carol2906 0 Denunciar post Postado Outubro 18, 2012 De uns dias pra cá meu computador tem ficado muito lento, principalmente ao tentar abrir sites de compras que eu usava frequentemente .. eles simplesmente não carregam. Segue o log do hijack Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:55:11, on 18/10/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\ARQUIV~1\AVG\AVG2012\avgrsx.exe C:\Arquivos de programas\AVG\AVG2012\avgcsrvx.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\ARQUIV~1\GbPlugin\GbpSv.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\SCardSvr.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\ngsrv\epsng_certd.exe C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe C:\Arquivos de programas\AVG\AVG2012\avgtray.exe C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe C:\Arquivos de programas\Epson Software\Event Manager\EEventManager.exe C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe C:\Arquivos de programas\AVG\AVG2012\avgwdsvc.exe C:\WINDOWS\system32\ctfmon.exe C:\Arquivos de programas\Samsung\Samsung New PC Studio\NPSAgent.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJB.EXE C:\Arquivos de programas\Bonjour\mDNSResponder.exe C:\WINDOWS\system32\FsUsbExService.Exe C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE C:\Arquivos de programas\AVG\AVG2012\avgnsx.exe C:\Arquivos de programas\Java\jre7\bin\jqs.exe C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Arquivos de programas\EPSON\MyEpson Portal\mepService.exe C:\Arquivos de programas\ngsrv\ngslotd.exe C:\WINDOWS\system32\HPZipm12.exe C:\Arquivos de programas\Photodex\ProShowProducer\ScsiAccess.exe C:\WINDOWS\system32\svchost.exe C:\Arquivos de programas\AVG\AVG2012\AVGIDSAgent.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Arquivos de programas\EPSON\MyEpson Portal\mep.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://unimesvirtual.com.br/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchya.com/?s=0&a=foxtab&chnl=tc-100&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0F0B0D0FtC0DtC0F0DtB0CtN0D0Tzu0StBtByCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=524142842 R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Arquivos de programas\AVG\AVG2012\avgdtiex.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Arquivos de programas\AVG\AVG2012\avgssie.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Funmoods Helper Object - {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - C:\ARQUIV~1\Funmoods\1.5.23.22\bh\escort.dll (file missing) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Arquivos de programas\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll O2 - BHO: G-Buster Browser Defense Banco Real - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\ARQUIV~1\GbPlugin\gbiehAbn.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\ARQUIV~1\Funmoods\1.5.23.22\escorTlbr.dll (file missing) O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Arquivos de programas\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [epsng_certd] C:\Arquivos de programas\ngsrv\epsng_certd.exe -r O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [PlusService] C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [AVG_TRAY] "C:\Arquivos de programas\AVG\AVG2012\avgtray.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Arquivos de programas\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [EEventManager] "C:\Arquivos de programas\Epson Software\Event Manager\EEventManager.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Arquivos de programas\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [EPSON TX133 TX135 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJB.EXE /FU "C:\WINDOWS\TEMP\E_SE9.tmp" /EF "HKCU" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Atalho para LogMeIn.lnk = C:\Arquivos de programas\LogMeIn\x86\LogMeIn.exe O4 - Startup: Recorte de tela e Iniciador do OneNote 2007.lnk = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: Append to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Arquivos de programas\PokerStars\PokerStarsUpdate.exe (file missing) O9 - Extra button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Arquivos de programas\AVG\AVG2012\avgdtiex.dll O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O15 - Trusted Zone: http://www.bancoreal.com.br O15 - Trusted Zone: http://www.bancosantander.com.br O15 - Trusted Zone: http://www.santander.com.br O15 - Trusted Zone: http://www.santanderempresarial.com.br O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://imagem.caixa.gov.br/cab/gbpdist.cab O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Arquivos de programas\AVG\AVG2012\avgpp.dll O20 - Winlogon Notify: GbPluginAbn - C:\ARQUIV~1\GbPlugin\gbiehAbn.dll O20 - Winlogon Notify: GbPluginCef - C:\Arquivos de programas\GbPlugin\gbiehCef.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Arquivos de programas\AVG\AVG2012\AVGIDSAgent.exe O23 - Service: Watchdog do AVG (avgwd) - AVG Technologies CZ, s.r.o. - C:\Arquivos de programas\AVG\AVG2012\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Arquivos de programas\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe O23 - Service: Gbp Service (GbpSv) - - C:\ARQUIV~1\GbPlugin\GbpSv.exe O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Arquivos de programas\Java\jre7\bin\jqs.exe O23 - Service: MyEpson Portal Service - SEIKO EPSON CORPORATION - C:\Arquivos de programas\EPSON\MyEpson Portal\mepService.exe O23 - Service: ngSlotDaemon (ngSlotD) - OEM - C:\Arquivos de programas\ngsrv\ngslotd.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ScsiAccess - Unknown owner - C:\Arquivos de programas\Photodex\ProShowProducer\ScsiAccess.exe O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe -- End of file - 12885 bytes Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Outubro 18, 2012 Boa Tarde! carol2906 |- Desinstale: C:\Arquivos de programas\AVG\AVG2012 -/- |- Baixe: < > ( ... par Xplode ) |- Ao acessar,clique na imagem: < > |- Salve-o no desktop! |- Clique direito em adwcleaner.exe,e escolha sua execução como "administrador". |- Ps: Dê início ao scan,clicando em "Delete" ou "Suppression". |- Ao concluir,poste o relatório: C:\AdwCleaner[S1].txt |- Baixe: < > ( ... par Nicolas Coolman ) |- Salve-o no desktop! |- Desabilite seu antivírus! |- Caso utilize o Avast,estabeleça esta configuração à SandBox. |- Para Windows Vista ou 7,clique direito e execute o arquivo como administrador. |- Aguarde a conclusão do scan e clique em "Copier". <- Aguarde! |- Além do relatório,teremos no desktop: ZHP_uninstall, MBRCheck, ZHPDiag, ZHPFix |- Poste e/ou cole aqui,o link que será gerado,logo após o relatório. Abs! Compartilhar este post Link para o post Compartilhar em outros sites
carol2906 0 Denunciar post Postado Outubro 18, 2012 Veja se está correto o que eu fiz... eu não achei link no relatório do segundo programa rodado, espero que eu tenha feito o certo... # AdwCleaner v2.005 - Logfile created 10/18/2012 at 16:55:03 # Updated 14/10/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : Carol - CASA-46997CABD5 # Boot Mode : Normal # Running from : C:\Documents and Settings\Carol\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Folder Deleted : C:\Arquivos de programas\Conduit Folder Deleted : C:\Documents and Settings\All Users\Dados de aplicativos\Ask ***** [Registry] ***** Key Deleted : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\DealPly Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25927741-5E5B-4D27-8D8B-9188FE64373F} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{33AA308B-B565-4376-AC66-59EE9B6AD13E} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25927741-5E5B-4D27-8D8B-9188FE64373F} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{33AA308B-B565-4376-AC66-59EE9B6AD13E} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{20E1481B-E285-4ABC-ADC7-AE24842B81CD} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} Key Deleted : HKLM\SOFTWARE\Classes\f Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd Key Deleted : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1 Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr Key Deleted : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore Key Deleted : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1 Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136} Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2851643 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92E5039E-FF1E-4AFB-8F24-87592D20C383} Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Deleted : HKLM\Software\ImInstaller Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.searchya.com/?s=0&a=foxtab&chnl=tc-100&cd=2XzuyEtN2Y1L1QzutDtDtBtByD0F0B0D0FtC0DtC0F0DtB0CtN0D0Tzu0StBtByCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=524142842 --> hxxp://www.google.com ************************* AdwCleaner[s1].txt - [6003 octets] - [18/10/2012 16:55:03] ########## EOF - C:\AdwCleaner[s1].txt - [6063 octets] ########## ------------------------------------------------------------ Rapport de ZHPDiag v1.31.24 par Nicolas Coolman, Update du 22/09/2012 Run by Carol at 18/10/2012 17:01:14 Web site : http://nicolascoolman.skyrock.com/ State : ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 GCIE: Google Chrome v22.0.1229.94 (Defaut) ---\\ Windows Product Information ~ Langage: Anglais Windows XP Professional Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : OK ---\\ System Information ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3055 MB (76% free) System Restore: Activé (Enable) System drive C: has 67 GB (69%) free of 98 GB ---\\ Logged in mode ~ Computer Name: CASA-46997CABD5 ~ User Name: Carol ~ All Users Names: SUPPORT_388945a0, HelpAssistant, Convidado, Carol, ASPNET, Administrador, ~ Unselected Option: O45,O61,O62,O65,O82 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Documents and Settings\Carol\Dados de aplicativos\ ~ %Desktop% : C:\Documents and Settings\Carol\Desktop\ ~ %Favorites% : C:\Documents and Settings\Carol\Favoritos\ ~ %LocalAppData% : C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\ ~ %StartMenu% : C:\Documents and Settings\Carol\Menu Iniciar\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 67 Go of 98 Go) D:\ CD-ROM drive (Not Inserted) E:\ Hard drive, Flash drive, Thumb drive (Free 95 Go of 98 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 60 Go of 103 Go) ---\\ Security Center & Tools Informations ~ UAC deactivate by user [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Scan Security Center in 00mn 00s ---\\ Search Generic System Files [MD5.064EC7FF5F58B928C3E119402977FA6D] - (.Microsoft Corporation - Windows Explorer.