O43 - CFD: 15/05/2012 - 11:55:36 - [0] ----D C:\Users\Felipe\AppData\Local\Dados de aplicativos

O43 - CFD: 16/08/2012 - 13:31:11 - [2,347] ----D C:\Users\Felipe\AppData\Local\Diagnostics

O43 - CFD: 15/05/2012 - 11:55:36 - [0] ----D C:\Users\Felipe\AppData\Local\Histórico

O43 - CFD: 25/06/2012 - 16:06:16 - [0] ----D C:\Users\Felipe\AppData\Local\Macromedia

O43 - CFD: 08/08/2012 - 00:49:00 - [991,442] ----D C:\Users\Felipe\AppData\Local\Microsoft

O43 - CFD: 27/08/2012 - 02:13:51 - [0,333] ----D C:\Users\Felipe\AppData\Local\Microsoft Games

O43 - CFD: 25/08/2012 - 03:48:53 - [0] ----D C:\Users\Felipe\AppData\Local\Microsoft Help

O43 - CFD: 15/05/2012 - 13:41:57 - [236,175] ----D C:\Users\Felipe\AppData\Local\Mozilla

O43 - CFD: 15/05/2012 - 12:11:12 - [0,039] ----D C:\Users\Felipe\AppData\Local\Power2Go

O43 - CFD: 28/06/2012 - 10:17:33 - [4,180] ----D C:\Users\Felipe\AppData\Local\SoftGrid Client

O43 - CFD: 13/10/2012 - 16:14:43 - [2,313] ----D C:\Users\Felipe\AppData\Local\Temp

O43 - CFD: 15/05/2012 - 11:55:36 - [0] ----D C:\Users\Felipe\AppData\Local\Temporary Internet Files

O43 - CFD: 12/10/2012 - 12:24:10 - [0,001] ----D C:\Users\Felipe\AppData\Local\VirtualStore

O43 - CFD: 08/08/2012 - 00:48:59 - [0,059] ----D C:\Users\Felipe\AppData\Local\Windows Live

O43 - CFD: 02/10/2012 - 02:40:59 - [0,509] ----D C:\Users\Felipe\AppData\Local\WinZip

O43 - CFD: 24/07/2012 - 00:37:21 - [0] ----D C:\Users\Felipe\AppData\Local\{00C7A150-4C66-49B4-A178-CA875B75F57C}

O43 - CFD: 10/09/2012 - 18:07:28 - [0] ----D C:\Users\Felipe\AppData\Local\{04E376A4-F3CD-4F9D-89CA-01126F6F8E1E}

O43 - CFD: 08/07/2012 - 15:08:21 - [0] ----D C:\Users\Felipe\AppData\Local\{059A493B-5FCF-4731-BB8F-F3C5E6B5EDB5}

O43 - CFD: 21/06/2012 - 02:10:16 - [0] ----D C:\Users\Felipe\AppData\Local\{0843266F-F918-4546-A7FC-B0F25EF3B800}

O43 - CFD: 17/08/2012 - 00:48:14 - [0] ----D C:\Users\Felipe\AppData\Local\{08BEA492-EECC-4956-8EC5-8FF6CC17795D}

O43 - CFD: 26/09/2012 - 13:33:11 - [0] ----D C:\Users\Felipe\AppData\Local\{08D6EAD7-01CE-4156-8A39-3EE21E243288}

O43 - CFD: 04/09/2012 - 13:24:43 - [0] ----D C:\Users\Felipe\AppData\Local\{0D8D0B0E-784B-48AF-8BDC-293328CE13DC}

O43 - CFD: 28/05/2012 - 01:01:43 - [0] ----D C:\Users\Felipe\AppData\Local\{1694F733-0137-4E9F-A7FB-090A044F5E27}

O43 - CFD: 12/07/2012 - 15:46:43 - [0] ----D C:\Users\Felipe\AppData\Local\{176EA66F-1E31-4E8C-9FF6-98A9316962AC}

O43 - CFD: 30/05/2012 - 17:15:45 - [0] ----D C:\Users\Felipe\AppData\Local\{18674B3A-B5C1-473E-9106-A804823E2BF0}

O43 - CFD: 08/09/2012 - 15:55:22 - [0] ----D C:\Users\Felipe\AppData\Local\{19DC977F-9254-4EF9-8481-76AB9681B79E}

O43 - CFD: 10/10/2012 - 03:44:57 - [0] ----D C:\Users\Felipe\AppData\Local\{19EBB1B1-3724-4C91-97B3-DAA8015304B6}

O43 - CFD: 11/07/2012 - 03:32:18 - [0] ----D C:\Users\Felipe\AppData\Local\{1E43ECD1-FBE7-484C-B55A-AE635EC2B2A6}

O43 - CFD: 19/09/2012 - 10:34:48 - [0] ----D C:\Users\Felipe\AppData\Local\{1ED97990-2FAA-4D64-8055-6A8E7D834A07}

O43 - CFD: 05/08/2012 - 19:42:21 - [0] ----D C:\Users\Felipe\AppData\Local\{1F220DA4-448C-4F9E-9901-BABF000520C1}

O43 - CFD: 24/08/2012 - 00:53:41 - [0] ----D C:\Users\Felipe\AppData\Local\{233D6660-C831-4DDE-BEAD-0636BE8BDBFC}

O43 - CFD: 08/08/2012 - 15:25:46 - [0] ----D C:\Users\Felipe\AppData\Local\{2677EDA9-6402-46AB-A410-0E6F19DF5D5F}

O43 - CFD: 21/09/2012 - 09:24:16 - [0] ----D C:\Users\Felipe\AppData\Local\{2AC3048D-F848-4724-9A74-E6F228532D8B}

O43 - CFD: 21/06/2012 - 02:10:31 - [0] ----D C:\Users\Felipe\AppData\Local\{2CEC0D66-CC09-44CC-ADD2-1B4348DF75C6}

O43 - CFD: 27/06/2012 - 01:23:45 - [0] ----D C:\Users\Felipe\AppData\Local\{2E2850D8-A945-4E8F-AF8F-40ED80B84FF7}

O43 - CFD: 04/06/2012 - 06:09:16 - [0] ----D C:\Users\Felipe\AppData\Local\{2F2337DA-5B53-455C-BA6B-EE14E980EA1A}

O43 - CFD: 19/09/2012 - 08:43:12 - [0] ----D C:\Users\Felipe\AppData\Local\{33DA7667-DA89-4955-92BA-F65526F4CFFA}

O43 - CFD: 21/09/2012 - 12:06:15 - [0] ----D C:\Users\Felipe\AppData\Local\{3423A40F-2718-4F3B-BE79-E6527B78131D}

O43 - CFD: 17/08/2012 - 00:48:53 - [0] ----D C:\Users\Felipe\AppData\Local\{37CCF37C-A61F-47E8-9399-CBDF28E4D55B}

O43 - CFD: 05/09/2012 - 01:54:12 - [0] ----D C:\Users\Felipe\AppData\Local\{383F4C03-D56A-44E5-B6A3-16A9DF106BE1}

O43 - CFD: 02/09/2012 - 20:49:10 - [0] ----D C:\Users\Felipe\AppData\Local\{3AB7D9A0-186C-4196-ACA4-CCC4904A25B2}

O43 - CFD: 28/08/2012 - 01:14:42 - [0] ----D C:\Users\Felipe\AppData\Local\{43784655-3154-4A02-A3F0-1894B6214EB2}

O43 - CFD: 14/08/2012 - 00:26:02 - [0] ----D C:\Users\Felipe\AppData\Local\{46712FA3-E5D0-4E21-A393-C6C8C61B92A9}

O43 - CFD: 02/09/2012 - 21:18:18 - [0] ----D C:\Users\Felipe\AppData\Local\{47E8C52C-4618-45EA-ABB2-CB622B3C3814}

O43 - CFD: 14/08/2012 - 23:41:30 - [0] ----D C:\Users\Felipe\AppData\Local\{480E780C-16D6-4DA0-938A-50B3CF1C0767}

O43 - CFD: 02/09/2012 - 15:45:26 - [0] ----D C:\Users\Felipe\AppData\Local\{49B2FFA9-700B-4463-9A26-C970C4732D81}

O43 - CFD: 11/06/2012 - 11:35:35 - [0] ----D C:\Users\Felipe\AppData\Local\{4D6495C7-638C-4896-BF95-0C1812A08E24}

O43 - CFD: 14/09/2012 - 01:58:47 - [0] ----D C:\Users\Felipe\AppData\Local\{4E5E72A6-13AC-4E36-9FE6-AE91820DE641}

O43 - CFD: 25/09/2012 - 01:31:25 - [0] ----D C:\Users\Felipe\AppData\Local\{4F2B6DD6-18B2-4EA9-97E9-5DE90674AF28}

O43 - CFD: 29/06/2012 - 12:28:16 - [0] ----D C:\Users\Felipe\AppData\Local\{5063661E-E29D-4A98-89AC-5EB31961E29F}

O43 - CFD: 05/09/2012 - 03:22:30 - [0] ----D C:\Users\Felipe\AppData\Local\{52332664-1E4D-49E4-BA93-12E4F03BB441}

O43 - CFD: 29/06/2012 - 12:28:33 - [0] ----D C:\Users\Felipe\AppData\Local\{52410E9D-13F2-41FF-88BC-4A3FD0DD7BE7}

O43 - CFD: 15/07/2012 - 04:18:39 - [0] ----D C:\Users\Felipe\AppData\Local\{52680A7E-34D9-4682-B6DC-5BC9B5CBFA0D}

O43 - CFD: 25/06/2012 - 14:54:43 - [0] ----D C:\Users\Felipe\AppData\Local\{5778A5E9-1FB7-44FD-82CD-BA61B1AD88FD}

O43 - CFD: 21/08/2012 - 02:48:36 - [0] ----D C:\Users\Felipe\AppData\Local\{5A0616C9-8CB4-4B87-9839-E629FD9674AE}

O43 - CFD: 15/08/2012 - 14:53:08 - [0] ----D C:\Users\Felipe\AppData\Local\{5C0C4E50-56FF-4D0D-8D60-EA5FB731D1DB}

O43 - CFD: 09/08/2012 - 01:53:14 - [0] ----D C:\Users\Felipe\AppData\Local\{5C993186-92E2-4B9F-94C4-8FAFC0D3DA3D}

O43 - CFD: 13/08/2012 - 00:27:55 - [0] ----D C:\Users\Felipe\AppData\Local\{5F42EF2E-387F-4014-A0E1-5467FD0E5832}

O43 - CFD: 28/05/2012 - 17:07:37 - [0] ----D C:\Users\Felipe\AppData\Local\{61AB8A19-8229-4AF6-8827-CBF5FCFD8CC1}

O43 - CFD: 19/09/2012 - 14:08:30 - [0] ----D C:\Users\Felipe\AppData\Local\{643944DD-8E26-4B5B-B3D5-AF6027ED4226}

O43 - CFD: 24/05/2012 - 03:49:39 - [0] ----D C:\Users\Felipe\AppData\Local\{65450CAF-8264-49C3-97AF-6B0CAC9573C8}

O43 - CFD: 09/09/2012 - 21:36:10 - [0] ----D C:\Users\Felipe\AppData\Local\{66D6FDF9-1F77-46C9-9933-6E513E067163}

O43 - CFD: 20/09/2012 - 12:03:22 - [0] ----D C:\Users\Felipe\AppData\Local\{68122AA7-3A71-4E03-92E1-E3503BA01923}

O43 - CFD: 23/08/2012 - 01:15:56 - [0] ----D C:\Users\Felipe\AppData\Local\{69DE40BC-4172-40E6-B955-DC5F9CBA9CF1}

O43 - CFD: 23/09/2012 - 19:04:17 - [0] ----D C:\Users\Felipe\AppData\Local\{6A4BFAFB-CCED-42BB-BAA2-188DAEAB8614}

O43 - CFD: 19/09/2012 - 11:01:55 - [0] ----D C:\Users\Felipe\AppData\Local\{6BE1F2A6-8201-D72B-D6F7-BC17B6507E05}

O43 - CFD: 11/07/2012 - 03:32:31 - [0] ----D C:\Users\Felipe\AppData\Local\{6EA736C4-B22E-49A3-A237-1602506BE914}

O43 - CFD: 12/07/2012 - 15:46:56 - [0] ----D C:\Users\Felipe\AppData\Local\{7039366A-9D56-49A8-9943-B10CCB11CA89}

O43 - CFD: 30/07/2012 - 05:58:20 - [0] ----D C:\Users\Felipe\AppData\Local\{71308773-DE41-4200-A823-85D98A77AA61}

O43 - CFD: 24/05/2012 - 03:44:57 - [0] ----D C:\Users\Felipe\AppData\Local\{722C12CA-52C9-4C4E-8ABC-F596348FBEE8}

O43 - CFD: 11/06/2012 - 11:35:25 - [0] ----D C:\Users\Felipe\AppData\Local\{75371BB8-004A-4F40-85DA-1A89FF373EC6}

O43 - CFD: 03/06/2012 - 06:33:41 - [0] ----D C:\Users\Felipe\AppData\Local\{756C8B6F-1240-429F-898B-31C4E4EF249B}

O43 - CFD: 02/10/2012 - 14:42:09 - [0] ----D C:\Users\Felipe\AppData\Local\{78CA1A25-44EB-4A03-B27E-70FBB7E49328}

O43 - CFD: 27/06/2012 - 01:23:57 - [0] ----D C:\Users\Felipe\AppData\Local\{7B0B8C4E-EF58-45CE-B34E-282569C30A85}

O43 - CFD: 17/06/2012 - 12:03:56 - [0] ----D C:\Users\Felipe\AppData\Local\{7C570C0A-D4FB-45F2-B3B2-E747BBD54AB2}

O43 - CFD: 30/07/2012 - 05:58:04 - [0] ----D C:\Users\Felipe\AppData\Local\{7E2AA3C2-651E-432C-8F70-E49FF6E8110C}

O43 - CFD: 03/06/2012 - 06:33:55 - [0] ----D C:\Users\Felipe\AppData\Local\{7FCDC886-AC31-4F84-B1DB-E32D54C7BF7B}

O43 - CFD: 15/07/2012 - 04:18:23 - [0] ----D C:\Users\Felipe\AppData\Local\{8157B3DA-AF36-459B-83C0-E09C9B68C97C}

O43 - CFD: 15/08/2012 - 14:52:55 - [0] ----D C:\Users\Felipe\AppData\Local\{83897122-FCA2-479E-922D-787A245C3353}

O43 - CFD: 18/08/2012 - 05:10:50 - [0] ----D C:\Users\Felipe\AppData\Local\{849A387C-E8B7-44FF-B272-8E9F59B52D88}

O43 - CFD: 23/08/2012 - 19:06:06 - [0] ----D C:\Users\Felipe\AppData\Local\{84FF8B33-3216-40E8-AC95-AB1218145C85}

O43 - CFD: 08/08/2012 - 00:33:58 - [0] ----D C:\Users\Felipe\AppData\Local\{85F13519-3775-4BF8-AA75-F8043DF96F2F}

O43 - CFD: 01/09/2012 - 17:58:53 - [0] ----D C:\Users\Felipe\AppData\Local\{89103F85-7F9E-4C31-91A2-BCF2598C96DE}

O43 - CFD: 08/08/2012 - 00:33:35 - [0] ----D C:\Users\Felipe\AppData\Local\{8DAB692A-F236-4939-81BD-24DBB20D232A}

O43 - CFD: 11/06/2012 - 11:35:21 - [0] ----D C:\Users\Felipe\AppData\Local\{90930773-6C33-456C-B514-ED50BBF4991F}

O43 - CFD: 26/08/2012 - 18:49:55 - [0] ----D C:\Users\Felipe\AppData\Local\{976522FD-EEF2-4F2E-8957-5E869AE1873F}

O43 - CFD: 02/07/2012 - 16:13:43 - [0] ----D C:\Users\Felipe\AppData\Local\{9D498844-DAED-4D73-9616-C0EF277E1B79}

O43 - CFD: 02/07/2012 - 13:31:33 - [0] ----D C:\Users\Felipe\AppData\Local\{9E8CE6C4-B961-463B-8848-A733DBCD700A}

O43 - CFD: 14/06/2012 - 05:44:10 - [0] ----D C:\Users\Felipe\AppData\Local\{9FF308A7-17C6-4DE1-B0BD-E78342AD8775}

O43 - CFD: 16/09/2012 - 23:47:40 - [0] ----D C:\Users\Felipe\AppData\Local\{A0488B55-3ED9-4018-93D2-659AF7A50829}

O43 - CFD: 27/06/2012 - 10:11:07 - [0] ----D C:\Users\Felipe\AppData\Local\{A1A24A19-EF0D-4F96-BF49-6CC34CB485BB}

O43 - CFD: 11/10/2012 - 03:42:27 - [0] ----D C:\Users\Felipe\AppData\Local\{A202A4E0-5498-4C2C-81F4-2A7EA15987B2}

O43 - CFD: 17/06/2012 - 12:03:43 - [0] ----D C:\Users\Felipe\AppData\Local\{A20C17AC-F6EA-4F73-B8ED-285F6EA7C4AB}

O43 - CFD: 27/09/2012 - 20:48:16 - [0] ----D C:\Users\Felipe\AppData\Local\{A3AB9BF3-6979-4651-AC9E-04D99E9C9B56}

O43 - CFD: 25/06/2012 - 14:54:55 - [0] ----D C:\Users\Felipe\AppData\Local\{A4E94706-DDD3-4B7E-9B75-A61B6459E1E1}

O43 - CFD: 18/08/2012 - 05:11:06 - [0] ----D C:\Users\Felipe\AppData\Local\{A5A9EFBC-1B74-451E-8086-E3795AB2DB4A}

O43 - CFD: 28/08/2012 - 13:21:44 - [0] ----D C:\Users\Felipe\AppData\Local\{A7AF7706-E5D9-44C4-87B8-F14357018DB7}

O43 - CFD: 09/08/2012 - 01:52:14 - [0] ----D C:\Users\Felipe\AppData\Local\{AB5D289E-DDBB-4274-AB11-B9394103C33B}

O43 - CFD: 05/08/2012 - 19:42:36 - [0] ----D C:\Users\Felipe\AppData\Local\{AD98C609-03A6-4F4F-ABD2-5A2727A3D016}

O43 - CFD: 16/06/2012 - 14:12:32 - [0] ----D C:\Users\Felipe\AppData\Local\{B1EF2D7B-AD61-43F4-992C-95FF4AF08268}

O43 - CFD: 14/08/2012 - 00:25:49 - [0] ----D C:\Users\Felipe\AppData\Local\{B2F5DF2B-09E7-44C0-8012-4EE670EB4242}

O43 - CFD: 29/09/2012 - 02:05:35 - [0] ----D C:\Users\Felipe\AppData\Local\{B9B9A288-88CA-430A-88FD-441C9A339E49}

O43 - CFD: 03/09/2012 - 16:54:18 - [0] ----D C:\Users\Felipe\AppData\Local\{BBD064E2-090E-4FFD-AB03-CEC2B77D950F}

O43 - CFD: 29/05/2012 - 16:59:15 - [0] ----D C:\Users\Felipe\AppData\Local\{C17393C7-6D10-4A22-A314-1EDC18D9D76C}

O43 - CFD: 21/09/2012 - 08:22:28 - [0] ----D C:\Users\Felipe\AppData\Local\{CDC5F534-B710-4E69-B132-2C8B2D1BDA23}

O43 - CFD: 29/05/2012 - 16:58:46 - [0] ----D C:\Users\Felipe\AppData\Local\{CDF88C89-465D-4EE2-8EC7-9C1FEC145CAE}

O43 - CFD: 13/06/2012 - 18:23:08 - [0] ----D C:\Users\Felipe\AppData\Local\{CFA4A5AB-3DBE-45C9-A712-683794C36D16}

O43 - CFD: 07/09/2012 - 23:25:22 - [0] ----D C:\Users\Felipe\AppData\Local\{D2BD9C0F-8A85-4E2F-B2C2-C9A0036E080F}

O43 - CFD: 08/07/2012 - 15:08:42 - [0] ----D C:\Users\Felipe\AppData\Local\{D5423160-3F9C-41B1-BF20-EC92FE9E4F0C}

O43 - CFD: 21/06/2012 - 01:18:50 - [0] ----D C:\Users\Felipe\AppData\Local\{D609C6F4-93A6-4F81-A482-8471E5624D5B}

O43 - CFD: 02/07/2012 - 16:13:55 - [0] ----D C:\Users\Felipe\AppData\Local\{D6A5A9EB-9B9F-4A77-85AE-E7E75E8346A7}

O43 - CFD: 30/08/2012 - 23:59:20 - [0] ----D C:\Users\Felipe\AppData\Local\{DA461C32-EFCB-4674-B4F4-EA92C73C30C0}

O43 - CFD: 27/06/2012 - 10:11:36 - [0] ----D C:\Users\Felipe\AppData\Local\{E131EEB8-2A66-4F97-A4DA-378DBE862AD7}

O43 - CFD: 30/05/2012 - 17:15:30 - [0] ----D C:\Users\Felipe\AppData\Local\{E3712F58-312D-4008-BE46-86FC2C539956}

O43 - CFD: 16/06/2012 - 14:12:09 - [0] ----D C:\Users\Felipe\AppData\Local\{EA313D50-53FD-41CC-A70A-F34A3C27552B}

O43 - CFD: 05/07/2012 - 01:44:35 - [0] ----D C:\Users\Felipe\AppData\Local\{EAA7B4DF-04DC-438F-97B1-1DAFF46C0E87}

O43 - CFD: 24/07/2012 - 00:37:38 - [0] ----D C:\Users\Felipe\AppData\Local\{EBE8EE06-8B3C-4D82-AA61-A2B28F0A329D}

O43 - CFD: 25/08/2012 - 01:34:19 - [0] ----D C:\Users\Felipe\AppData\Local\{ED9DB170-DE36-452D-A915-6DBCD9B61A98}

O43 - CFD: 05/07/2012 - 01:44:52 - [0] ----D C:\Users\Felipe\AppData\Local\{EE2D2CAB-9CBD-402B-A050-03EB1C5E3576}

O43 - CFD: 22/08/2012 - 03:06:53 - [0] ----D C:\Users\Felipe\AppData\Local\{EE81A42D-83FC-435D-9264-5DAAB1AD4DB9}

O43 - CFD: 14/06/2012 - 05:43:57 - [0] ----D C:\Users\Felipe\AppData\Local\{EF83F2F2-4CA4-4875-8CAA-176A13CA13B4}

O43 - CFD: 21/06/2012 - 01:19:03 - [0] ----D C:\Users\Felipe\AppData\Local\{F2FCB83B-7FC9-4943-8942-A06EA7AEFA78}

O43 - CFD: 09/09/2012 - 09:34:34 - [0] ----D C:\Users\Felipe\AppData\Local\{F3F4049D-B937-439D-B537-5B77A17CCBFA}

O43 - CFD: 16/08/2012 - 13:30:05 - [0] ----D C:\Users\Felipe\AppData\Local\{F674AD2A-EF06-458E-96EA-9E5E10701D98}

O43 - CFD: 01/09/2012 - 05:36:44 - [0] ----D C:\Users\Felipe\AppData\Local\{F870FEFA-45B0-4F30-B39D-D89ECEF6EF9A}

O43 - CFD: 02/07/2012 - 13:31:19 - [0] ----D C:\Users\Felipe\AppData\Local\{FA67D0B9-4F22-41BD-BCF1-461FED2162AA}

O43 - CFD: 18/09/2012 - 01:09:40 - [0] ----D C:\Users\Felipe\AppData\Local\{FDA0F2A9-0FAE-48F9-9B03-35D9705B4242}