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\Explorer.exe [1035776] [MD5.92E6AC77CEA3564889B86A5E73CF785C] - (.Microsoft Corporation - Internet Extensions for Win32.) (.22/08/2011 - 20:41:22.) -- C:\WINDOWS\system32\wininet.dll [916480] [MD5.71D440F79B711627B12B567FB2EADB42] - (.Microsoft Corporation - Aplicativo de logon do Windows NT.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [509952] [MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 10:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512] [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744] [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976] [MD5.A8D31E836CCF2F51009CE7DFFECF6D51] - (.Microsoft Corporation - FIPS Crypto Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672] [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384] [MD5.485BC6BEB778B5E9702E6AA3D384C0CB] - (.Microsoft Corporation - Driver de porta i8042.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53504] [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112] [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832] [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264] [MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 10:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320] [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976] [MD5.9BADEE6B698BF1AF36E25A1A64A89EAB] - (.Microsoft Corporation - Driver de porta paralela.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384] [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328] [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224] [MD5.68D749B04BFBBD4D4D15CC5185AFA4DD] - (.Microsoft Corporation - Redbook Audio Filter Driver.) (.13/04/2008 - 15:53:18.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58240] [MD5.EB6B1E2C984D84470FF4FE7EF98CD44A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.14/04/2008 - 09:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53248] ~ Scan Generic Processes in 00mn 00s ---\\ Hidden files state (Hidden/Total) ~ Mes images (My Pictures) : 3/5839 ~ Mes musiques (My Musics) : 135/726 ~ Mes Videos (My Videos) : 2/251 ~ Mes Favoris (My Favorites) : 1/10 ~ Mes Documents (My Documents) : 19/8787 ~ Mon Bureau (My Desktop) : 2/223 ~ Menu demarrer (Programs) : 1/39 ~ Scan Hidden Files in 00mn 16s ---\\ Running Processes [MD5.7C355B14CA0C2D1940857B3779E04F4F] - (.Unknown owner - G-Buster Browser Defense - Service.) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe [281584] [PID.] [MD5.73686FE0B2E0469F89FD2075BE724704] - (.Apple Computer, Inc. - Bonjour Service.) -- C:\Arquivos de programas\Bonjour\mDNSResponder.exe [229376] [PID.] [MD5.D3F9205CC4CB07553F2F9472C767EA87] - (.Teruten - FsUsbDevice.) -- C:\WINDOWS\system32\FsUsbExService.exe [233472] [PID.] [MD5.A12175F063302CD68F8FC6D572D7E5FD] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe [161768] [PID.] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.exe [322120] [PID.] [MD5.53CB493291C3141AC644242276C3E41D] - (.SEIKO EPSON CORPORATION - MyEpson Portal Service.) -- C:\Arquivos de programas\EPSON\MyEpson Portal\mepService.exe [703616] [PID.] [MD5.6B5AF2DE1781726755B11FBDC57432F7] - (.OEM - ngslotd.) -- C:\Arquivos de programas\ngsrv\ngslotd.exe [56832] [PID.] [MD5.D31F88C5F19EEFA366A415D6BC5F2ABC] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [69632] [PID.] [MD5.958E956E119EB7B9ABA142AFED1B5FF4] - (...) -- C:\Arquivos de programas\Photodex\ProShowProducer\ScsiAccess.exe [186760] [PID.] [MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53784] [PID.] [MD5.6A83BFA130F303D445FB12C85A44CB48] - (.SEIKO EPSON CORPORATION - MyEpson Portal.) -- C:\Arquivos de programas\EPSON\MyEpson Portal\mep.exe [2366592] [PID.] [MD5.A7C659135E8512A55C0A5BD43829B8D5] - (.OEM - Certificate Daemon.) -- C:\Arquivos de programas\ngsrv\epsng_certd.exe [93184] [PID.] [MD5.24B588F915B45310229D5C3F3674D356] - (.Yuna Software - Messenger Plus! 5.) -- C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe [801792] [PID.] [MD5.644795F6985C740F5E36E9336B837D0B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe [31072] [PID.] [MD5.BF0EE37A14144C88A9F6FDA7B44981BB] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Arquivos de programas\Epson Software\Event Manager\EEventManager.exe [979328] [PID.] [MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe [252848] [PID.] [MD5.2B0E00BC0C1C8E4CBD12FFE81A0E13B6] - (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Arquivos de programas\Samsung\Samsung New PC Studio\NPSAgent.exe [102400] [PID.] [MD5.3E24FD32D5E2B20177CEF2D985D2AA19] - (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJB.exe [208384] [PID.] [MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Arquivos de programas\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.] [MD5.848D034D067BE2FF5CD3D779BECBDA00] - (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe [1239064] [PID.] [MD5.E897110EE5E67FABB83B154DF9C68D6A] - (...) -- C:\Documents and Settings\Carol\Desktop\ZHPDiag_silent.exe [794216] [PID.] [MD5.A1999D0386C241AACEA536FF39E6E2D9] - (...) -- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe [3765248] [PID.] [MD5.B122D463C76E0305C6F0C76932969F62] - (.Microsoft Corporation - Servidor de gerenciamento de recursos do ca.) -- C:\WINDOWS\System32\SCardSvr.exe [99328] [PID.] [MD5.6D2018AEE93285F2A8BEF55D722187A3] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.] ~ Scan Processes Running in 00mn 00s ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Arquivos de programas\Mozilla Firefox\Plugins\npdeploytk.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Arquivos de programas\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.6.4.634.) -- C:\WINDOWS\system32\Adobe\Director\np32dsw.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.7.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\WINDOWS\system32\npDeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.7.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.7.2 for Mozilla browsers.) -- C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.10411.0.) -- C:\Arquivos de programas\Microsoft Silverlight\5.1.10411.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@photodex.com/PhotodexPresenter] - (.Unknown owner - Photodex Presenter Plugin 4,10,0,2737.) -- C:\Arquivos de programas\Photodex Presenter\npPxPlay.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Arquivos de programas\Google\Update\1.3.21.123\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Arquivos de programas\Google\Update\1.3.21.123\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.123\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.123\npGoogleUpdate3.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://unimesvirtual.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.) R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Changed inifile Value, Mapped to Registry (F2) F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 00s ~ Nombre de lignes (Lines number): 1 ---\\ Browser Helper Objects (O2) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Orphean Key O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} Orphean Key O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphean Key O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} Orphean Key O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Orphean Key O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} Orphean Key O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} Orphean Key O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} Orphean Key O2 - BHO: (no name) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} Orphean Key O2 - BHO: (no name) - {C41A1C0E-EA6C-11D4-B1B8-444553540007} Orphean Key O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} Orphean Key ~ Scan BHO in 00mn 00s ---\\ Internet Explorer toolbars (O3) O3 - Toolbar: (no name) - [HKLM]{47833539-D0C5-4125-9FA8-0819E2EAAC93} . (...) -- (.not file.) O3 - Toolbar: (no name) - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (...) -- (.not file.) ~ Scan Toolbar in 00mn 00s ---\\ Auto loading programs from Registry and folders (O4) O4 - HKLM\..\Run: [epsng_certd] . (.OEM - Certificate Daemon.) -- C:\Arquivos de programas\ngsrv\epsng_certd.exe O4 - HKLM\..\Run: [NeroFilterCheck] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NPSStartup] Orphean Key O4 - HKLM\..\Run: [PlusService] . (.Yuna Software - Messenger Plus! 5.) -- C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Arquivos de programas\QuickTime\qttask.exe O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Arquivos de programas\Epson Software\Event Manager\EEventManager.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe O4 - HKCU\..\Run: [AutoStartNPSAgent] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Arquivos de programas\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [EPSON TX133 TX135 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJB.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-21-725345543-920026266-1801674531-1005\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-21-725345543-920026266-1801674531-1005\..