O43 - CFD: 01/10/2012 - 21:28:02 - [0] ----D C:\Users\Felipe\AppData\Local\{FF9B2047-EC21-4B0F-8E98-50B2B2816B0B}

O43 - CFD: 14/07/2009 - 01:42:04 - [0,014] R---D C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

O43 - CFD: 11/07/2012 - 03:31:34 - [0,000] R---D C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

O43 - CFD: 14/07/2009 - 01:37:42 - [0,001] R---D C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

O43 - CFD: 11/07/2012 - 03:31:34 - [0,000] R---D C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

~ Scan Program Folder in 00mn 05s

---\\ Last modified or created files under Windows and System32 (O44)

O44 - LFC:[MD5.F794B99DFB229BF01CCA6EEC39C4CA85] - 13/10/2012 - 16:13:44 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.6AE5B104116C5F5ED6D01B4BDBD75126] - 13/10/2012 - 16:10:13 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1492890]

O44 - LFC:[MD5.661A2D1DD55DE66FEFE68C5EAC9321FD] - 13/10/2012 - 15:58:55 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.7BF4EA8E6C5EC033406251590FD9E106] - 12/10/2012 - 19:21:50 ---A- . (...) -- C:\Windows\setupact.log [59009]

O44 - LFC:[MD5.F7AD8ECB97386ACB323E104AB27A8F54] - 12/10/2012 - 19:20:25 ---A- . (...) -- C:\AdwCleaner[s1].txt [25697]

O44 - LFC:[MD5.5009690834EA11A7C9344673B9F6DE62] - 12/10/2012 - 03:22:48 ---A- . (...) -- C:\Windows\PFRO.log [26972]

O44 - LFC:[MD5.3B0A4A1C31648B212D12420B8FFB29CD] - 12/10/2012 - 02:52:19 ---A- . (...) -- C:\Windows\MEMORY.DMP [204209719]

O44 - LFC:[MD5.222AA0E4CDA8AA2323BCD68783D9B973] - 11/10/2012 - 23:19:31 ---A- . (...) -- C:\Windows\wininit.ini [6282]

O44 - LFC:[MD5.73C8565674905BD22B844F492D0DAB94] - 11/10/2012 - 22:34:52 ---A- . (...) -- C:\Windows\ntbtlog.txt [603082]

O44 - LFC:[MD5.65E794E86468B61F2BC79ABC48BC4433] - 11/10/2012 - 21:24:10 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [22856]

O44 - LFC:[MD5.0E10FC1911D6A138C513BC05FF60BEF4] - 09/10/2012 - 04:54:06 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe [696760]

O44 - LFC:[MD5.81D851DB12CD7AB54F0BF352036D7721] - 09/10/2012 - 04:54:05 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [73656]

O44 - LFC:[MD5.3001E24F340D400BFF85935E5777FC5B] - 02/10/2012 - 02:34:58 ---A- . (.AVG Technologies - No comment.) -- C:\Windows\System32\Drivers\avgtpx86.sys [27496]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/09/2012 - 13:28:18 ---A- . (...) -- C:\Windows\System32\sho6AAC.tmp [0]

~ Scan Files in 00mn 06s

---\\ Local Security Authority-LSA Deny (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll

~ Scan Keys in 00mn 00s

---\\ Safe Boot Control (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

---\\ MountPoints2 Shell Key (MPKS) (O51) (None)

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

~ Scan Keys in 00mn 00s

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\DATA2DA.tmp.exe [Key] . (...) -- C:\Users\Felipe\AppData\Local\Temp\DATA2DA.tmp.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\Facebook Update [Key] . (...) -- C:\Users\Felipe\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (...) -- ~"C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\ROC_ROC_NT [Key] . (...) -- C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\SweetIM [Key] . (...) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\Sweetpacks Communicator [Key] . (...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\vProt [Key] . (...) -- C:\Program Files\AVG Secure Search\vprot.exe (.not file.)

~ Scan SMSR Keys in 00mn 00s

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

~ Scan Keys in 00mn 00s

---\\ System Drivers List (SDL) (O58)

O58 - SDL:[MD5.BDECE634F62B3656DE73D51CA8EA32A9] - 31/05/2012 - 21:21:04 R--A- . (.360.cn - 360FileOem.) -- C:\Windows\System32\Drivers\360FileOem.sys [146304]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]

~ Scan Drivers in 00mn 00s

---\\ List all legacy services(LALS) (O64)

O64 - Services: CurCS - 31/05/2012 - C:\windows\system32\drivers\360FileOem.sys (360FileOem) .(.360.cn - 360FileOem.) - LEGACY_360FILEOEM

O64 - Services: CurCS - 31/05/2012 - C:\Windows\System32\drivers\360HookOem.sys (360HookOem) .(.360???? - 360HookOem.) - LEGACY_360HOOKOEM

O64 - Services: CurCS - 31/05/2012 - C:\windows\system32\drivers\360RegOem.sys (360RegOem) .(.360???? - 360RegOem.) - LEGACY_360REGOEM

O64 - Services: CurCS - 10/08/2011 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG

O64 - Services: CurCS - 02/10/2012 - C:\windows\system32\drivers\avgtpx86.sys (avgtp) .(.AVG Technologies - No comment.) - LEGACY_AVGTP

O64 - Services: CurCS - 18/06/2012 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20120711.002\BHDrvx86.sys (BHDrvx86) .(.Symantec Corporation - BASH Driver.) - LEGACY_BHDRVX86

O64 - Services: CurCS - 31/05/2012 - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys (eeCtrl) .(.Symantec Corporation - Symantec Eraser Control Driver.) - LEGACY_EECTRL

O64 - Services: CurCS - 31/05/2012 - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (EraserUtilRebootDrv) .(.Symantec Corporation - Symantec Eraser Utility Driver.) - LEGACY_ERASERUTILREBOOTDRV

O64 - Services: CurCS - 18/06/2012 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20120713.001\IDSvix86.sys (IDSVix86) .(.Symantec Corporation - IDS Core Driver.) - LEGACY_IDSVIX86

O64 - Services: CurCS - 23/05/2012 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120714.017\NAVENG.sys (NAVENG) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVENG

O64 - Services: CurCS - 23/05/2012 - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20120714.017\NAVEX15.sys (NAVEX15) .(.Symantec Corporation - AV Engine.) - LEGACY_NAVEX15

O64 - Services: CurCS - 27/04/2012 - C:\windows\system32\drivers\rtport.sys (rtport) .(.Windows ® 2003 DDK 3790 provider - Generic Port I/O for Win32.) - LEGACY_RTPORT

O64 - Services: CurCS - 06/10/2010 - C:\windows\system32\Drivers\SABI.sys (SABI) .(.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - LEGACY_SABI

O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: CurCS - 31/03/2011 - C:\Windows\system32\Drivers\NIS\1207020.003\SRTSP.sys (SRTSP) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSP

O64 - Services: CurCS - 31/03/2011 - C:\Windows\system32\drivers\NIS\1207020.003\SRTSPX.sys (SRTSPX) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSPX

O64 - Services: CurCS - 27/01/2011 - C:\Windows\System32\drivers\NIS\1207020.003\SYMDS.sys (SymDS) .(.Symantec Corporation - Symantec Data Store.) - LEGACY_SYMDS

O64 - Services: CurCS - 14/03/2011 - C:\Windows\System32\drivers\NIS\1207020.003\SYMEFA.sys (SymEFA) .(.Symantec Corporation - Symantec Extended File Attributes.) - LEGACY_SYMEFA

O64 - Services: CurCS - 17/05/2012 - C:\windows\system32\Drivers\SYMEVENT.sys (SymEvent) .(.Symantec Corporation - Symantec Event Library.) - LEGACY_SYMEVENT

O64 - Services: CurCS - 27/01/2011 - C:\Windows\system32\drivers\NIS\1207020.003\Ironx86.sys (SymIRON) .(.Symantec Corporation - Iron Driver.) - LEGACY_SYMIRON

O64 - Services: CurCS - 20/04/2011 - C:\Windows\system32\Drivers\NIS\1207020.003\SYMNETS.sys (SymNetS) .(.Symantec Corporation - Network Security Driver.) - LEGACY_SYMNETS

~ Scan Services in 00mn 00s

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\Windows\System32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\Windows\System32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

~ Scan Keys in 00mn 00s

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: SearchScopes [HKCU] {232B4076-C4F7-407A-A8BE-16D06AA86293} - (Search the web (Softonic)) - http://search.softonic.com

~ Scan Keys in 00mn 00s

---\\ Search Svchost Services (SSS) (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\System32\aelupsvc.dll [62464]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [67584]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\System32\certprop.dll [67584]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\System32\srvsvc.dll [168960]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\Windows\System32\gpsvc.dll [593408]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\System32\ikeext.dll [674304]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\System32\Audiosrv.dll [473600]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acesso Remoto.) -- C:\Windows\System32\rasauto.dll [90624]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\System32\rasmans.dll [286208]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\System32\mprdim.dll [75264]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\Windows\System32\sens.dll [49664]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\System32\ipnathlp.dll [300544]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [242176]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor Host da Sessão da Área de.) -- C:\Windows\System32\termsrv.dll [521216]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\System32\wuaueng.dll [1933848]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de plano de fundo.) -- C:\Windows\System32\qmgr.dll [585728]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\System32\shsvcs.dll [328192]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em uma rede IPv4..) -- C:\Windows\System32\iphlpsvc.dll [499712]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [21504]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\System32\appinfo.dll [47104]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\System32\mmcss.dll [49664]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\System32\wercplsupport.dll [61440]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\System32\eapsvc.dll [98304]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164352]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\System32\schedsvc.dll [750592]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\System32\kmsvc.dll [71168]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho Remota.) -- C:\Windows\System32\sessenv.dll [113664]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\System32\browser.dll [102912]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\System32\themeservice.dll [37376]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\System32\bdesvc.dll [76800]

~ Scan Services in 00mn 00s

---\\ Search Particular Root Folder (SPRF) (O84)

[MD5.6D9E5361414A404F62DC249F2AADC327] [sPRF][31/01/2008] (.Unknown owner - 7-zip32.) -- C:\Users\Felipe\AppData\Local\Temp\7-zip32.dll [506880]

[MD5.8A3B83D90BFB2ED7AD946A326CFE1F06] [sPRF][12/10/2012] (...) -- C:\Users\Felipe\AppData\Local\Temp\73F3F4E7-EB45-47D5-9DD3-CC76ACBA2146.dat [39011]

[MD5.71C8B86834E4F8B23C92C7586310705D] [sPRF][12/10/2012] (...) -- C:\Users\Felipe\AppData\Local\Temp\CA31B091-602B-4330-B840-4C9695CC393C.dat [38799]

[MD5.7D507729E46566DBA1CC2C8AFF1F3E27] [sPRF][05/06/2012] (.Softonic - No comment.) -- C:\Users\Felipe\Desktop\softonic_ggl_1.5.24.3.exe [1669184]

[MD5.E897110EE5E67FABB83B154DF9C68D6A] [sPRF][13/10/2012] (...) -- C:\Users\Felipe\Desktop\ZHPDiag_silent.exe [794216]

[MD5.AE326A97F634217CAC29739D376DF934] [sPRF][15/08/2011] (...) -- C:\Users\Felipe\Desktop\ZHP_uninstall.exe [344187]

~ Scan Files in 00mn 00s

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "{B786347F-8862-436F-AA8E-445A8255023E}" | In - None - P17 - TRUE | .(.CyberLink Corp. - Media+Player 10.0.) -- C:\Program Files\CyberLink\Media+Player10\Media+Player10.exe

O87 - FAEL: "{2A6661C3-48E2-4356-B2E9-6631837453F2}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files\CyberLink\PowerDirector\PDR8.exe

O87 - FAEL: "{122E00C6-24D7-4492-8EF2-EA406F83BA66}" | In - Public - P6 - TRUE | .(.Samsung Electronics Co., Ltd. - USDAgent Module.) -- C:\Program Files\Samsung\Samsung Universal Scan Driver\USDAgent.exe

O87 - FAEL: "{F6AA7140-35D3-4671-91BD-787B8B51182A}" | In - Public - P17 - TRUE | .(.Samsung Electronics Co., Ltd. - USDAgent Module.) -- C:\Program Files\Samsung\Samsung Universal Scan Driver\USDAgent.exe

O87 - FAEL: "{CB09C3B4-32D5-41E1-B6B4-A222B8244FA7}" | In - Public - P6 - TRUE | .(.Samsung Electronics Co., Ltd. - ICCUpdater.) -- C:\Program Files\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe

O87 - FAEL: "{8C98CBE4-7484-4408-B8CB-6013593DB477}" | In - Public - P17 - TRUE | .(.Samsung Electronics Co., Ltd. - ICCUpdater.) -- C:\Program Files\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe

O87 - FAEL: "{935CE935-C878-4018-88AA-4FFDB37CBA53}" | In - Public - P6 - TRUE | .(.Samsung Electronics CO., LTD. - Samsung UPD Service.) -- C:\Windows\System32\SUPDSvc.exe

O87 - FAEL: "{DBB0349D-E3FD-4DD3-817C-093AA9109FE2}" | In - Public - P17 - TRUE | .(.Samsung Electronics CO., LTD. - Samsung UPD Service.) -- C:\Windows\System32\SUPDSvc.exe

O87 - FAEL: "{A2BDB91A-5A99-4CA8-9520-5D05C4C01254}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O87 - FAEL: "{6538FC2F-778B-4CF7-977D-A8CBB5546395}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)

O87 - FAEL: "{39F0C30C-4FA9-4749-8FFC-DBE55BEC25FE}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)

O87 - FAEL: "{C4A78D66-63D2-4162-979F-88F6266CA112}" |In - None - P17 - TRUE | .(...) -- C:\Users\Felipe\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (.not file.)

O87 - FAEL: "{036A1772-7FA6-4C3C-9758-9398DC26EF42}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\PSafe\PSRsync.exe

O87 - FAEL: "{0AFCFD3F-EBB9-4B7E-996D-C06AAE81330A}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\PSafe\PSRsync.exe

O87 - FAEL: "{6FA375CB-13FF-43E2-B96A-F2C38A9E1ACC}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe

O87 - FAEL: "{FD416B34-5418-4C07-B3C4-F1A80D2F6F4E}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe

O87 - FAEL: "{C547A03E-3A0C-42C1-8C12-3B70B5E475F8}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe

O87 - FAEL: "{624E942C-A891-45A8-9837-746040BC946A}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe

~ Scan Firewall in 00mn 01s

---\\ Additionnal Scan (O88)

Database Version : 9186 - (22/09/2012)

Clés trouvées (Keys found) : 2

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 0

Fichiers trouvés (Files found) : 0

[HKCU\Software\MSOLoad] =>Trojan.Agent

[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM] =>Toolbar.SweetIM

~ Scan Additionnel in 00mn 18s

---\\ Router Hijack DNS (O89) (None)

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)

SS - | Demand 09/10/2012 250808 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

SR - | Auto 10/08/2011 176128 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe

SS - | Demand 09/09/2012 114144 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

SS - | Auto 16/04/2011 130008 | (NIS) . (.Symantec Corporation.) - C:\Program Files\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe

SR - | Auto 01/06/2010 2057560 | (NOBU) . (.Symantec Corporation.) - C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe

SR - | Auto 31/05/2012 1726216 | (PSafeLockBoxSvc) . (.PSafe.) - C:\Program Files\PSafe\PSafeCategoryFinder.exe

SR - | Auto 31/05/2012 1733896 | (PSafeSVC) . (.PSafe S/A.) - C:\Program Files\PSafe\PSafesvc.exe

SR - | Auto 31/05/2012 250632 | (PSafeWD) . (.PSafe.) - C:\Program Files\PSafe\PSafeWD.exe

SR - | Auto 244904 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe

SS - | Demand 09/08/2010 131888 | (Samsung UPD Service) . (.Samsung Electronics CO., LTD..) - C:\windows\System32\SUPDSvc.exe

SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe

SR - | Auto 722528 | (vToolbarUpdater12.2.6) . (...) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe

SR - | Auto 1006448 | (WebOptimizer) . (...) - C:\Windows\System32\dmwu.exe

SR - | Auto 01/03/2011 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 01/03/2011 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Scan Services in 00mn 02s

---\\ Search Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

Run by Felipe at 13/10/2012 16:16:27

device: opened successfully

user: MBR read successfully

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys amd_xata.sys storport.sys >>UNKNOWN [0x86AABC19]<<

C:\windows\system32\DRIVERS\amd_xata.sys Advanced Micro Devices Stor Filter Driver

1 ntkrnlpa!IofCallDriver[0x82E53BC5] -> \Device\Harddisk0\DR0[0x85ECB7D0]

3 CLASSPNP[0x88D8B59E] -> ntkrnlpa!IofCallDriver[0x82E53BC5] -> [0x85DFCC08]

5 amd_xata[0x887A89D6] -> ntkrnlpa!IofCallDriver[0x82E53BC5] -> \Device\00000076[0x85DF9030]

kernel: MBR read successfully

user & kernel MBR OK

~ Scan MBR in 00mn 02s

---\\ Search Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by Felipe at 13/10/2012 16:16:30

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ Scan MBR in 00mn 04s

End of the scan (1580 lines in 01mn 27s)(0)

descobri rs

segue o link

http://pjjoint.malekal.com/files.php?read=ZHPDiag_20121013_5k5h14j15k10

DigRam · Outubro 14, 2012

Boa Noite! ilkkinha

|- Feche programas/pastas que estejam abertas.

|- Feche,também,o navegador!

|- Para Windows Vista,desabilite a UAC.

|- Para Windows Vista ou 7,clique direito em ZHPFix.exe e execute-o como administrador.

|- Selecione e copie estas informações,que estão no Code,para o "Bloco de Notas".