\Run: [Google Update] . (.Google Inc. - Google Installer.) -- C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-21-725345543-920026266-1801674531-1005\..\Run: [AutoStartNPSAgent] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Arquivos de programas\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKUS\S-1-5-21-725345543-920026266-1801674531-1005\..\Run: [EPSON TX133 TX135 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJB.exe ~ Scan Application in 00mn 00s ---\\ Other User Links (O4) O4 - Global Startup: C:\Documents And Settings\All Users\Desktop\aTube Catcher.lnk . (.DsNET.) -- C:\Arquivos de programas\DsNET Corp\aTube Catcher 2.0\yct.exe O4 - Global Startup: C:\Documents And Settings\All Users\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Arquivos de programas\CCleaner\CCleaner.exe O4 - Global Startup: C:\Documents And Settings\All Users\Desktop\DOI Versão 6.1.lnk . (.Company.) -- C:\Arquivos de Programas RFB\DOI61\DOI.exe O4 - Global Startup: C:\Documents And Settings\All Users\Desktop\Google SketchUp 8.lnk . (.Google, Inc..) -- C:\Arquivos de programas\Google\Google SketchUp 8\SketchUp.exe O4 - Global Startup: C:\Documents And Settings\All Users\Desktop\MyEpson Portal.lnk . (.SEIKO EPSON CORPORATION.) -- C:\Arquivos de programas\epson\MyEpson Portal\mep.exe O4 - Global Startup: C:\Documents And Settings\All Users\Desktop\Receitanet 1.01 .lnk . (.SERPRO - Serviço Federal de Processamento d.) -- C:\Arquivos de programas\Programas RFB\Receitanet\Windows\Receitanet.exe O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\Atalho para Ares.lnk . (.Ares Development Group.) -- C:\Arquivos de programas\Ares\Ares.exe O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\Atalho para uTorrent.lnk . (.BitTorrent, Inc..) -- C:\Arquivos de programas\uTorrent\uTorrent.exe O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\AULAS.lnk . (...) -- F:\Documents and Settings\Carol\AULAS O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk . (...) -- C:\Arquivos de Programas RFB\IRPF2012\IRPF2012.exe O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\MBRCheck.lnk . (...) -- C:\Arquivos de programas\ZHPDiag\mbrcheck.exe O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\PUC PEDAGOGIA.lnk . (...) -- F:\Documents and Settings\Carol\PUC PEDAGOGIA O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\ZHPDiag.lnk . (...) -- C:\Arquivos de programas\ZHPDiag\ZHPDiags.exe O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\ZHPFix.lnk . (...) -- C:\Arquivos de programas\ZHPDiag\ZHPFix.exe O4 - Global Startup: C:\Documents And Settings\All Users\Desktop\aTube Catcher.lnk . (.DsNET.) -- C:\Arquivos de programas\DsNET Corp\aTube Catcher 2.0\yct.exe O4 - Global Startup: C:\Documents And Settings\All Users\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Arquivos de programas\CCleaner\CCleaner.exe O4 - Global Startup: C:\Documents And Settings\All Users\Desktop\DOI Versão 6.1.lnk . (.Company.) -- C:\Arquivos de Programas RFB\DOI61\DOI.exe O4 - Global Startup: C:\Documents And Settings\All Users\Desktop\Google SketchUp 8.lnk . (.Google, Inc..) -- C:\Arquivos de programas\Google\Google SketchUp 8\SketchUp.exe O4 - Global Startup: C:\Documents And Settings\All Users\Desktop\MyEpson Portal.lnk . (.SEIKO EPSON CORPORATION.) -- C:\Arquivos de programas\epson\MyEpson Portal\mep.exe O4 - Global Startup: C:\Documents And Settings\All Users\Desktop\Receitanet 1.01 .lnk . (.SERPRO - Serviço Federal de Processamento d.) -- C:\Arquivos de programas\Programas RFB\Receitanet\Windows\Receitanet.exe O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\Atalho para Ares.lnk . (.Ares Development Group.) -- C:\Arquivos de programas\Ares\Ares.exe O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\Atalho para uTorrent.lnk . (.BitTorrent, Inc..) -- C:\Arquivos de programas\uTorrent\uTorrent.exe O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\AULAS.lnk . (...) -- F:\Documents and Settings\Carol\AULAS O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva do País.lnk . (...) -- C:\Arquivos de Programas RFB\IRPF2012\IRPF2012.exe O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\MBRCheck.lnk . (...) -- C:\Arquivos de programas\ZHPDiag\mbrcheck.exe O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\PUC PEDAGOGIA.lnk . (...) -- F:\Documents and Settings\Carol\PUC PEDAGOGIA O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\ZHPDiag.lnk . (...) -- C:\Arquivos de programas\ZHPDiag\ZHPDiags.exe O4 - Global Startup: C:\Documents And Settings\Carol\Desktop\ZHPFix.lnk . (...) -- C:\Arquivos de programas\ZHPDiag\ZHPFix.exe ~ Scan Global Startup in 00mn 00s ---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9) O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Enviar para o OneNote - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} -- C:\Arquivos de programas\PokerStars\main.ico (.not file.) O9 - Extra button: &Enviar para o OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Arquivos de programas\Microsoft Office\OFFICE11\REFBARH.ICO O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\Arquivos de programas\Microsoft Office\OFFICE11\REFBARH.ICO O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fornecedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fornecedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\WINDOWS\system32\mswsock.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Apple Computer, Inc. - Bonjour Namespace Provider.) -- C:\Arquivos de programas\Bonjour\mdnsNSP.dll ~ Scan Winsock in 00mn 00s ---\\ Extra group in IE 'Advanced Options'window (O11) O11 - Options group: [java_sun] Java (Oracle). (.Oracle Corporation - Java Deployment Library .) - C:\Arquivos de programas\Java\jre7\bin\deploy.dll O11 - Options group: [java_vm] Java (Oracle). (.Oracle Corporation - Java Deployment Library .) - C:\Arquivos de programas\Java\jre7\bin\deploy.dll ~ Scan IE Plugins in 00mn 00s ---\\ 'Reset Web Settings' hijack (O14) O14 - IERESET.INF: SEARCH_PAGE_URL=SEARCH_PAGE_URL="&http://home.microsoft.com/intl/br/access/allinone.asp" O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="search.msn.com.br" ~ Scan IE Paramètres WEB in 00mn 00s ---\\ Site in Trusted Zone (O15) O15 - Trusted Zone: [HKCU\...\Domains\www] http.bancoreal.com.br O15 - Trusted Zone: [HKCU\...\Domains\www] http.bancosantander.com.br O15 - Trusted Zone: [HKCU\...\Domains\www] http.santander.com.br O15 - Trusted Zone: [HKCU\...\Domains\www] http.santanderempresarial.com.br ~ Scan IE Zone Confiance in 00mn 00s ---\\ ActiveX Objects (Downloaded Program Files) (O16) O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://imagem.caixa.gov.br/cab/gbpdist.cab O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399007} (GbPluginObj Class) - https://wwws.realsecureweb.com.br/mpr/plugin/Cab/GbPluginABN.cab O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/RACtrl.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Lop.com/Domain Hijackers (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{8E2A87FF-0AEA-49D3-90BD-D450CB5C356B}: DhcpNameServer = 192.168.254.254 192.168.0.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{8E2A87FF-0AEA-49D3-90BD-D450CB5C356B}: DhcpNameServer = 192.168.254.254 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{8E2A87FF-0AEA-49D3-90BD-D450CB5C356B}: DhcpNameServer = 192.168.254.254 192.168.0.1 ~ Scan Domain in 00mn 00s ---\\ Extra protocols (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para fluxo de vídeo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Arquivos de programas\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Information Retrieval\MSITSS.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Arquivos de programas\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} . (.Microsoft Corporation - Microsoft Office Web Components 2003.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.dll O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para fluxo de vídeo.) -- C:\WINDOWS\system32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\WINDOWS\system32\SHELL32.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.dll ~ Scan Protocole Additionnel in 00mn 00s ---\\ AppInit_DLLs Registry value Autorun (O20) O20 - Winlogon Notify: GbPluginAbn . (.Banco Real - Gbieh Module.) -- C:\Arquivos de programas\GbPlugin\gbiehAbn.dll O20 - Winlogon Notify: GbPluginCef . (.Caixa Economica Federal - Gbieh Module.) -- C:\Arquivos de programas\GbPlugin\gbiehCef.dll O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agente de rede off-line.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL de notificação do serviço de logon secu.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: WBSrv . (.Stardock Corporation - WBSrv.dll.) -- C:\Arquivos de programas\Stardock\Object Desktop\WindowBlinds\wbsrv.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll ~ Scan Winlogon in 00mn 00s ---\\ ShellServiceObjectDelayLoad (O21) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\WINDOWS\system32\SHELL32.dll O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objeto de serviço do shell de Systray.) -- C:\WINDOWS\system32\stobject.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll ~ Scan SSODL in 00mn 00s ---\\ SharedTaskScheduler (O22) O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - (.not file.) ~ Scan STS/SSO in 00mn 00s ---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23) O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe O23 - Service: Bonjour Service (Bonjour Service) . (.Apple Computer, Inc. - Bonjour Service.) - C:\Arquivos de programas\Bonjour\mDNSResponder.exe O23 - Service: FsUsbExService (FsUsbExService) . (.Teruten - FsUsbDevice.) - C:\WINDOWS\system32\FsUsbExService.exe O23 - Service: Gbp Service (GbpSv) . (.Unknown owner - G-Buster Browser Defense - Service.) - C:\Arquivos de programas\GbPlugin\gbpsv.exe O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Oracle Corporation - Java Quick Starter Service.) - C:\Arquivos de programas\Java\jre7\bin\jqs.exe O23 - Service: MyEpson Portal Service (MyEpson Portal Service) . (.SEIKO EPSON CORPORATION - MyEpson Portal Service.) - C:\Arquivos de programas\EPSON\MyEpson Portal\mepService.exe O23 - Service: ngSlotDaemon (ngSlotD) . (.OEM - ngslotd.) - C:\Arquivos de programas\ngsrv\ngslotd.exe O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ScsiAccess (ScsiAccess) . (...) - C:\Arquivos de programas\Photodex\ProShowProducer\ScsiAccess.exe ~ Scan Services in 00mn 00s ---\\ Windows Active Desktop & MHTML Editor (O24) O24 - Desktop Component 0: Minha página inicial atual - file:About:Home O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Arquivos de programas\Microsoft Office\Office12\WINWORD.exe O24 - Desktop General: BackupWallPaper - .