[MD5.00000000000000000000000000000000] [APT] [DealPlyUpdate] (...) -- C:\Program Files\DealPly\DealPlyUpdate.exe (.not file.)
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (...) -- C:\Users\Felipe\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (.not file.)
O43 - CFD: 15/05/2012 - 11:55:36 - [0] ----D C:\Users\Felipe\AppData\Local\Dados de aplicativos
O43 - CFD: 15/05/2012 - 11:55:36 - [0] ----D C:\Users\Felipe\AppData\Local\Histórico
O43 - CFD: 24/07/2012 - 00:37:21 - [0] ----D C:\Users\Felipe\AppData\Local\{00C7A150-4C66-49B4-A178-CA875B75F57C}
O43 - CFD: 10/09/2012 - 18:07:28 - [0] ----D C:\Users\Felipe\AppData\Local\{04E376A4-F3CD-4F9D-89CA-01126F6F8E1E}
O43 - CFD: 08/07/2012 - 15:08:21 - [0] ----D C:\Users\Felipe\AppData\Local\{059A493B-5FCF-4731-BB8F-F3C5E6B5EDB5}
O43 - CFD: 21/06/2012 - 02:10:16 - [0] ----D C:\Users\Felipe\AppData\Local\{0843266F-F918-4546-A7FC-B0F25EF3B800}
O43 - CFD: 17/08/2012 - 00:48:14 - [0] ----D C:\Users\Felipe\AppData\Local\{08BEA492-EECC-4956-8EC5-8FF6CC17795D}
O43 - CFD: 26/09/2012 - 13:33:11 - [0] ----D C:\Users\Felipe\AppData\Local\{08D6EAD7-01CE-4156-8A39-3EE21E243288}
O43 - CFD: 04/09/2012 - 13:24:43 - [0] ----D C:\Users\Felipe\AppData\Local\{0D8D0B0E-784B-48AF-8BDC-293328CE13DC}
O43 - CFD: 28/05/2012 - 01:01:43 - [0] ----D C:\Users\Felipe\AppData\Local\{1694F733-0137-4E9F-A7FB-090A044F5E27}
O43 - CFD: 12/07/2012 - 15:46:43 - [0] ----D C:\Users\Felipe\AppData\Local\{176EA66F-1E31-4E8C-9FF6-98A9316962AC}
O43 - CFD: 30/05/2012 - 17:15:45 - [0] ----D C:\Users\Felipe\AppData\Local\{18674B3A-B5C1-473E-9106-A804823E2BF0}
O43 - CFD: 08/09/2012 - 15:55:22 - [0] ----D C:\Users\Felipe\AppData\Local\{19DC977F-9254-4EF9-8481-76AB9681B79E}
O43 - CFD: 10/10/2012 - 03:44:57 - [0] ----D C:\Users\Felipe\AppData\Local\{19EBB1B1-3724-4C91-97B3-DAA8015304B6}
O43 - CFD: 11/07/2012 - 03:32:18 - [0] ----D C:\Users\Felipe\AppData\Local\{1E43ECD1-FBE7-484C-B55A-AE635EC2B2A6}
O43 - CFD: 19/09/2012 - 10:34:48 - [0] ----D C:\Users\Felipe\AppData\Local\{1ED97990-2FAA-4D64-8055-6A8E7D834A07}
O43 - CFD: 05/08/2012 - 19:42:21 - [0] ----D C:\Users\Felipe\AppData\Local\{1F220DA4-448C-4F9E-9901-BABF000520C1}
O43 - CFD: 24/08/2012 - 00:53:41 - [0] ----D C:\Users\Felipe\AppData\Local\{233D6660-C831-4DDE-BEAD-0636BE8BDBFC}
O43 - CFD: 08/08/2012 - 15:25:46 - [0] ----D C:\Users\Felipe\AppData\Local\{2677EDA9-6402-46AB-A410-0E6F19DF5D5F}
O43 - CFD: 21/09/2012 - 09:24:16 - [0] ----D C:\Users\Felipe\AppData\Local\{2AC3048D-F848-4724-9A74-E6F228532D8B}
O43 - CFD: 21/06/2012 - 02:10:31 - [0] ----D C:\Users\Felipe\AppData\Local\{2CEC0D66-CC09-44CC-ADD2-1B4348DF75C6}
O43 - CFD: 27/06/2012 - 01:23:45 - [0] ----D C:\Users\Felipe\AppData\Local\{2E2850D8-A945-4E8F-AF8F-40ED80B84FF7}
O43 - CFD: 04/06/2012 - 06:09:16 - [0] ----D C:\Users\Felipe\AppData\Local\{2F2337DA-5B53-455C-BA6B-EE14E980EA1A}
O43 - CFD: 19/09/2012 - 08:43:12 - [0] ----D C:\Users\Felipe\AppData\Local\{33DA7667-DA89-4955-92BA-F65526F4CFFA}
O43 - CFD: 21/09/2012 - 12:06:15 - [0] ----D C:\Users\Felipe\AppData\Local\{3423A40F-2718-4F3B-BE79-E6527B78131D}
O43 - CFD: 17/08/2012 - 00:48:53 - [0] ----D C:\Users\Felipe\AppData\Local\{37CCF37C-A61F-47E8-9399-CBDF28E4D55B}
O43 - CFD: 05/09/2012 - 01:54:12 - [0] ----D C:\Users\Felipe\AppData\Local\{383F4C03-D56A-44E5-B6A3-16A9DF106BE1}
O43 - CFD: 02/09/2012 - 20:49:10 - [0] ----D C:\Users\Felipe\AppData\Local\{3AB7D9A0-186C-4196-ACA4-CCC4904A25B2}
O43 - CFD: 28/08/2012 - 01:14:42 - [0] ----D C:\Users\Felipe\AppData\Local\{43784655-3154-4A02-A3F0-1894B6214EB2}
O43 - CFD: 14/08/2012 - 00:26:02 - [0] ----D C:\Users\Felipe\AppData\Local\{46712FA3-E5D0-4E21-A393-C6C8C61B92A9}
O43 - CFD: 02/09/2012 - 21:18:18 - [0] ----D C:\Users\Felipe\AppData\Local\{47E8C52C-4618-45EA-ABB2-CB622B3C3814}
O43 - CFD: 14/08/2012 - 23:41:30 - [0] ----D C:\Users\Felipe\AppData\Local\{480E780C-16D6-4DA0-938A-50B3CF1C0767}
O43 - CFD: 02/09/2012 - 15:45:26 - [0] ----D C:\Users\Felipe\AppData\Local\{49B2FFA9-700B-4463-9A26-C970C4732D81}
O43 - CFD: 11/06/2012 - 11:35:35 - [0] ----D C:\Users\Felipe\AppData\Local\{4D6495C7-638C-4896-BF95-0C1812A08E24}
O43 - CFD: 14/09/2012 - 01:58:47 - [0] ----D C:\Users\Felipe\AppData\Local\{4E5E72A6-13AC-4E36-9FE6-AE91820DE641}
O43 - CFD: 25/09/2012 - 01:31:25 - [0] ----D C:\Users\Felipe\AppData\Local\{4F2B6DD6-18B2-4EA9-97E9-5DE90674AF28}
O43 - CFD: 29/06/2012 - 12:28:16 - [0] ----D C:\Users\Felipe\AppData\Local\{5063661E-E29D-4A98-89AC-5EB31961E29F}
O43 - CFD: 05/09/2012 - 03:22:30 - [0] ----D C:\Users\Felipe\AppData\Local\{52332664-1E4D-49E4-BA93-12E4F03BB441}
O43 - CFD: 29/06/2012 - 12:28:33 - [0] ----D C:\Users\Felipe\AppData\Local\{52410E9D-13F2-41FF-88BC-4A3FD0DD7BE7}
O43 - CFD: 15/07/2012 - 04:18:39 - [0] ----D C:\Users\Felipe\AppData\Local\{52680A7E-34D9-4682-B6DC-5BC9B5CBFA0D}
O43 - CFD: 25/06/2012 - 14:54:43 - [0] ----D C:\Users\Felipe\AppData\Local\{5778A5E9-1FB7-44FD-82CD-BA61B1AD88FD}
O43 - CFD: 21/08/2012 - 02:48:36 - [0] ----D C:\Users\Felipe\AppData\Local\{5A0616C9-8CB4-4B87-9839-E629FD9674AE}
O43 - CFD: 15/08/2012 - 14:53:08 - [0] ----D C:\Users\Felipe\AppData\Local\{5C0C4E50-56FF-4D0D-8D60-EA5FB731D1DB}
O43 - CFD: 09/08/2012 - 01:53:14 - [0] ----D C:\Users\Felipe\AppData\Local\{5C993186-92E2-4B9F-94C4-8FAFC0D3DA3D}
O43 - CFD: 13/08/2012 - 00:27:55 - [0] ----D C:\Users\Felipe\AppData\Local\{5F42EF2E-387F-4014-A0E1-5467FD0E5832}
O43 - CFD: 28/05/2012 - 17:07:37 - [0] ----D C:\Users\Felipe\AppData\Local\{61AB8A19-8229-4AF6-8827-CBF5FCFD8CC1}
O43 - CFD: 19/09/2012 - 14:08:30 - [0] ----D C:\Users\Felipe\AppData\Local\{643944DD-8E26-4B5B-B3D5-AF6027ED4226}
O43 - CFD: 24/05/2012 - 03:49:39 - [0] ----D C:\Users\Felipe\AppData\Local\{65450CAF-8264-49C3-97AF-6B0CAC9573C8}
O43 - CFD: 09/09/2012 - 21:36:10 - [0] ----D C:\Users\Felipe\AppData\Local\{66D6FDF9-1F77-46C9-9933-6E513E067163}
O43 - CFD: 20/09/2012 - 12:03:22 - [0] ----D C:\Users\Felipe\AppData\Local\{68122AA7-3A71-4E03-92E1-E3503BA01923}
O43 - CFD: 23/08/2012 - 01:15:56 - [0] ----D C:\Users\Felipe\AppData\Local\{69DE40BC-4172-40E6-B955-DC5F9CBA9CF1}
O43 - CFD: 23/09/2012 - 19:04:17 - [0] ----D C:\Users\Felipe\AppData\Local\{6A4BFAFB-CCED-42BB-BAA2-188DAEAB8614}
O43 - CFD: 19/09/2012 - 11:01:55 - [0] ----D C:\Users\Felipe\AppData\Local\{6BE1F2A6-8201-D72B-D6F7-BC17B6507E05}
O43 - CFD: 11/07/2012 - 03:32:31 - [0] ----D C:\Users\Felipe\AppData\Local\{6EA736C4-B22E-49A3-A237-1602506BE914}
O43 - CFD: 12/07/2012 - 15:46:56 - [0] ----D C:\Users\Felipe\AppData\Local\{7039366A-9D56-49A8-9943-B10CCB11CA89}
O43 - CFD: 30/07/2012 - 05:58:20 - [0] ----D C:\Users\Felipe\AppData\Local\{71308773-DE41-4200-A823-85D98A77AA61}
O43 - CFD: 24/05/2012 - 03:44:57 - [0] ----D C:\Users\Felipe\AppData\Local\{722C12CA-52C9-4C4E-8ABC-F596348FBEE8}
O43 - CFD: 11/06/2012 - 11:35:25 - [0] ----D C:\Users\Felipe\AppData\Local\{75371BB8-004A-4F40-85DA-1A89FF373EC6}
O43 - CFD: 03/06/2012 - 06:33:41 - [0] ----D C:\Users\Felipe\AppData\Local\{756C8B6F-1240-429F-898B-31C4E4EF249B}
O43 - CFD: 02/10/2012 - 14:42:09 - [0] ----D C:\Users\Felipe\AppData\Local\{78CA1A25-44EB-4A03-B27E-70FBB7E49328}
O43 - CFD: 27/06/2012 - 01:23:57 - [0] ----D C:\Users\Felipe\AppData\Local\{7B0B8C4E-EF58-45CE-B34E-282569C30A85}
O43 - CFD: 17/06/2012 - 12:03:56 - [0] ----D C:\Users\Felipe\AppData\Local\{7C570C0A-D4FB-45F2-B3B2-E747BBD54AB2}
O43 - CFD: 30/07/2012 - 05:58:04 - [0] ----D C:\Users\Felipe\AppData\Local\{7E2AA3C2-651E-432C-8F70-E49FF6E8110C}
O43 - CFD: 03/06/2012 - 06:33:55 - [0] ----D C:\Users\Felipe\AppData\Local\{7FCDC886-AC31-4F84-B1DB-E32D54C7BF7B}
O43 - CFD: 15/07/2012 - 04:18:23 - [0] ----D C:\Users\Felipe\AppData\Local\{8157B3DA-AF36-459B-83C0-E09C9B68C97C}
O43 - CFD: 15/08/2012 - 14:52:55 - [0] ----D C:\Users\Felipe\AppData\Local\{83897122-FCA2-479E-922D-787A245C3353}
O43 - CFD: 18/08/2012 - 05:10:50 - [0] ----D C:\Users\Felipe\AppData\Local\{849A387C-E8B7-44FF-B272-8E9F59B52D88}
O43 - CFD: 23/08/2012 - 19:06:06 - [0] ----D C:\Users\Felipe\AppData\Local\{84FF8B33-3216-40E8-AC95-AB1218145C85}
O43 - CFD: 08/08/2012 - 00:33:58 - [0] ----D C:\Users\Felipe\AppData\Local\{85F13519-3775-4BF8-AA75-F8043DF96F2F}
O43 - CFD: 01/09/2012 - 17:58:53 - [0] ----D C:\Users\Felipe\AppData\Local\{89103F85-7F9E-4C31-91A2-BCF2598C96DE}
O43 - CFD: 08/08/2012 - 00:33:35 - [0] ----D C:\Users\Felipe\AppData\Local\{8DAB692A-F236-4939-81BD-24DBB20D232A}
O43 - CFD: 11/06/2012 - 11:35:21 - [0] ----D C:\Users\Felipe\AppData\Local\{90930773-6C33-456C-B514-ED50BBF4991F}
O43 - CFD: 26/08/2012 - 18:49:55 - [0] ----D C:\Users\Felipe\AppData\Local\{976522FD-EEF2-4F2E-8957-5E869AE1873F}
O43 - CFD: 02/07/2012 - 16:13:43 - [0] ----D C:\Users\Felipe\AppData\Local\{9D498844-DAED-4D73-9616-C0EF277E1B79}
O43 - CFD: 02/07/2012 - 13:31:33 - [0] ----D C:\Users\Felipe\AppData\Local\{9E8CE6C4-B961-463B-8848-A733DBCD700A}
O43 - CFD: 14/06/2012 - 05:44:10 - [0] ----D C:\Users\Felipe\AppData\Local\{9FF308A7-17C6-4DE1-B0BD-E78342AD8775}
O43 - CFD: 16/09/2012 - 23:47:40 - [0] ----D C:\Users\Felipe\AppData\Local\{A0488B55-3ED9-4018-93D2-659AF7A50829}
O43 - CFD: 27/06/2012 - 10:11:07 - [0] ----D C:\Users\Felipe\AppData\Local\{A1A24A19-EF0D-4F96-BF49-6CC34CB485BB}
O43 - CFD: 11/10/2012 - 03:42:27 - [0] ----D C:\Users\Felipe\AppData\Local\{A202A4E0-5498-4C2C-81F4-2A7EA15987B2}
O43 - CFD: 17/06/2012 - 12:03:43 - [0] ----D C:\Users\Felipe\AppData\Local\{A20C17AC-F6EA-4F73-B8ED-285F6EA7C4AB}
O43 - CFD: 27/09/2012 - 20:48:16 - [0] ----D C:\Users\Felipe\AppData\Local\{A3AB9BF3-6979-4651-AC9E-04D99E9C9B56}
O43 - CFD: 25/06/2012 - 14:54:55 - [0] ----D C:\Users\Felipe\AppData\Local\{A4E94706-DDD3-4B7E-9B75-A61B6459E1E1}
O43 - CFD: 18/08/2012 - 05:11:06 - [0] ----D C:\Users\Felipe\AppData\Local\{A5A9EFBC-1B74-451E-8086-E3795AB2DB4A}
O43 - CFD: 28/08/2012 - 13:21:44 - [0] ----D C:\Users\Felipe\AppData\Local\{A7AF7706-E5D9-44C4-87B8-F14357018DB7}
O43 - CFD: 09/08/2012 - 01:52:14 - [0] ----D C:\Users\Felipe\AppData\Local\{AB5D289E-DDBB-4274-AB11-B9394103C33B}
O43 - CFD: 05/08/2012 - 19:42:36 - [0] ----D C:\Users\Felipe\AppData\Local\{AD98C609-03A6-4F4F-ABD2-5A2727A3D016}
O43 - CFD: 16/06/2012 - 14:12:32 - [0] ----D C:\Users\Felipe\AppData\Local\{B1EF2D7B-AD61-43F4-992C-95FF4AF08268}
O43 - CFD: 14/08/2012 - 00:25:49 - [0] ----D C:\Users\Felipe\AppData\Local\{B2F5DF2B-09E7-44C0-8012-4EE670EB4242}
O43 - CFD: 29/09/2012 - 02:05:35 - [0] ----D C:\Users\Felipe\AppData\Local\{B9B9A288-88CA-430A-88FD-441C9A339E49}
O43 - CFD: 03/09/2012 - 16:54:18 - [0] ----D C:\Users\Felipe\AppData\Local\{BBD064E2-090E-4FFD-AB03-CEC2B77D950F}
O43 - CFD: 29/05/2012 - 16:59:15 - [0] ----D C:\Users\Felipe\AppData\Local\{C17393C7-6D10-4A22-A314-1EDC18D9D76C}
O43 - CFD: 21/09/2012 - 08:22:28 - [0] ----D C:\Users\Felipe\AppData\Local\{CDC5F534-B710-4E69-B132-2C8B2D1BDA23}
O43 - CFD: 29/05/2012 - 16:58:46 - [0] ----D C:\Users\Felipe\AppData\Local\{CDF88C89-465D-4EE2-8EC7-9C1FEC145CAE}
O43 - CFD: 13/06/2012 - 18:23:08 - [0] ----D C:\Users\Felipe\AppData\Local\{CFA4A5AB-3DBE-45C9-A712-683794C36D16}
O43 - CFD: 07/09/2012 - 23:25:22 - [0] ----D C:\Users\Felipe\AppData\Local\{D2BD9C0F-8A85-4E2F-B2C2-C9A0036E080F}
O43 - CFD: 08/07/2012 - 15:08:42 - [0] ----D C:\Users\Felipe\AppData\Local\{D5423160-3F9C-41B1-BF20-EC92FE9E4F0C}
O43 - CFD: 21/06/2012 - 01:18:50 - [0] ----D C:\Users\Felipe\AppData\Local\{D609C6F4-93A6-4F81-A482-8471E5624D5B}
O43 - CFD: 02/07/2012 - 16:13:55 - [0] ----D C:\Users\Felipe\AppData\Local\{D6A5A9EB-9B9F-4A77-85AE-E7E75E8346A7}
O43 - CFD: 30/08/2012 - 23:59:20 - [0] ----D C:\Users\Felipe\AppData\Local\{DA461C32-EFCB-4674-B4F4-EA92C73C30C0}
O43 - CFD: 27/06/2012 - 10:11:36 - [0] ----D C:\Users\Felipe\AppData\Local\{E131EEB8-2A66-4F97-A4DA-378DBE862AD7}
O43 - CFD: 30/05/2012 - 17:15:30 - [0] ----D C:\Users\Felipe\AppData\Local\{E3712F58-312D-4008-BE46-86FC2C539956}
O43 - CFD: 16/06/2012 - 14:12:09 - [0] ----D C:\Users\Felipe\AppData\Local\{EA313D50-53FD-41CC-A70A-F34A3C27552B}
O43 - CFD: 05/07/2012 - 01:44:35 - [0] ----D C:\Users\Felipe\AppData\Local\{EAA7B4DF-04DC-438F-97B1-1DAFF46C0E87}
O43 - CFD: 24/07/2012 - 00:37:38 - [0] ----D C:\Users\Felipe\AppData\Local\{EBE8EE06-8B3C-4D82-AA61-A2B28F0A329D}
O43 - CFD: 25/08/2012 - 01:34:19 - [0] ----D C:\Users\Felipe\AppData\Local\{ED9DB170-DE36-452D-A915-6DBCD9B61A98}
O43 - CFD: 05/07/2012 - 01:44:52 - [0] ----D C:\Users\Felipe\AppData\Local\{EE2D2CAB-9CBD-402B-A050-03EB1C5E3576}
O43 - CFD: 22/08/2012 - 03:06:53 - [0] ----D C:\Users\Felipe\AppData\Local\{EE81A42D-83FC-435D-9264-5DAAB1AD4DB9}
O43 - CFD: 14/06/2012 - 05:43:57 - [0] ----D C:\Users\Felipe\AppData\Local\{EF83F2F2-4CA4-4875-8CAA-176A13CA13B4}
O43 - CFD: 21/06/2012 - 01:19:03 - [0] ----D C:\Users\Felipe\AppData\Local\{F2FCB83B-7FC9-4943-8942-A06EA7AEFA78}
O43 - CFD: 09/09/2012 - 09:34:34 - [0] ----D C:\Users\Felipe\AppData\Local\{F3F4049D-B937-439D-B537-5B77A17CCBFA}
O43 - CFD: 16/08/2012 - 13:30:05 - [0] ----D C:\Users\Felipe\AppData\Local\{F674AD2A-EF06-458E-96EA-9E5E10701D98}
O43 - CFD: 01/09/2012 - 05:36:44 - [0] ----D C:\Users\Felipe\AppData\Local\{F870FEFA-45B0-4F30-B39D-D89ECEF6EF9A}
O43 - CFD: 02/07/2012 - 13:31:19 - [0] ----D C:\Users\Felipe\AppData\Local\{FA67D0B9-4F22-41BD-BCF1-461FED2162AA}
O43 - CFD: 18/09/2012 - 01:09:40 - [0] ----D C:\Users\Felipe\AppData\Local\{FDA0F2A9-0FAE-48F9-9B03-35D9705B4242}
O43 - CFD: 01/10/2012 - 21:28:02 - [0] ----D C:\Users\Felipe\AppData\Local\{FF9B2047-EC21-4B0F-8E98-50B2B2816B0B}
O53 - SMSR:HKLM\...\startupreg\DATA2DA.tmp.exe  [Key] . (...) -- C:\Users\Felipe\AppData\Local\Temp\DATA2DA.tmp.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\ROC_ROC_NT  [Key] . (...) -- C:\Program Files\AVG Secure Search\ROC_ROC_NT.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SweetIM  [Key] . (...) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe (.not file.)    => Macrogaming%SweetIM
O53 - SMSR:HKLM\...\startupreg\Sweetpacks Communicator  [Key] . (...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)
O87 - FAEL: "{6538FC2F-778B-4CF7-977D-A8CBB5546395}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)
O87 - FAEL: "{39F0C30C-4FA9-4749-8FFC-DBE55BEC25FE}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)
O87 - FAEL: "{C4A78D66-63D2-4162-979F-88F6266CA112}" |In - None - P17 - TRUE | .(...) -- C:\Users\Felipe\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (.not file.)

[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM]
[HKCU\Software\MSOLoad]    => Infection Diverse (Trojan.Agent)
[HKLM\Software\360Safe]    => Infection Diverse (Lozavita.Troj)
[HKCU\Software\MSOLoad]    => Infection Diverse (Trojan.Agent)

proxyfix
emptytemp
emptyflash
firewallraz
sysrestore

|- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C"

|- Minimize o Bloco de Notas.

|- Clique no menu,"Paste ClipBoard".

|- Clique em "GO" -> Oui.

|- Ps: Temos,àcima,sequência de imagens para maior exclarecimento.

|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt

Abs!

ilkkinha · Outubro 14, 2012

Em primeiro lugar ótimo domingo e muito obrigada pela ajuda que vem me dando. A demora em responder é porque esse note é do meu filho, e ele usa muito, mas tem melhorado consideravelmente.Segue abaixo o relatório pedido.Quando acabar aqui eu vou pedir ajuda para meu notebook rs. Desculpe o abuso. :)

Rapport de ZHPFix 1.3.01 par Nicolas Coolman, Update du 22/09/2012

Fichier d'export Registre :

Run by Felipe at 14/10/2012 11:44:12

Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)

Web site : http://nicolascoolman.skyrock.com/

========== Registry Key ==========

DELETED Key: Mozilla Plugin: @Skype Limited.com/Facebook Video Calling Plugin

ERROR Key****: StartupReg: DATA2DA.tmp.exe

ERROR Key****: StartupReg: ROC_ROC_NT

ERROR Key****: StartupReg: SweetIM

ERROR Key****: StartupReg: Sweetpacks Communicator

ERROR Key****: HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM

DELETED Key: HKCU\Software\MSOLoad

ERROR Key****: HKLM\Software\360Safe

========== Registry Value ==========

NOT FOUND {6538FC2F-778B-4CF7-977D-A8CBB5546395}

NOT FOUND {39F0C30C-4FA9-4749-8FFC-DBE55BEC25FE}

NOT FOUND {C4A78D66-63D2-4162-979F-88F6266CA112}

========== Repertory ==========

NOT FOUND C:\Users\Felipe\AppData\Local\Dados de aplicativos

NOT FOUND C:\Users\Felipe\AppData\Local\Histórico

DELETED Folder: C:\Users\Felipe\AppData\Local\{00C7A150-4C66-49B4-A178-CA875B75F57C}

DELETED Folder: C:\Users\Felipe\AppData\Local\{04E376A4-F3CD-4F9D-89CA-01126F6F8E1E}

DELETED Folder: C:\Users\Felipe\AppData\Local\{059A493B-5FCF-4731-BB8F-F3C5E6B5EDB5}

DELETED Folder: C:\Users\Felipe\AppData\Local\{0843266F-F918-4546-A7FC-B0F25EF3B800}

DELETED Folder: C:\Users\Felipe\AppData\Local\{08BEA492-EECC-4956-8EC5-8FF6CC17795D}

DELETED Folder: C:\Users\Felipe\AppData\Local\{08D6EAD7-01CE-4156-8A39-3EE21E243288}

DELETED Folder: C:\Users\Felipe\AppData\Local\{0D8D0B0E-784B-48AF-8BDC-293328CE13DC}

DELETED Folder: C:\Users\Felipe\AppData\Local\{1694F733-0137-4E9F-A7FB-090A044F5E27}

DELETED Folder: C:\Users\Felipe\AppData\Local\{176EA66F-1E31-4E8C-9FF6-98A9316962AC}

DELETED Folder: C:\Users\Felipe\AppData\Local\{18674B3A-B5C1-473E-9106-A804823E2BF0}

DELETED Folder: C:\Users\Felipe\AppData\Local\{19DC977F-9254-4EF9-8481-76AB9681B79E}

DELETED Folder: C:\Users\Felipe\AppData\Local\{19EBB1B1-3724-4C91-97B3-DAA8015304B6}

DELETED Folder: C:\Users\Felipe\AppData\Local\{1E43ECD1-FBE7-484C-B55A-AE635EC2B2A6}

DELETED Folder: C:\Users\Felipe\AppData\Local\{1ED97990-2FAA-4D64-8055-6A8E7D834A07}

DELETED Folder: C:\Users\Felipe\AppData\Local\{1F220DA4-448C-4F9E-9901-BABF000520C1}

DELETED Folder: C:\Users\Felipe\AppData\Local\{233D6660-C831-4DDE-BEAD-0636BE8BDBFC}

DELETED Folder: C:\Users\Felipe\AppData\Local\{2677EDA9-6402-46AB-A410-0E6F19DF5D5F}

DELETED Folder: C:\Users\Felipe\AppData\Local\{2AC3048D-F848-4724-9A74-E6F228532D8B}

DELETED Folder: C:\Users\Felipe\AppData\Local\{2CEC0D66-CC09-44CC-ADD2-1B4348DF75C6}

DELETED Folder: C:\Users\Felipe\AppData\Local\{2E2850D8-A945-4E8F-AF8F-40ED80B84FF7}

DELETED Folder: C:\Users\Felipe\AppData\Local\{2F2337DA-5B53-455C-BA6B-EE14E980EA1A}

DELETED Folder: C:\Users\Felipe\AppData\Local\{33DA7667-DA89-4955-92BA-F65526F4CFFA}

DELETED Folder: C:\Users\Felipe\AppData\Local\{3423A40F-2718-4F3B-BE79-E6527B78131D}

DELETED Folder: C:\Users\Felipe\AppData\Local\{37CCF37C-A61F-47E8-9399-CBDF28E4D55B}

DELETED Folder: C:\Users\Felipe\AppData\Local\{383F4C03-D56A-44E5-B6A3-16A9DF106BE1}

DELETED Folder: C:\Users\Felipe\AppData\Local\{3AB7D9A0-186C-4196-ACA4-CCC4904A25B2}

DELETED Folder: C:\Users\Felipe\AppData\Local\{43784655-3154-4A02-A3F0-1894B6214EB2}

DELETED Folder: C:\Users\Felipe\AppData\Local\{46712FA3-E5D0-4E21-A393-C6C8C61B92A9}

DELETED Folder: C:\Users\Felipe\AppData\Local\{47E8C52C-4618-45EA-ABB2-CB622B3C3814}

DELETED Folder: C:\Users\Felipe\AppData\Local\{480E780C-16D6-4DA0-938A-50B3CF1C0767}

DELETED Folder: C:\Users\Felipe\AppData\Local\{49B2FFA9-700B-4463-9A26-C970C4732D81}

DELETED Folder: C:\Users\Felipe\AppData\Local\{4D6495C7-638C-4896-BF95-0C1812A08E24}

DELETED Folder: C:\Users\Felipe\AppData\Local\{4E5E72A6-13AC-4E36-9FE6-AE91820DE641}