(...) - C:\WINDOWS\web\wallpaper\Alegria.bmp O24 - Desktop General: WallPaper - .(...) - C:\WINDOWS\web\wallpaper\Alegria.bmp ~ Scan Desktop Component in 00mn 00s ---\\ O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ Scan Keys in 00mn 00s ---\\ Task Planned Automatically(039) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Adobe Flash Player Updater.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cc732052470cbc.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cc732052cc906c.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-920026266-1801674531-1003Core.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-920026266-1801674531-1003UA.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-920026266-1801674531-1005Core.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-725345543-920026266-1801674531-1005UA.job [MD5.44C00A385CA9DBC1D5CF3781F8C26AEA] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Arquivos de programas\Apple Software Update\SoftwareUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore1cc732052470cbc] (.Google Inc..) -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA1cc732052cc906c] (.Google Inc..) -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-725345543-920026266-1801674531-1003Core] (...) -- C:\Documents and Settings\Carol\Configura‡äes locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-725345543-920026266-1801674531-1003UA] (...) -- C:\Documents and Settings\Carol\Configura‡äes locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-725345543-920026266-1801674531-1005Core] (...) -- C:\Documents and Settings\Carol\Configura‡äes locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-725345543-920026266-1801674531-1005UA] (...) -- C:\Documents and Settings\Carol\Configura‡äes locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (.not file.) ~ Scan Scheduled Task in 00mn 00s ---\\ ActiveSetup Installed Components (O40) O40 - ASIC: Atualização de Versão do Internet Explorer - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} . (.Microsoft Corporation - IE Per User Active Setup Uninstall Utility.) -- C:\WINDOWS\system32\ieudinit.exe O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Utilitário de Instalação do Microsoft Windows Media Player.) -- C:\WINDOWS\inf\unregmp2.exe O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe.mui O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- C:\WINDOWS\system32\iedkcs32.dll O40 - ASIC: Outlook Express - >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} . (.Microsoft Corporation - Windows NT User Data Migration Tool.) -- C:\WINDOWS\system32\shmgrate.exe O40 - ASIC: Microsoft VM - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Microsoft Corporation - Microsoft® VM.) -- C:\WINDOWS\system32\msjava.dll O40 - ASIC: Microsoft NetShow Player - {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\WINDOWS\system32\wmpdxm.dll O40 - ASIC: Microsoft Windows Media Player 6.4 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\WINDOWS\system32\wmpdxm.dll O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API de tema do Windows.) -- C:\WINDOWS\system32\themeui.dll O40 - ASIC: Microsoft Outlook Express 6 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Biblioteca de instalação do Outlook Express.) -- C:\Arquivos de programas\Outlook Express\setup50.exe O40 - ASIC: NetMeeting 3.01 - {44BBA842-CC51-11CF-AAFA-00AA00B6015B} . (...) -- C:\WINDOWS\INF\msnetmtg.inf O40 - ASIC: Windows Messenger 4.7 - {5945c046-1e7d-11d1-bc44-00c04fd912be} . (...) -- C:\WINDOWS\INF\msmsgs.inf O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extensão shell da pasta FTP do Microsoft Internet Explorer.) -- C:\WINDOWS\system32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (...) -- C:\WINDOWS\INF\wmp11.inf O40 - ASIC: Catálogo de endereços 6 - {7790769C-0471-11d2-AF11-00C04FA35D02} . (.Microsoft Corporation - Biblioteca de instalação do Outlook Express.) -- C:\Arquivos de programas\Outlook Express\setup50.exe O40 - ASIC: Atualização da área de trabalho do Windows - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\WINDOWS\system32\shell32.dll O40 - ASIC: Internet Explorer - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\WINDOWS\system32\ie4uinit.exe.mui O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\WINDOWS\system32\mscories.dll O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11cf-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.4 r402.) -- C:\WINDOWS\system32\Macromed\Flash\Flash32_11_4_402_287.ocx O40 - ASIC: Installed Component - S-1-5-21-725345543-920026266-1801674531-1005 - <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} -- Not Hexadécimal CLSID O40 - ASIC: Installed Component - S-1-5-21-725345543-920026266-1801674531-1005 - >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -- Not Hexadécimal CLSID ~ Scan Active Setup in 00mn 00s ---\\ Drivers launched at startup (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (avgio) . (.Avira GmbH - Avira AntiVir Support for Minifilter.) - C:\Arquivos de programas\Avira\AntiVir Desktop\avgio.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\WINDOWS\system32\DRIVERS\avipbb.sys O41 - Driver: (bbcap) . (.Windows ® 2000 DDK provider - Mirror Miniport Driver.) - C:\WINDOWS\system32\DRIVERS\bbcap.sys O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Driver de porta i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys O41 - Driver: (InCDPass) . (. - .) - C:\WINDOWS\system32\drivers\InCDPass.sys (.not file.) O41 - Driver: (InCDRm) . (. - .) - C:\WINDOWS\system32\drivers\InCDRm.sys (.not file.) O41 - Driver: (intelppm) . (.Microsoft Corporation - Driver de dispositivo de processador.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Driver de classe teclado.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys O41 - Driver: (Mouclass) . (.Microsoft Corporation - Driver de classe modem.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys O41 - Driver: (redbook) . (.Microsoft Corporation - Redbook Audio Filter Driver.) - C:\WINDOWS\system32\DRIVERS\redbook.sys O41 - Driver: (SiSkp) . (.Silicon Integrated Systems Corporation - SiS VGA Driver Manager.) - C:\WINDOWS\system32\DRIVERS\srvkp.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - C:\WINDOWS\system32\DRIVERS\wmiacpi.sys ~ Scan Drivers in 00mn 00s ---\\ Software installed (O42) O42 - Logiciel: ACDSee 10 Photo Manager - (.ACD Systems International.) [HKLM] -- {F8B98EB6-FC06-45BF-87D4-9784E0408611} O42 - Logiciel: AHV content for Acrobat and Flash - (.Adobe Systems Incorporated.) [HKLM] -- {6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD} O42 - Logiciel: Add or Remove Adobe Creative Suite 3 Design Premium - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_c14ac4070fd9614ffe63f4bb533db2c O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {90176341-0A8B-4CCC-A78D-F862228A6B95} O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61} O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {9C9824D9-9000-4373-A6A5-D0E5D4831394} O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM] -- {08B32819-6EEF-4057-AEDA-5AB681A36A23} O42 - Logiciel: Adobe BridgeTalk Plugin CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B7F560B3-6EFF-4026-A982-843895A41149} O42 - Logiciel: Adobe CMaps - (.Adobe Systems Incorporated.) [HKLM] -- {A2B242BD-FF8D-4840-9DAA-9170EABEC59C} O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM] -- {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C} O42 - Logiciel: Adobe Color - Photoshop Specific - (.Adobe Systems Incorporated.) [HKLM] -- {A2D81E70-2A98-4A08-A628-94388B063C5E} O42 - Logiciel: Adobe Color Common Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9} O42 - Logiciel: Adobe Color EU Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {51846830-E7B2-4218-8968-B77F0FF475B8} O42 - Logiciel: Adobe Color JA Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029} O42 - Logiciel: Adobe Color NA Recommended Settings - (.Adobe Systems Incorporated.) [HKLM] -- {95655ED4-7CA5-46DF-907F-7144877A32E5} O42 - Logiciel: Adobe Creative Suite 3 Design Premium - (.Adobe Systems Incorporated.) [HKLM] -- {D1C18EDD-571A-4BDD-BE7B-1DD86027D7FF} O42 - Logiciel: Adobe Default Language CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B9B35331-B7E4-4E5C-BF4C-7BC87856124D} O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {8D2BA474-F406-4710-9AE4-D4F22D21F0DD} O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM] -- {C2D69781-F392-4118-A5A7-C7E9C38DBFC2} O42 - Logiciel: Adobe Extension Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {BE5F3842-8309-4754-92D5-83E02E6077A3} O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] -- {6ABE0BEE-D572-4FE8-B434-9E72A289431B} O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {04AF207D-9A77-465A-8B76-991F6AB66245} O42 - Logiciel: Adobe InDesign CS3 Icon Handler - (.Adobe Systems Incorporated.) [HKLM] -- {EA7B3CC4-366D-4CF6-8350-FD7A7034116E} O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {54793AA1-5001-42F4-ABB6-C364617C6078} O42 - Logiciel: Adobe MotionPicture Color Files - (.Adobe Systems Incorporated.) [HKLM] -- {6B708481-748A-4EB4-97C1-CD386244FF77} O42 - Logiciel: Adobe PDF Library Files - (.Adobe Systems Incorporated.) [HKLM] -- {D2559B88-CC9D-4B48-81BB-F492BAA9C48C} O42 - Logiciel: Adobe Photoshop CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {0046FA01-C5B9-4985-BACB-398DC480FC05} O42 - Logiciel: Adobe SING CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B671CBFD-4109-4D35-9252-3062D3CCB7B2} O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {09E2111C-16B1-4DDF-BF0D-F994C9A12350} O42 - Logiciel: Adobe Shockwave Player 11.6 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player O42 - Logiciel: Adobe Stock Photos CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {29E5EA97-5F74-4A57-B8B2-D4F169117183} O42 - Logiciel: Adobe Type Support - (.Adobe Systems Incorporated.) [HKLM] -- {8E6808E2-613D-4FCD-81A2-6C8FA8E03312} O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {E69AE897-9E0B-485C-8552-7841F48D42D8} O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM] -- {D0DFF92A-492E-4C40-B862-A74A173C25C5} O42 - Logiciel: Adobe WAS CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {C5BD220A-EFE8-48A5-B70E-9503D535FACE} O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM] -- {184CE391-7E0E-4C63-9935-D7A10EDFD3C6} O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {802771A9-A856-4A41-ACF7-1450E523C923} O42 - Logiciel: Alien Skin Blow Up - (.Unknown owner.) [HKLM] -- Blow Up O42 - Logiciel: Alien Skin Exposure - (.Unknown owner.) [HKLM] -- Exposure O42 - Logiciel: Alien Skin Eye Candy 5 Impact - (.Unknown owner.) [HKLM] -- EyeCandy5Impact O42 - Logiciel: Alien Skin Eye Candy 5 Nature - (.Unknown owner.) [HKLM] -- EyeCandy5Nature O42 - Logiciel: Alien Skin Eye Candy 5 Textures - (.Unknown owner.) [HKLM] -- EyeCandy5Textures O42 - Logiciel: Alien Skin Image Doctor 1.0 - (.Unknown owner.) [HKLM] -- Image Doctor O42 - Logiciel: Alien Skin Snap Art - (.Unknown owner.) [HKLM] -- Snap Art O42 - Logiciel: Alien Skin Xenofex 2.0 - (.Unknown owner.) [HKLM] -- Xenofex2 O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {3FA365DF-2D68-45ED-8F83-8C8A33E65143} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} O42 - Logiciel: Ares 2.1.4 - (.Ares Development Group.) [HKLM] -- Ares O42 - Logiciel: Assistente de Conexão do Windows Live - (.Microsoft Corporation.) [HKLM] -- {51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48} O42 - Logiciel: Atualização de Segurança para Microsoft Windows (KB2564958) - (.Microsoft Corporation.) [HKLM] -- KB2564958 O42 - Logiciel: Atualização de Segurança para Windows Internet Explorer 7 (KB938127-v2) - (.Microsoft Corporation.) [HKLM] -- KB938127-v2-IE7 O42 - Logiciel: Atualização de Segurança para Windows Internet Explorer 7 (KB976325) - (.Microsoft Corporation.) [HKLM] -- KB976325-IE7 O42 - Logiciel: Atualização de Segurança para Windows Internet Explorer 7 (KB978207) - (.Microsoft Corporation.) [HKLM] -- KB978207-IE7 O42 - Logiciel: Atualização de Segurança para Windows Internet Explorer 7 (KB982381) - (.Microsoft Corporation.) [HKLM] -- KB982381-IE7 O42 - Logiciel: Atualização de Segurança para Windows Internet Explorer 8 (KB2510531) - (.Microsoft Corporation.) [HKLM] -- KB2510531-IE8 O42 - Logiciel: Atualização de Segurança para Windows Internet Explorer 8 (KB2544521) - (.Microsoft Corporation.) [HKLM] -- KB2544521-IE8 O42 - Logiciel: Atualização de Segurança para Windows Internet Explorer 8 (KB2586448) - (.Microsoft Corporation.) [HKLM] -- KB2586448-IE8 O42 - Logiciel: Atualização de Segurança para Windows Internet Explorer 8 (KB981332) - (.Microsoft Corporation.) [HKLM] -- KB981332-IE8 O42 - Logiciel: Atualização de Segurança para Windows Internet Explorer 8 (KB982381) - (.Microsoft Corporation.) [HKLM] -- KB982381-IE8 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2079403) - (.Microsoft Corporation.) [HKLM] -- KB2079403 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2115168) - (.Microsoft Corporation.) [HKLM] -- KB2115168 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2229593) - (.Microsoft Corporation.) [HKLM] -- KB2229593 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2296011) - (.Microsoft Corporation.) [HKLM] -- KB2296011 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2347290) - (.Microsoft Corporation.) [HKLM] -- KB2347290 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2360937) - (.Microsoft Corporation.) [HKLM] -- KB2360937 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2387149) - (.Microsoft Corporation.) [HKLM] -- KB2387149 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2393802) - (.Microsoft Corporation.) [HKLM] -- KB2393802 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2412687) - (.Microsoft Corporation.) [HKLM] -- KB2412687 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2419632) - (.Microsoft Corporation.) [HKLM] -- KB2419632 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2423089) - (.Microsoft Corporation.) [HKLM] -- KB2423089 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2440591) - (.Microsoft Corporation.) [HKLM] -- KB2440591 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2443105) - (.Microsoft Corporation.) [HKLM] -- KB2443105 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2476490) - (.Microsoft Corporation.) [HKLM] -- KB2476490 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2478960) - (.Microsoft Corporation.) [HKLM] -- KB2478960 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2478971) - (.Microsoft Corporation.) [HKLM] -- KB2478971 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2479943) - (.Microsoft Corporation.) [HKLM] -- KB2479943 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2481109) - (.Microsoft Corporation.) [HKLM] -- KB2481109 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2483185) - (.Microsoft Corporation.) [HKLM] -- KB2483185 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2485663) - (.Microsoft Corporation.) [HKLM] -- KB2485663 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2506212) - (.Microsoft Corporation.) [HKLM] -- KB2506212 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2507618) - (.Microsoft Corporation.) [HKLM] -- KB2507618 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2507938) - (.Microsoft Corporation.) [HKLM] -- KB2507938 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2508272) - (.Microsoft Corporation.) [HKLM] -- KB2508272 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2508429) - (.Microsoft Corporation.) [HKLM] -- KB2508429 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2509553) - (.Microsoft Corporation.) [HKLM] -- KB2509553 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2535512) - (.Microsoft Corporation.) [HKLM] -- KB2535512 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2536276-v2) - (.Microsoft Corporation.) [HKLM] -- KB2536276-v2 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2544893) - (.Microsoft Corporation.) [HKLM] -- KB2544893 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2562937) - (.Microsoft Corporation.) [HKLM] -- KB2562937 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2566454) - (.Microsoft Corporation.) [HKLM] -- KB2566454 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2567053) - (.Microsoft Corporation.) [HKLM] -- KB2567053 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2567680) - (.Microsoft Corporation.) [HKLM] -- KB2567680 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2570222) - (.Microsoft Corporation.) [HKLM] -- KB2570222 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2570947) - (.Microsoft Corporation.) [HKLM] -- KB2570947 O42 - Logiciel: Atualização de Segurança para Windows XP (KB2592799) - (.Microsoft Corporation.) [HKLM] -- KB2592799 O42 - Logiciel: Atualização de Segurança para Windows XP (KB923561) - (.Microsoft Corporation.) [HKLM] -- KB923561 O42 - Logiciel: Atualização de Segurança para Windows XP (KB938464-v2) - (.Microsoft Corporation.) [HKLM] -- KB938464-v2 O42 - Logiciel: Atualização de Segurança para Windows XP (KB941569) - (.Microsoft Corporation.) [HKLM] -- KB941569 O42 - Logiciel: Atualização de Segurança para Windows XP (KB946648) - (.Microsoft Corporation.) [HKLM] -- KB946648 O42 - Logiciel: Atualização de Segurança para Windows XP (KB950762) - (.Microsoft Corporation.) [HKLM] -- KB950762 O42 - Logiciel: Atualização de Segurança para Windows XP (KB950974) - (.Microsoft Corporation.) [HKLM] -- KB950974 O42 - Logiciel: Atualização de Segurança para Windows XP (KB951066) - (.Microsoft Corporation.) [HKLM] -- KB951066 O42 - Logiciel: Atualização de Segurança para Windows XP (KB951376-v2) - (.Microsoft Corporation.) [HKLM] -- KB951376-v2 O42 - Logiciel: Atualização de Segurança para Windows XP (KB951748) - (.Microsoft Corporation.) [HKLM] -- KB951748 O42 - Logiciel: Atualização de Segurança para Windows XP (KB952004) - (.Microsoft Corporation.) [HKLM] -- KB952004 O42 - Logiciel: Atualização de Segurança para Windows XP (KB952954) - (.Microsoft Corporation.) [HKLM] -- KB952954 O42 - Logiciel: Atualização de Segurança para Windows XP (KB954459) - (.Microsoft Corporation.) [HKLM] -- KB954459 O42 - Logiciel: Atualização de Segurança para Windows XP (KB954600) - (.Microsoft Corporation.) [HKLM] -- KB954600 O42 - Logiciel: Atualização de Segurança para Windows XP (KB955069) - (.Microsoft Corporation.) [HKLM] -- KB955069 O42 - Logiciel: Atualização de Segurança para Windows XP (KB956572) - (.Microsoft Corporation.) [HKLM] -- KB956572 O42 - Logiciel: Atualização de Segurança para Windows XP (KB956744) - (.Microsoft Corporation.) [HKLM] -- KB956744 O42 - Logiciel: Atualização de Segurança para Windows XP (KB956802) - (.Microsoft Corporation.) [HKLM] -- KB956802 O42 - Logiciel: Atualização de Segurança para Windows XP (KB956803) - (.Microsoft Corporation.) [HKLM] -- KB956803 O42 - Logiciel: Atualização de Segurança para Windows XP (KB956844) - (.Microsoft Corporation.) [HKLM] -- KB956844 O42 - Logiciel: Atualização de Segurança para Windows XP (KB957097) - (.Microsoft Corporation.) [HKLM] -- KB957097 