DELETED Folder: C:\Users\Felipe\AppData\Local\{4F2B6DD6-18B2-4EA9-97E9-5DE90674AF28}

DELETED Folder: C:\Users\Felipe\AppData\Local\{5063661E-E29D-4A98-89AC-5EB31961E29F}

DELETED Folder: C:\Users\Felipe\AppData\Local\{52332664-1E4D-49E4-BA93-12E4F03BB441}

DELETED Folder: C:\Users\Felipe\AppData\Local\{52410E9D-13F2-41FF-88BC-4A3FD0DD7BE7}

DELETED Folder: C:\Users\Felipe\AppData\Local\{52680A7E-34D9-4682-B6DC-5BC9B5CBFA0D}

DELETED Folder: C:\Users\Felipe\AppData\Local\{5778A5E9-1FB7-44FD-82CD-BA61B1AD88FD}

DELETED Folder: C:\Users\Felipe\AppData\Local\{5A0616C9-8CB4-4B87-9839-E629FD9674AE}

DELETED Folder: C:\Users\Felipe\AppData\Local\{5C0C4E50-56FF-4D0D-8D60-EA5FB731D1DB}

DELETED Folder: C:\Users\Felipe\AppData\Local\{5C993186-92E2-4B9F-94C4-8FAFC0D3DA3D}

DELETED Folder: C:\Users\Felipe\AppData\Local\{5F42EF2E-387F-4014-A0E1-5467FD0E5832}

DELETED Folder: C:\Users\Felipe\AppData\Local\{61AB8A19-8229-4AF6-8827-CBF5FCFD8CC1}

DELETED Folder: C:\Users\Felipe\AppData\Local\{643944DD-8E26-4B5B-B3D5-AF6027ED4226}

DELETED Folder: C:\Users\Felipe\AppData\Local\{65450CAF-8264-49C3-97AF-6B0CAC9573C8}

DELETED Folder: C:\Users\Felipe\AppData\Local\{66D6FDF9-1F77-46C9-9933-6E513E067163}

DELETED Folder: C:\Users\Felipe\AppData\Local\{68122AA7-3A71-4E03-92E1-E3503BA01923}

DELETED Folder: C:\Users\Felipe\AppData\Local\{69DE40BC-4172-40E6-B955-DC5F9CBA9CF1}

DELETED Folder: C:\Users\Felipe\AppData\Local\{6A4BFAFB-CCED-42BB-BAA2-188DAEAB8614}

DELETED Folder: C:\Users\Felipe\AppData\Local\{6BE1F2A6-8201-D72B-D6F7-BC17B6507E05}

DELETED Folder: C:\Users\Felipe\AppData\Local\{6EA736C4-B22E-49A3-A237-1602506BE914}

DELETED Folder: C:\Users\Felipe\AppData\Local\{7039366A-9D56-49A8-9943-B10CCB11CA89}

DELETED Folder: C:\Users\Felipe\AppData\Local\{71308773-DE41-4200-A823-85D98A77AA61}

DELETED Folder: C:\Users\Felipe\AppData\Local\{722C12CA-52C9-4C4E-8ABC-F596348FBEE8}

DELETED Folder: C:\Users\Felipe\AppData\Local\{75371BB8-004A-4F40-85DA-1A89FF373EC6}

DELETED Folder: C:\Users\Felipe\AppData\Local\{756C8B6F-1240-429F-898B-31C4E4EF249B}

DELETED Folder: C:\Users\Felipe\AppData\Local\{78CA1A25-44EB-4A03-B27E-70FBB7E49328}

DELETED Folder: C:\Users\Felipe\AppData\Local\{7B0B8C4E-EF58-45CE-B34E-282569C30A85}

DELETED Folder: C:\Users\Felipe\AppData\Local\{7C570C0A-D4FB-45F2-B3B2-E747BBD54AB2}

DELETED Folder: C:\Users\Felipe\AppData\Local\{7E2AA3C2-651E-432C-8F70-E49FF6E8110C}

DELETED Folder: C:\Users\Felipe\AppData\Local\{7FCDC886-AC31-4F84-B1DB-E32D54C7BF7B}

DELETED Folder: C:\Users\Felipe\AppData\Local\{8157B3DA-AF36-459B-83C0-E09C9B68C97C}

DELETED Folder: C:\Users\Felipe\AppData\Local\{83897122-FCA2-479E-922D-787A245C3353}

DELETED Folder: C:\Users\Felipe\AppData\Local\{849A387C-E8B7-44FF-B272-8E9F59B52D88}

DELETED Folder: C:\Users\Felipe\AppData\Local\{84FF8B33-3216-40E8-AC95-AB1218145C85}

DELETED Folder: C:\Users\Felipe\AppData\Local\{85F13519-3775-4BF8-AA75-F8043DF96F2F}

DELETED Folder: C:\Users\Felipe\AppData\Local\{89103F85-7F9E-4C31-91A2-BCF2598C96DE}

DELETED Folder: C:\Users\Felipe\AppData\Local\{8DAB692A-F236-4939-81BD-24DBB20D232A}

DELETED Folder: C:\Users\Felipe\AppData\Local\{90930773-6C33-456C-B514-ED50BBF4991F}

DELETED Folder: C:\Users\Felipe\AppData\Local\{976522FD-EEF2-4F2E-8957-5E869AE1873F}

DELETED Folder: C:\Users\Felipe\AppData\Local\{9D498844-DAED-4D73-9616-C0EF277E1B79}

DELETED Folder: C:\Users\Felipe\AppData\Local\{9E8CE6C4-B961-463B-8848-A733DBCD700A}

DELETED Folder: C:\Users\Felipe\AppData\Local\{9FF308A7-17C6-4DE1-B0BD-E78342AD8775}

DELETED Folder: C:\Users\Felipe\AppData\Local\{A0488B55-3ED9-4018-93D2-659AF7A50829}

DELETED Folder: C:\Users\Felipe\AppData\Local\{A1A24A19-EF0D-4F96-BF49-6CC34CB485BB}

DELETED Folder: C:\Users\Felipe\AppData\Local\{A202A4E0-5498-4C2C-81F4-2A7EA15987B2}

DELETED Folder: C:\Users\Felipe\AppData\Local\{A20C17AC-F6EA-4F73-B8ED-285F6EA7C4AB}

DELETED Folder: C:\Users\Felipe\AppData\Local\{A3AB9BF3-6979-4651-AC9E-04D99E9C9B56}

DELETED Folder: C:\Users\Felipe\AppData\Local\{A4E94706-DDD3-4B7E-9B75-A61B6459E1E1}

DELETED Folder: C:\Users\Felipe\AppData\Local\{A5A9EFBC-1B74-451E-8086-E3795AB2DB4A}

DELETED Folder: C:\Users\Felipe\AppData\Local\{A7AF7706-E5D9-44C4-87B8-F14357018DB7}

DELETED Folder: C:\Users\Felipe\AppData\Local\{AB5D289E-DDBB-4274-AB11-B9394103C33B}

DELETED Folder: C:\Users\Felipe\AppData\Local\{AD98C609-03A6-4F4F-ABD2-5A2727A3D016}

DELETED Folder: C:\Users\Felipe\AppData\Local\{B1EF2D7B-AD61-43F4-992C-95FF4AF08268}

DELETED Folder: C:\Users\Felipe\AppData\Local\{B2F5DF2B-09E7-44C0-8012-4EE670EB4242}

DELETED Folder: C:\Users\Felipe\AppData\Local\{B9B9A288-88CA-430A-88FD-441C9A339E49}

DELETED Folder: C:\Users\Felipe\AppData\Local\{BBD064E2-090E-4FFD-AB03-CEC2B77D950F}

DELETED Folder: C:\Users\Felipe\AppData\Local\{C17393C7-6D10-4A22-A314-1EDC18D9D76C}

DELETED Folder: C:\Users\Felipe\AppData\Local\{CDC5F534-B710-4E69-B132-2C8B2D1BDA23}

DELETED Folder: C:\Users\Felipe\AppData\Local\{CDF88C89-465D-4EE2-8EC7-9C1FEC145CAE}

DELETED Folder: C:\Users\Felipe\AppData\Local\{CFA4A5AB-3DBE-45C9-A712-683794C36D16}

DELETED Folder: C:\Users\Felipe\AppData\Local\{D2BD9C0F-8A85-4E2F-B2C2-C9A0036E080F}

DELETED Folder: C:\Users\Felipe\AppData\Local\{D5423160-3F9C-41B1-BF20-EC92FE9E4F0C}

DELETED Folder: C:\Users\Felipe\AppData\Local\{D609C6F4-93A6-4F81-A482-8471E5624D5B}

DELETED Folder: C:\Users\Felipe\AppData\Local\{D6A5A9EB-9B9F-4A77-85AE-E7E75E8346A7}

DELETED Folder: C:\Users\Felipe\AppData\Local\{DA461C32-EFCB-4674-B4F4-EA92C73C30C0}

DELETED Folder: C:\Users\Felipe\AppData\Local\{E131EEB8-2A66-4F97-A4DA-378DBE862AD7}

DELETED Folder: C:\Users\Felipe\AppData\Local\{E3712F58-312D-4008-BE46-86FC2C539956}

DELETED Folder: C:\Users\Felipe\AppData\Local\{EA313D50-53FD-41CC-A70A-F34A3C27552B}

DELETED Folder: C:\Users\Felipe\AppData\Local\{EAA7B4DF-04DC-438F-97B1-1DAFF46C0E87}

DELETED Folder: C:\Users\Felipe\AppData\Local\{EBE8EE06-8B3C-4D82-AA61-A2B28F0A329D}

DELETED Folder: C:\Users\Felipe\AppData\Local\{ED9DB170-DE36-452D-A915-6DBCD9B61A98}

DELETED Folder: C:\Users\Felipe\AppData\Local\{EE2D2CAB-9CBD-402B-A050-03EB1C5E3576}

DELETED Folder: C:\Users\Felipe\AppData\Local\{EE81A42D-83FC-435D-9264-5DAAB1AD4DB9}

DELETED Folder: C:\Users\Felipe\AppData\Local\{EF83F2F2-4CA4-4875-8CAA-176A13CA13B4}

DELETED Folder: C:\Users\Felipe\AppData\Local\{F2FCB83B-7FC9-4943-8942-A06EA7AEFA78}

DELETED Folder: C:\Users\Felipe\AppData\Local\{F3F4049D-B937-439D-B537-5B77A17CCBFA}

DELETED Folder: C:\Users\Felipe\AppData\Local\{F674AD2A-EF06-458E-96EA-9E5E10701D98}

DELETED Folder: C:\Users\Felipe\AppData\Local\{F870FEFA-45B0-4F30-B39D-D89ECEF6EF9A}

DELETED Folder: C:\Users\Felipe\AppData\Local\{FA67D0B9-4F22-41BD-BCF1-461FED2162AA}

DELETED Folder: C:\Users\Felipe\AppData\Local\{FDA0F2A9-0FAE-48F9-9B03-35D9705B4242}

DELETED Folder: C:\Users\Felipe\AppData\Local\{FF9B2047-EC21-4B0F-8E98-50B2B2816B0B}

========== File ==========

NOT FOUND File: c:\users\felipe\appdata\local\facebook\video\skype\npfacebookvideocalling.dll

NOT FOUND File: c:\users\felipe\appdata\local\temp\data2da.tmp.exe

NOT FOUND File: c:\program files\avg secure search\roc_roc_nt.exe

NOT FOUND File: c:\program files\sweetim\messenger\sweetim.exe

NOT FOUND File: c:\program files\sweetim\communicator\sweetpacksupdatemanager.exe

========== Task ==========

NOT FOUND Task: DealPlyUpdate

========== Summary ==========

8 : Registry Key

3 : Registry Value

115 : Repertory

5 : File

1 : Task

End of clean in 01mn 03s

========== Report File ==========

C:\ZHP\ZHPFix[R1].txt - 14/10/2012 11:44:13 [11398]

DigRam · Outubro 15, 2012

Bom Dia! ilkkinha

ilkkinha, em 29 julho 2012 - 18:26 , disse:
Em primeiro lugar ótimo domingo e muito obrigada pela ajuda que vem me dando. A demora em responder é porque esse note é do meu filho, e ele usa muito, mas tem melhorado consideravelmente.Segue abaixo o relatório pedido.Quando acabar aqui eu vou pedir ajuda para meu notebook rs. Desculpe o abuso.

|- Para o seu notebook,segundo regras,terás que abrir novo Tópico.