O42 - Logiciel: Atualização de Segurança para Windows XP (KB958644) - (.Microsoft Corporation.) [HKLM] -- KB958644 O42 - Logiciel: Atualização de Segurança para Windows XP (KB958687) - (.Microsoft Corporation.) [HKLM] -- KB958687 O42 - Logiciel: Atualização de Segurança para Windows XP (KB958869) - (.Microsoft Corporation.) [HKLM] -- KB958869 O42 - Logiciel: Atualização de Segurança para Windows XP (KB959426) - (.Microsoft Corporation.) [HKLM] -- KB959426 O42 - Logiciel: Atualização de Segurança para Windows XP (KB960225) - (.Microsoft Corporation.) [HKLM] -- KB960225 O42 - Logiciel: Atualização de Segurança para Windows XP (KB960803) - (.Microsoft Corporation.) [HKLM] -- KB960803 O42 - Logiciel: Atualização de Segurança para Windows XP (KB960859) - (.Microsoft Corporation.) [HKLM] -- KB960859 O42 - Logiciel: Atualização de Segurança para Windows XP (KB961371-v2) - (.Microsoft Corporation.) [HKLM] -- KB961371-v2 O42 - Logiciel: Atualização de Segurança para Windows XP (KB961501) - (.Microsoft Corporation.) [HKLM] -- KB961501 O42 - Logiciel: Atualização de Segurança para Windows XP (KB968537) - (.Microsoft Corporation.) [HKLM] -- KB968537 O42 - Logiciel: Atualização de Segurança para Windows XP (KB969059) - (.Microsoft Corporation.) [HKLM] -- KB969059 O42 - Logiciel: Atualização de Segurança para Windows XP (KB969947) - (.Microsoft Corporation.) [HKLM] -- KB969947 O42 - Logiciel: Atualização de Segurança para Windows XP (KB970238) - (.Microsoft Corporation.) [HKLM] -- KB970238 O42 - Logiciel: Atualização de Segurança para Windows XP (KB970430) - (.Microsoft Corporation.) [HKLM] -- KB970430 O42 - Logiciel: Atualização de Segurança para Windows XP (KB971468) - (.Microsoft Corporation.) [HKLM] -- KB971468 O42 - Logiciel: Atualização de Segurança para Windows XP (KB971486) - (.Microsoft Corporation.) [HKLM] -- KB971486 O42 - Logiciel: Atualização de Segurança para Windows XP (KB971557) - (.Microsoft Corporation.) [HKLM] -- KB971557 O42 - Logiciel: Atualização de Segurança para Windows XP (KB971633) - (.Microsoft Corporation.) [HKLM] -- KB971633 O42 - Logiciel: Atualização de Segurança para Windows XP (KB971657) - (.Microsoft Corporation.) [HKLM] -- KB971657 O42 - Logiciel: Atualização de Segurança para Windows XP (KB971961) - (.Microsoft Corporation.) [HKLM] -- KB971961 O42 - Logiciel: Atualização de Segurança para Windows XP (KB972260) - (.Microsoft Corporation.) [HKLM] -- KB972260 O42 - Logiciel: Atualização de Segurança para Windows XP (KB972270) - (.Microsoft Corporation.) [HKLM] -- KB972270 O42 - Logiciel: Atualização de Segurança para Windows XP (KB973346) - (.Microsoft Corporation.) [HKLM] -- KB973346 O42 - Logiciel: Atualização de Segurança para Windows XP (KB973354) - (.Microsoft Corporation.) [HKLM] -- KB973354 O42 - Logiciel: Atualização de Segurança para Windows XP (KB973507) - (.Microsoft Corporation.) [HKLM] -- KB973507 O42 - Logiciel: Atualização de Segurança para Windows XP (KB973525) - (.Microsoft Corporation.) [HKLM] -- KB973525 O42 - Logiciel: Atualização de Segurança para Windows XP (KB973869) - (.Microsoft Corporation.) [HKLM] -- KB973869 O42 - Logiciel: Atualização de Segurança para Windows XP (KB973904) - (.Microsoft Corporation.) [HKLM] -- KB973904 O42 - Logiciel: Atualização de Segurança para Windows XP (KB974112) - (.Microsoft Corporation.) [HKLM] -- KB974112 O42 - Logiciel: Atualização de Segurança para Windows XP (KB974318) - (.Microsoft Corporation.) [HKLM] -- KB974318 O42 - Logiciel: Atualização de Segurança para Windows XP (KB974392) - (.Microsoft Corporation.) [HKLM] -- KB974392 O42 - Logiciel: Atualização de Segurança para Windows XP (KB974455) - (.Microsoft Corporation.) [HKLM] -- KB974455 O42 - Logiciel: Atualização de Segurança para Windows XP (KB974571) - (.Microsoft Corporation.) [HKLM] -- KB974571 O42 - Logiciel: Atualização de Segurança para Windows XP (KB975025) - (.Microsoft Corporation.) [HKLM] -- KB975025 O42 - Logiciel: Atualização de Segurança para Windows XP (KB975467) - (.Microsoft Corporation.) [HKLM] -- KB975467 O42 - Logiciel: Atualização de Segurança para Windows XP (KB975560) - (.Microsoft Corporation.) [HKLM] -- KB975560 O42 - Logiciel: Atualização de Segurança para Windows XP (KB975561) - (.Microsoft Corporation.) [HKLM] -- KB975561 O42 - Logiciel: Atualização de Segurança para Windows XP (KB975562) - (.Microsoft Corporation.) [HKLM] -- KB975562 O42 - Logiciel: Atualização de Segurança para Windows XP (KB975713) - (.Microsoft Corporation.) [HKLM] -- KB975713 O42 - Logiciel: Atualização de Segurança para Windows XP (KB976325) - (.Microsoft Corporation.) [HKLM] -- KB976325 O42 - Logiciel: Atualização de Segurança para Windows XP (KB977165) - (.Microsoft Corporation.) [HKLM] -- KB977165 O42 - Logiciel: Atualização de Segurança para Windows XP (KB977816) - (.Microsoft Corporation.) [HKLM] -- KB977816 O42 - Logiciel: Atualização de Segurança para Windows XP (KB977914) - (.Microsoft Corporation.) [HKLM] -- KB977914 O42 - Logiciel: Atualização de Segurança para Windows XP (KB978037) - (.Microsoft Corporation.) [HKLM] -- KB978037 O42 - Logiciel: Atualização de Segurança para Windows XP (KB978251) - (.Microsoft Corporation.) [HKLM] -- KB978251 O42 - Logiciel: Atualização de Segurança para Windows XP (KB978262) - (.Microsoft Corporation.) [HKLM] -- KB978262 O42 - Logiciel: Atualização de Segurança para Windows XP (KB978338) - (.Microsoft Corporation.) [HKLM] -- KB978338 O42 - Logiciel: Atualização de Segurança para Windows XP (KB978542) - (.Microsoft Corporation.) [HKLM] -- KB978542 O42 - Logiciel: Atualização de Segurança para Windows XP (KB978601) - (.Microsoft Corporation.) [HKLM] -- KB978601 O42 - Logiciel: Atualização de Segurança para Windows XP (KB978706) - (.Microsoft Corporation.) [HKLM] -- KB978706 O42 - Logiciel: Atualização de Segurança para Windows XP (KB979309) - (.Microsoft Corporation.) [HKLM] -- KB979309 O42 - Logiciel: Atualização de Segurança para Windows XP (KB979482) - (.Microsoft Corporation.) [HKLM] -- KB979482 O42 - Logiciel: Atualização de Segurança para Windows XP (KB979559) - (.Microsoft Corporation.) [HKLM] -- KB979559 O42 - Logiciel: Atualização de Segurança para Windows XP (KB979683) - (.Microsoft Corporation.) [HKLM] -- KB979683 O42 - Logiciel: Atualização de Segurança para Windows XP (KB979687) - (.Microsoft Corporation.) [HKLM] -- KB979687 O42 - Logiciel: Atualização de Segurança para Windows XP (KB980195) - (.Microsoft Corporation.) [HKLM] -- KB980195 O42 - Logiciel: Atualização de Segurança para Windows XP (KB980218) - (.Microsoft Corporation.) [HKLM] -- KB980218 O42 - Logiciel: Atualização de Segurança para Windows XP (KB980232) - (.Microsoft Corporation.) [HKLM] -- KB980232 O42 - Logiciel: Atualização de Segurança para Windows XP (KB980436) - (.Microsoft Corporation.) [HKLM] -- KB980436 O42 - Logiciel: Atualização de Segurança para Windows XP (KB981322) - (.Microsoft Corporation.) [HKLM] -- KB981322 O42 - Logiciel: Atualização de Segurança para Windows XP (KB981349) - (.Microsoft Corporation.) [HKLM] -- KB981349 O42 - Logiciel: Atualização de Segurança para Windows XP (KB981997) - (.Microsoft Corporation.) [HKLM] -- KB981997 O42 - Logiciel: Atualização de Segurança para Windows XP (KB982132) - (.Microsoft Corporation.) [HKLM] -- KB982132 O42 - Logiciel: Atualização de Segurança para Windows XP (KB982665) - (.Microsoft Corporation.) [HKLM] -- KB982665 O42 - Logiciel: Atualização de Segurança para o Windows Media Player (KB2378111) - (.Microsoft Corporation.) [HKLM] -- KB2378111_WM9 O42 - Logiciel: Atualização de Segurança para o Windows Media Player (KB952069) - (.Microsoft Corporation.) [HKLM] -- KB952069_WM9 O42 - Logiciel: Atualização de Segurança para o Windows Media Player (KB954155) - (.Microsoft Corporation.) [HKLM] -- KB954155_WM9 O42 - Logiciel: Atualização de Segurança para o Windows Media Player (KB968816) - (.Microsoft Corporation.) [HKLM] -- KB968816_WM9 O42 - Logiciel: Atualização de Segurança para o Windows Media Player (KB973540) - (.Microsoft Corporation.) [HKLM] -- KB973540_WM9 O42 - Logiciel: Atualização de Segurança para o Windows Media Player (KB975558) - (.Microsoft Corporation.) [HKLM] -- KB975558_WM8 O42 - Logiciel: Atualização de Segurança para o Windows Media Player (KB978695) - (.Microsoft Corporation.) [HKLM] -- KB978695_WM9 O42 - Logiciel: Atualização de Segurança para o Windows Media Player (KB979402) - (.Microsoft Corporation.) [HKLM] -- KB979402_WM9 O42 - Logiciel: Atualização de Segurança para o Windows Media Player 11 (KB954154) - (.Microsoft Corporation.) [HKLM] -- KB954154_WM11 O42 - Logiciel: Atualização para Windows Internet Explorer 7 (KB980182) - (.Microsoft Corporation.) [HKLM] -- KB980182-IE7 O42 - Logiciel: Atualização para Windows Internet Explorer 8 (KB976662) - (.Microsoft Corporation.) [HKLM] -- KB976662-IE8 O42 - Logiciel: Atualização para Windows Internet Explorer 8 (KB982632) - (.Microsoft Corporation.) [HKLM] -- KB982632-IE8 O42 - Logiciel: Atualização para Windows XP (KB2345886) - (.Microsoft Corporation.) [HKLM] -- KB2345886 O42 - Logiciel: Atualização para Windows XP (KB2541763) - (.Microsoft Corporation.) [HKLM] -- KB2541763 O42 - Logiciel: Atualização para Windows XP (KB2616676-v2) - (.Microsoft Corporation.) [HKLM] -- KB2616676-v2 O42 - Logiciel: Atualização para Windows XP (KB898461) - (.Microsoft Corporation.) [HKLM] -- KB898461 O42 - Logiciel: Atualização para Windows XP (KB951978) - (.Microsoft Corporation.) [HKLM] -- KB951978 O42 - Logiciel: Atualização para Windows XP (KB955759) - (.Microsoft Corporation.) [HKLM] -- KB955759 O42 - Logiciel: Atualização para Windows XP (KB961503) - (.Microsoft Corporation.) [HKLM] -- KB961503 O42 - Logiciel: Atualização para Windows XP (KB967715) - (.Microsoft Corporation.) [HKLM] -- KB967715 O42 - Logiciel: Atualização para Windows XP (KB968389) - (.Microsoft Corporation.) [HKLM] -- KB968389 O42 - Logiciel: Atualização para Windows XP (KB971029) - (.Microsoft Corporation.) [HKLM] -- KB971029 O42 - Logiciel: Atualização para Windows XP (KB971737) - (.Microsoft Corporation.) [HKLM] -- KB971737 O42 - Logiciel: Atualização para Windows XP (KB973687) - (.Microsoft Corporation.) [HKLM] -- KB973687 O42 - Logiciel: Atualização para Windows XP (KB973815) - (.Microsoft Corporation.) [HKLM] -- KB973815 O42 - Logiciel: Atualização para Windows XP (KB976749) - (.Microsoft Corporation.) [HKLM] -- KB976749 O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CorelDRAW Graphics Suite 12 - (.Corel Corporation.) [HKLM] -- {505AFDC0-5E72-4928-8368-5DEA385E3647} O42 - Logiciel: CrazyTalk Cam Suite - (.Reallusion.) [HKLM] -- {D1504C77-1B19-4AF0-8DEC-946666123B55} O42 - Logiciel: DOI - (.Unknown owner.) [HKLM] -- DOI O42 - Logiciel: Desinstalar impressora EPSON TX133 TX135 Series - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON TX133 TX135 Series O42 - Logiciel: Desinstalar o LG PC Suite III - (.LG Electronics.) [HKLM] -- {D94BA408-F110-488B-A65E-3AE7945F79E6}_is1 O42 - Logiciel: EPSON Scan - (.Seiko Epson Corporation.) [HKLM] -- EPSON Scanner O42 - Logiciel: Epson Easy Photo Print 2 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {E65AE514-9C14-48DE-BAE5-64A4F9CB6FE5} O42 - Logiciel: Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) - (.SEIKO EPSON CORPORATION.) [HKLM] -- {B2D55EB8-32C5-4B43-9006-9E97DECBA178} O42 - Logiciel: Epson Easy Photo Print Plug-in for Windows Live Photo Gallery - (.SEIKO EPSON Corporation.) [HKLM] -- EEPPPlugIn O42 - Logiciel: Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup - (.SEIKO EPSON Corporation.) [HKLM] -- {7B7044AE-6D1F-456D-B2BA-28BFFFAF3F71} O42 - Logiciel: Epson Event Manager - (.SEIKO EPSON CORPORATION.) [HKLM] -- {8A17C27D-0325-400C-8AA9-DAA6B16CBD74} O42 - Logiciel: Eye Candy 4000 - (.Unknown owner.) [HKLM] -- Eye Candy 4000 O42 - Logiciel: Ferramenta de Carregamento do Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238} O42 - Logiciel: GIISS - (.Cetil Sistemas de Informática S/A.) [HKLM] -- GIISS O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: Google Earth Plug-in - (.Google.) [HKLM] -- {2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E} O42 - Logiciel: Google SketchUp 8 - (.Google, Inc..) [HKLM] -- {6B5F92BB-4272-4A69-B39B-EED000BC6192} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB960043) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB960043 O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399 O42 - Logiciel: Hotfix for Windows XP (KB915865) - (.Microsoft Corporation.) [HKLM] -- KB915865 O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5 O42 - Logiciel: Hotfix para Windows XP (KB2570791) - (.Microsoft Corporation.) [HKLM] -- KB2570791 O42 - Logiciel: Hotfix para Windows XP (KB942288-v3) - (.Microsoft Corporation.) [HKLM] -- KB942288-v3 O42 - Logiciel: Hotfix para Windows XP (KB952287) - (.Microsoft Corporation.) [HKLM] -- KB952287 O42 - Logiciel: Hotfix para Windows XP (KB961118) - (.Microsoft Corporation.) [HKLM] -- KB961118 O42 - Logiciel: Hotfix para Windows XP (KB970653-v3) - (.Microsoft Corporation.) [HKLM] -- KB970653-v3 O42 - Logiciel: Hotfix para Windows XP (KB976098-v2) - (.Microsoft Corporation.) [HKLM] -- KB976098-v2 O42 - Logiciel: Hotfix para Windows XP (KB979306) - (.Microsoft Corporation.) [HKLM] -- KB979306 O42 - Logiciel: Hotfix para Windows XP (KB981793) - (.Microsoft Corporation.) [HKLM] -- KB981793 O42 - Logiciel: Hotfix para o Windows Media Player 11 (KB939683) - (.Microsoft Corporation.) [HKLM] -- KB939683 O42 - Logiciel: IRPF2010 - Declaração de Ajuste Anual e Final de Espólio - (.Unknown owner.) [HKLM] -- IRPF2010 - Declaração de Ajuste Anual e Final de Espólio O42 - Logiciel: IRPF2011 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2011 O42 - Logiciel: IRPF2012 - Declaração de Ajuste Anual, Final de Espólio e Saída Definitiva - (.Receita Federal do Brasil.) [HKLM] -- IRPF2012 O42 - Logiciel: Java 7 Update 7 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217007FF} O42 - Logiciel: Java 6 Update 29 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216011FF} O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM] -- {1111706F-666A-4037-7777-211328764D10} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619} O42 - Logiciel: K-Lite Codec Pack 6.9.0 (Full) - (.Unknown owner.) [HKLM] -- KLiteCodecPack_is1 O42 - Logiciel: L&H TTS3000 Português (Brasil) - (.Unknown owner.) [HKLM] -- LHTTSPTB O42 - Logiciel: LG Bluetooth Drivers - (.LG Electronics.) [HKLM] -- {AC7EE5F1-0DE4-4256-8E43-92B73C8E6019} O42 - Logiciel: LG MC USB U330 driver - (.LG Electronics.) [HKLM] -- {ABD7DBE3-E344-4BCA-B8AD-4360494DD1D9} O42 - Logiciel: LG USB Modem Drivers - (.LG Electronics.) [HKLM] -- {D137B59C-551C-4659-8AA8-206FA650BF40} O42 - Logiciel: LIVE! Control Center 1.03 - (.OEM.) [HKLM] -- {271F5A67-A83A-4985-B41B-201EB267E6CF} O42 - Logiciel: LIVE! OSD 1.03 - (.OEM.) [HKLM] -- {73289228-1853-4623-982A-EB17FF0270CA} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Messenger Plus! 5 - (.Yuna Software.) [HKLM] -- Messenger Plus! O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7} O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile PTB Language Pack - (.Microsoft Corporation.) [HKLM] -- {20A15757-4AE4-3C82-9711-863C84AFE6AA} O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702} O42 - Logiciel: Microsoft .NET Framework 4 Extended PTB Language Pack - (.Microsoft Corporation.) [HKLM] -- {98ADF875-648F-3E73-8F3B-010C2464C948} O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570} O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1 O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office Access MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office FrontPage 2003 - (.Microsoft Corporation.) [HKLM] -- {90170416-6000-11D3-8CFE-0150048383C9} O42 - Logiciel: Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95120000-0122-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{75EBE365-7FC5-4720-A7D3-804BF550D1BC} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000 O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: Motorola SM56 Data Fax Modem - (.Unknown owner.) [HKLM] -- SMSERIAL O42 - Logiciel: MyEpson Portal - (.SEIKO EPSON CORPORATION.) [HKLM] -- {3361D415-BA35-4143-B301-661991BA6219} O42 - Logiciel: MyEpson Portal - (.SEIKO EPSON Corporation.) [HKLM] -- MyEpson Portal O42 - Logiciel: Nero 7 Ultra Edition - (.Nero AG.) [HKLM] -- {4781569D-5404-1F26-4B2B-6DF444441031} O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {AC599724-5755-48C1-ABE7-ABB857652930} O42 - Logiciel: PDF Settings - (.Adobe Systems Incorporated.) [HKLM] -- {AC5B0C19-D851-42F4-BDA0-410ECF7F70A5} O42 - Logiciel: Pacote de Driver do Windows - MobileTop (sshpmdm) Modem (02/23/2007 2.5.0. - (.MobileTop.) [HKLM] -- 6194C28A8F62DD817EA1B918E6E46E806A21B452 O42 - Logiciel: Pacote de Driver do Windows - MobileTop (sshpusb) USB (02/23/2007 2.5.0.0) - (.MobileTop.) [HKLM] -- 65B6FE5418CE28F4D72543FB2D964C3CEC83F161 O42 - Logiciel: Pacote de Driver do Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) - (.Nokia.) [HKLM] -- 3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F O42 - Logiciel: Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile PTB Language Pack O42 - Logiciel: Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasi - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended PTB Language Pack O42 - Logiciel: Photodex Presenter - (.Photodex Corporation.) [HKLM] -- Photodex Presenter O42 - Logiciel: Plugin Commander Light 1.60 - (.The Plugin Site.) [HKLM] -- Plugin Commander Light_is1 O42 - Logiciel: ProShow Producer - (.Photodex Corporation.) [HKLM] -- ProShow Producer O42 - Logiciel: ProShow StylePack Volume 1 - (.Photodex.) [HKLM] -- {BE621D2B-151A-4B62-9913-33AA7AC89085} O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {1451DE6B-ABE1-4F62-BE9A-B363A17588A2} O42 - Logiciel: RAF - (.FUJIFILM Corporation.) [HKLM] -- {E6B43401-E818-4961-AFED-118DD8E87642} O42 - Logiciel: REALTEK RTL8187SE Wireless LAN Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {D4EEC21C-04F0-4CF4-8078-82C11E38EF11} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Receitanet - (.Serpro - Serviço Federal de Processamento de Dados.) [HKLM] -- ECC16E3C-16D1-4DC2-9D8A-6AC06B3005A5 O42 - Logiciel: Receitanet 2010 - (.Unknown owner.) [HKLM] -- Receitanet O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (.Unknown owner.) [HKLM] -- SAMSUNG Mobile Composite Device O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Unknown owner.) [HKLM] -- SAMSUNG Mobile Modem O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Unknown owner.