-/-

|- Você tem 2 antivírus! ( AVG e PSafe )

|- Desinstale o AVG.

|- Repita o scan com o AdwCleaner e poste o relatório! ( C:\AdwCleaner[S2].txt )

|- Repita o scan com ZHPDiag!

|- Vá ao desktop e clique no ícone do pergaminho. ( ZHPDiag )

|- Ao concluir,poste o link ao relatório ou encaminhe o log à cjoint.com.

|- Ou... < myfile.tk >

Abs!

ilkkinha · Outubro 18, 2012

Bpa tarde. O AVG não aparece no painel de controle nem na pesquisa para que eu possa desisntalar, portanto não fiz o restante do procedimento.Existe alguma alternativa?

Obrigada

DigRam · Outubro 18, 2012

Bpa tarde. O AVG não aparece no painel de controle nem na pesquisa para que eu possa desisntalar, portanto não fiz o restante do procedimento.Existe alguma alternativa?

Obrigada

Boa Tarde! ilkkinha

|- Provavelmente,trata-se de resquícios do mesmo. Pode seguir com os procedimentos,pois incluirei esses objetos ao script de ZHPDiag.

Abs!

ilkkinha · Outubro 19, 2012

# AdwCleaner v2.004 - Logfile created 10/18/2012 at 21:13:17

# Updated 06/10/2012 by Xplode

# Operating system : Windows 7 Starter Service Pack 1 (32 bits)

# User : Felipe - FELIPEBADARO

# Boot Mode : Normal

# Running from : C:\Users\Felipe\Downloads\adwcleaner.exe

# Option [search]

***** [services] *****

***** [Files / Folders] *****

Folder Found : C:\Program Files\Common Files\AVG Secure Search

***** [Registry] *****

Key Found : HKCU\Software\IM

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (pt-BR)

Profile name : default

File : C:\Users\Felipe\AppData\Roaming\Mozilla\Firefox\Profiles\eqqhlhiz.default\prefs.js

Found : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\12.2.5.34");

Found : user_pref("browser.newtab.url", "hxxp://search.babylon.com/?affID=108293&tt=040912_ccp_3612_2&babsrc[...]

Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");

Found : user_pref("browser.search.order.1", "Search the web (Babylon)");

Found : user_pref("extensions.BabylonToolbar.admin", false);

Found : user_pref("extensions.BabylonToolbar.aflt", "babsst");

Found : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");

Found : user_pref("extensions.BabylonToolbar.autoRvrt", "false");

Found : user_pref("extensions.BabylonToolbar.dfltLng", "en");

Found : user_pref("extensions.BabylonToolbar.excTlbr", false);

Found : user_pref("extensions.BabylonToolbar.id", "4cbdc239000000000000e81132aede30");

Found : user_pref("extensions.BabylonToolbar.instlDay", "15588");

Found : user_pref("extensions.BabylonToolbar.instlRef", "sst");

Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

Found : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");

Found : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]

Found : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12");

Found : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12");

Found : user_pref("extensions.BabylonToolbar_i.babExt", "");

Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=108293&tt=040912_ccp_3612_2");

Found : user_pref("extensions.BabylonToolbar_i.newTab", false);

Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.121:58:22");

Found : user_pref("extensions.Softonic.admin", false);

Found : user_pref("extensions.Softonic.aflt", "orgnl");

Found : user_pref("extensions.Softonic.autoRvrt", "false");

Found : user_pref("extensions.Softonic.cntry", "BR");

Found : user_pref("extensions.Softonic.cv", "cv5");

Found : user_pref("extensions.Softonic.dfltLng", "");

Found : user_pref("extensions.Softonic.dfltSrch", true);

Found : user_pref("extensions.Softonic.dfltlng", "br");

Found : user_pref("extensions.Softonic.dfltsrch", true);

Found : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");

Found : user_pref("extensions.Softonic.dspOld", "");

Found : user_pref("extensions.Softonic.envrmnt", "production");

Found : user_pref("extensions.Softonic.excTlbr", false);

Found : user_pref("extensions.Softonic.hdrMd5", "761F1209EA40C4F876BC54DCF35E1152");

Found : user_pref("extensions.Softonic.hmpg", true);

Found : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MON00082/tb_v1?SearchSource=13&[...]

Found : user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/MON00082/tb_v1?SearchSource=13&cc[...]

Found : user_pref("extensions.Softonic.hpOld", "");

Found : user_pref("extensions.Softonic.hrdid", "4cbdc239000000000000e81132aede30");

Found : user_pref("extensions.Softonic.id", "4cbdc239000000000000e81132aede30");

Found : user_pref("extensions.Softonic.instlDay", "15518");

Found : user_pref("extensions.Softonic.instlRef", "MON00001");

Found : user_pref("extensions.Softonic.instlday", "15518");

Found : user_pref("extensions.Softonic.instlref", "MON00001");

Found : user_pref("extensions.Softonic.isDcmntCmplt", false);

Found : user_pref("extensions.Softonic.isdcmntcmplt", "false");

Found : user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/MON00082/tb_v1?SearchSource=[...]

Found : user_pref("extensions.Softonic.keywordurl", "hxxp://search.softonic.com/MON00082/tb_v1?SearchSource=[...]

Found : user_pref("extensions.Softonic.lastVrsnTs", "1.5.24.310:31:59");

Found : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");

Found : user_pref("extensions.Softonic.newTab", false);

Found : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MON00082/tb_v1?SearchSource=1[...]

Found : user_pref("extensions.Softonic.newtab", true);

Found : user_pref("extensions.Softonic.newtaburl", "hxxp://search.softonic.com/MON00082/tb_v1?SearchSource=1[...]

Found : user_pref("extensions.Softonic.prdct", "Softonic");

Found : user_pref("extensions.Softonic.propectorlck", 88581622);

Found : user_pref("extensions.Softonic.prtnrId", "softonic");

Found : user_pref("extensions.Softonic.prtnrid", "softonic");

Found : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]

Found : user_pref("extensions.Softonic.savedVrsnTs", "1");

Found : user_pref("extensions.Softonic.sg", "az");

Found : user_pref("extensions.Softonic.smplGrp", "none");

Found : user_pref("extensions.Softonic.smplgrp", "none");

Found : user_pref("extensions.Softonic.srch", "");

Found : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");

Found : user_pref("extensions.Softonic.srchprvdr", "Search the web (Softonic)");

Found : user_pref("extensions.Softonic.tlbrId", "base");

Found : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00001/tb_v1?SearchSource[...]

Found : user_pref("extensions.Softonic.tlbrid", "base");

Found : user_pref("extensions.Softonic.tlbrsrchurl", "hxxp://search.softonic.com/MON00001/tb_v1?SearchSource[...]

Found : user_pref("extensions.Softonic.vrsn", "1.5.24.3");

Found : user_pref("extensions.Softonic.vrsnTs", "1.5.24.310:31:59");

Found : user_pref("extensions.Softonic.vrsni", "1.5.24.3");

Found : user_pref("extensions.Softonic.vrsnts", "1.5.24.310:31:59");

Found : user_pref("extensions.Softonic_i.dnsErr", true);

Found : user_pref("extensions.Softonic_i.hmpg", true);

Found : user_pref("extensions.Softonic_i.newTab", false);

Found : user_pref("extensions.Softonic_i.smplGrp", "none");

Found : user_pref("extensions.Softonic_i.vrsnTs", "1.5.24.310:31:59");

Found : user_pref("extensions.incredibar.cntry", "BR");

Found : user_pref("extensions.incredibar.did", "10665");

Found : user_pref("extensions.incredibar.envrmnt", "production");

Found : user_pref("extensions.incredibar.hdrMd5", "");

Found : user_pref("extensions.incredibar.hmpg", false);

Found : user_pref("extensions.incredibar.installerproductid", "26");

Found : user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1416:29:52");

Found : user_pref("extensions.incredibar.mntrvrsn", "1.2.0");

Found : user_pref("extensions.incredibar.newTab", false);

Found : user_pref("extensions.incredibar.ppd", "");

Found : user_pref("extensions.incredibar.productid", "26");

Found : user_pref("extensions.incredibar.sg", "none");

Found : user_pref("extensions.incredibar.smplGrp", "none");

Found : user_pref("extensions.incredibar.upn2", "6R8v6xQKCP");

Found : user_pref("extensions.incredibar.upn2n", "92824484594721935");

Found : user_pref("extensions.incredibar.vrsnTs", "1.5.11.1416:29:52");

Found : user_pref("extensions.incredibar_i.aflt", "orgnl");

Found : user_pref("extensions.incredibar_i.dfltLng", "");

Found : user_pref("extensions.incredibar_i.did", "10665");

Found : user_pref("extensions.incredibar_i.excTlbr", false);

Found : user_pref("extensions.incredibar_i.id", "4cbdc239000000000000e81132aede30");

Found : user_pref("extensions.incredibar_i.installerproductid", "26");

Found : user_pref("extensions.incredibar_i.instlDay", "15496");

Found : user_pref("extensions.incredibar_i.instlRef", "");

Found : user_pref("extensions.incredibar_i.ms_url_id", "");

Found : user_pref("extensions.incredibar_i.newTab", false);

Found : user_pref("extensions.incredibar_i.ppd", "");

Found : user_pref("extensions.incredibar_i.prdct", "incredibar");

Found : user_pref("extensions.incredibar_i.productid", "26");

Found : user_pref("extensions.incredibar_i.prtnrId", "Incredibar");

Found : user_pref("extensions.incredibar_i.smplGrp", "none");

Found : user_pref("extensions.incredibar_i.tlbrId", "base");

Found : user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6R8v6xQKCP&loc=IB[...]

Found : user_pref("extensions.incredibar_i.upn2", "6R8v6xQKCP");

Found : user_pref("extensions.incredibar_i.upn2n", "92824484594721935");

Found : user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");

Found : user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1416:29:52");

Found : user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");

Found : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid=%7B3bae0627-eb6e-4421-b169-bda2e71dafc8[...]

Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxp://search.babylon.c[...]

Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxp://search.babyl[...]

Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]

*************************

AdwCleaner[s1].txt - [25697 octets] - [12/10/2012 19:20:03]

AdwCleaner[R1].txt - [9838 octets] - [18/10/2012 21:13:17]

########## EOF - C:\AdwCleaner[R1].txt - [9898 octets] ##########

HP

Rapport de ZHPDiag v1.31.24 par Nicolas Coolman, Update du 22/09/2012

Run by Felipe at 18/10/2012 21:26:12

Web site : http://nicolascoolman.skyrock.com/

State :

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421

MFIE: Mozilla Firefox 15.0.1 v15.0.1 (Defaut)

GCIE: Google Chrome

---\\ Windows Product Information

~ Langage: Anglais

Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

---\\ System Information

~ Processor: x86 Family 20 Model 2 Stepping 0, AuthenticAMD

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 1788 MB (39% free)

System Restore: Activé (Enable)

System drive C: has 63 GB (55%) free of 113 GB

---\\ Logged in mode

~ Computer Name: FELIPEBADARO

~ User Name: Felipe

~ All Users Names: Felipe, Convidado, Administrador,

~ Unselected Option: O45,O61,O62,O65,O82

Logged in as Administrator

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\Felipe\AppData\Roaming\

~ %Desktop% : C:\Users\Felipe\Desktop\

~ %Favorites% : C:\Users\Felipe\Favorites\

~ %LocalAppData% : C:\Users\Felipe\AppData\Local\

~ %StartMenu% : C:\Users\Felipe\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\System32\

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 63 Go of 113 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 30 Go of 168 Go)