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0 O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Unknown owner.) [HKLM] -- SAMSUNG Mobile USB Modem O42 - Logiciel: SAMSUNG SYMBIAN USB Download Driver - (.SAMSUNG Electronics CO,.LTD.) [HKLM] -- {D8CE69B0-9274-4b8c-BA49-0FF6A20A3C65} O42 - Logiciel: SAMSUNG USB Mobile Device Software - (.Unknown owner.) [HKLM] -- SAMSUNG USB Mobile Device O42 - Logiciel: Samsung Mobile Modem Device Software - (.Unknown owner.) [HKLM] -- Samsung Mobile Modem Device O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Unknown owner.) [HKLM] -- Samsung Mobile phone USB driver O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A} O42 - Logiciel: Samsung New PC Studio - (.Samsung Electronics Co., Ltd..) [HKLM] -- {F193FC0E-9E18-40FC-A974-509A1BDD240A} O42 - Logiciel: Samsung New PC Studio USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{AF7E85DC-317C-47F5-810E-B82EE093A612} O42 - Logiciel: Samsung New PC Studio USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {AF7E85DC-317C-47F5-810E-B82EE093A612} O42 - Logiciel: Samsung S5230 Wallpaper Creator - (.Zhuk.) [HKLM] -- {88BFE745-3D1F-4B80-8C40-E626E5A8E613} O42 - Logiciel: SamsungConnectivityCableDriver - (.Samsung.) [HKLM] -- {7E84FAC8-C518-40F9-9807-7455301D6D25} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553074) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5729F1AE-5895-468F-9165-BAD161C9E982} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2416472) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2487367) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2487367 O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2553073) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{65EA4836-B5A3-4C1D-8883-0C35E471003A} O42 - Logiciel: Security Update for Microsoft Office Groove 2007 (KB2552997) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A1CBF7D-4704-40BC-B31C-AA761884A3E4} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5D930261-AA5B-48D1-931F-425C9D767490} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A4CDE54-2403-483D-8D9A-15E3264410DF} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client - (.Microsoft Corporation.) [HKLM] -- {20A15757-4AE4-3C82-9711-863C84AFE6AA}.KB2478663 O42 - Logiciel: Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client - (.Microsoft Corporation.) [HKLM] -- {20A15757-4AE4-3C82-9711-863C84AFE6AA}.KB2518870 O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} O42 - Logiciel: SiS VGA Utilities - (.Unknown owner.) [HKLM] -- SiS VGA Driver O42 - Logiciel: SiSAGP driver - (.Unknown owner.) [HKLM] -- {DC226AC9-0314-496C-BE6A-B6A132628466} O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey O42 - Logiciel: TUGZip 3.5 - (.Christian Kindahl.) [HKLM] -- TUGZip_is1 O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228 O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2583910) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{BDC21583-5601-4B2B-88F3-7919F6DE8FB1} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2596560) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2964DDE1-4925-4DF1-AF2C-0A36B3442228} O42 - Logiciel: WHO Anthro - (.WHO.) [HKLM] -- {AC66F0B8-8E0E-4106-AF80-3F8F1F93BE14}_is1 O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130 O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8 O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {590035D9-BFA0-406A-A7F0-479C72C0DDB2} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1} O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3 O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {0FFEA8EE-7BC7-4C9D-8CC6-5B8C891BA3F2} O42 - Logiciel: Windows Live Galeria de Fotos - (.Microsoft Corporation.) [HKLM] -- {87A9C015-C2BA-44EE-9C20-6E1A764B8E23} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {74AD1846-2010-4FB1-8E24-B6F2B87150C2} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {9ADC3E4F-34DA-48CD-8727-BB26D90257BD} O42 - Logiciel: Windows Live Sync - (.Microsoft Corporation.) [HKLM] -- {2DF215E0-BD3C-4C98-8616-AFEF09747285} O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11 O42 - Logiciel: Windows Media Format 11 runtime - (.Unknown owner.) [HKLM] -- Windows Media Format Runtime O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11 O42 - Logiciel: Windows Media Player 11 - (.Unknown owner.) [HKLM] -- Windows Media Player O42 - Logiciel: Xenofex 1.0 - (.Unknown owner.) [HKLM] -- Xenofex 1.0 O42 - Logiciel: aTube Catcher - (.DsNET Corp.) [HKLM] -- aTube Catcher O42 - Logiciel: ePass2000 (Somente remover) - (.Unknown owner.) [HKLM] -- 4673551D-STFT12-4FE7-A218-48BDAE051E2B_std O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726} O42 - Logiciel: µTorrent - (.Unknown owner.) [HKLM] -- uTorrent ---\\ HKCU & HKLM Software Keys [HKCU\Software\ABBYY] [HKCU\Software\ACD Systems] [HKCU\Software\AKVIS] [HKCU\Software\AMP Soft] [HKCU\Software\ASIO] [HKCU\Software\Adobe Lightroom] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\Alien Skin] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Yahoo] [HKCU\Software\AppDataLow\Software\{9497D515-31CE-C760-749F-B43800B7682A}] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Ares] [HKCU\Software\Audacity] [HKCU\Software\Auslogics] [HKCU\Software\Avg] [HKCU\Software\Avira] [HKCU\Software\BitTorrent] [HKCU\Software\Blueberry Software] [HKCU\Software\Bugsplat] [HKCU\Software\CDDB] [HKCU\Software\Canneverbe Limited] [HKCU\Software\Canon] [HKCU\Software\Canon_Inc_IC] [HKCU\Software\Class] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CoreAAC] [HKCU\Software\Corel] [HKCU\Software\DScaler5] [HKCU\Software\ECS] [HKCU\Software\EPSON] [HKCU\Software\Extensis] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\GbAs] [HKCU\Software\GbPlugin] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\Hewlett-Packard] [HKCU\Software\I.C.NET Software GmbH] [HKCU\Software\IDAVLab] [HKCU\Software\IM Providers] [HKCU\Software\Imagenomic] [HKCU\Software\Imaxel] [HKCU\Software\IncrediMail] [HKCU\Software\InstallCore] [HKCU\Software\Intel] [HKCU\Software\JavaSoft] [HKCU\Software\LG Electronics Inc] [HKCU\Software\LG PC Suite2] [HKCU\Software\Leadertech] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\LogMeIn] [HKCU\Software\LowRegistry] [HKCU\Software\MONOGRAM] [HKCU\Software\Macromedia] [HKCU\Software\Macrovision] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MediaInfo] [HKCU\Software\Mobileleader] [HKCU\Software\Motorola] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mystik Media] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Octoshape] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Positivo] [HKCU\Software\Realtek] [HKCU\Software\Samsung] [HKCU\Software\SecuROM] [HKCU\Software\SoftVTU] [HKCU\Software\Stardock] [HKCU\Software\Synaptics] [HKCU\Software\Sysinternals] [HKCU\Software\TUGZip] [HKCU\Software\TechSmith] [HKCU\Software\Trolltech] [HKCU\Software\UltraDownloads.com.br] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VSO] [HKCU\Software\VirtualDub.org] [HKCU\Software\Voice] [HKCU\Software\Wow6432Node] [HKCU\Software\Yahoo] [HKCU\Software\Yuna Software] [HKCU\Software\Zhuk] [HKCU\Software\madFlac] [HKLM\Software\360Safe] [HKLM\Software\ABBYY] [HKLM\Software\ACD Systems] [HKLM\Software\AKVIS] [HKLM\Software\Adobe] [HKLM\Software\AdwCleaner] [HKLM\Software\Ahead] [HKLM\Software\Alien Skin] [HKLM\Software\AppDataLow] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Avg] [HKLM\Software\Avira] [HKLM\Software\Bitstream] [HKLM\Software\C07ft5Y] [HKLM\Software\CDDB] [HKLM\Software\Canon] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\Corel] [HKLM\Software\Creative Tech] [HKLM\Software\DEVGURU] [HKLM\Software\EPSON] [HKLM\Software\Extensis] [HKLM\Software\FTDriver] [HKLM\Software\FUJIFILM Corporation] [HKLM\Software\Feitian] [HKLM\Software\Fujifilm] [HKLM\Software\GNU] [HKLM\Software\Gabest] [HKLM\Software\Gemplus] [HKLM\Software\GnuWin32] [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\HaaliMkx] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IDAVLab] [HKLM\Software\Imaxel] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KLCodecPack] [HKLM\Software\Kodak] [HKLM\Software\L&H] [HKLM\Software\LG Electronics] [HKLM\Software\Licenses] [HKLM\Software\LogSys] [HKLM\Software\MAXSOFT-OCRON] [HKLM\Software\MCCI] [HKLM\Software\Macromedia] [HKLM\Software\Macrovision] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MarkAny] [HKLM\Software\MimarSinan] [HKLM\Software\Motorola] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NGSrv] [HKLM\Software\Nero] [HKLM\Software\ODBC] [HKLM\Software\OldTimer Tools] [HKLM\Software\Opus] [HKLM\Software\Oracle] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\PCSuite] [HKLM\Software\Photodex Media Sources] [HKLM\Software\Piriform] [HKLM\Software\PocketSoft] [HKLM\Software\Policies] [HKLM\Software\PowerQuest] [HKLM\Software\Program Groups] [HKLM\Software\Programas RFB] [HKLM\Software\Protexis] [HKLM\Software\RealNetworks] [HKLM\Software\Reallusion] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\Redfield] [HKLM\Software\ReflexiveArcade] [HKLM\Software\RegisteredApplications] [HKLM\Software\SEIKO EPSON CORPORATION] [HKLM\Software\Samsung] [HKLM\Software\Schlumberger] [HKLM\Software\Secure] [HKLM\Software\Set8187SE] [HKLM\Software\SiS] [HKLM\Software\Silicon Integrated Systems Corp.] [HKLM\Software\Sony Corporation] [HKLM\Software\Stardock] [HKLM\Software\Swearware] [HKLM\Software\Symantec] [HKLM\Software\Synaptics] [HKLM\Software\TUGZip] [HKLM\Software\TechSmith] [HKLM\Software\TrendMicro] [HKLM\Software\Ulead Systems] [HKLM\Software\Utherverse Digital Inc] [HKLM\Software\VDownloader] [HKLM\Software\VSO] [HKLM\Software\Voice] [HKLM\Software\Windows 3.1 Migration Status] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node] [HKLM\Software\X-AVCSD] [HKLM\Software\Yahoo] [HKLM\Software\Yuna Software] [HKLM\Software\mozilla.org] [HKLM\Software\optimidata] ~ Scan Softwares in 00mn 00s ---\\ Contents of the Common Files folders (O43) O43 - CFD: 15/01/2012 - 16:47:08 - [20,221] ----D C:\Arquivos de programas\3D Canvas 8 O43 - CFD: 23/06/2010 - 15:45:56 - [48,737] ----D C:\Arquivos de programas\ACD Systems O43 - CFD: 09/03/2012 - 16:24:40 - [1765,954] ----D C:\Arquivos de programas\Adobe O43 - CFD: 26/11/2010 - 08:32:57 - [0] ----D C:\Arquivos de programas\Ahead O43 - CFD: 31/05/2010 - 18:42:00 - [0,270] ----D C:\Arquivos de programas\Alien Skin O43 - CFD: 13/07/2010 - 17:07:20 - [0,607] ----D C:\Arquivos de programas\Alterdata O43 - CFD: 21/09/2012 - 11:16:33 - [2,316] ----D C:\Arquivos de programas\Apple Software Update O43 - CFD: 28/01/2010 - 16:32:45 - [4,398] ----D C:\Arquivos de programas\Ares O43 - CFD: 31/10/2009 - 13:57:10 - [2,151] ----D C:\Arquivos de programas\Ares Music O43 - CFD: 03/10/2012 - 14:49:36 - [966,722] ----D C:\Arquivos de programas\Arquivos comuns O43 - CFD: 17/10/2011 - 12:22:45 - [0,238] ----D C:\Arquivos de programas\AVG O43 - CFD: 15/10/2011 - 11:36:09 - [27,303] ----D C:\Arquivos de programas\Avira O43 - CFD: 18/01/2012 - 22:02:19 - [40,647] ----D C:\Arquivos de programas\Baixo Cidade O43 - CFD: 15/01/2012 - 15:13:15 - [0,313] ----D C:\Arquivos de programas\Bonjour O43 - CFD: 15/10/2011 - 11:48:00 - [3,981] ----D C:\Arquivos de programas\CCleaner O43 - CFD: 01/04/2010 - 08:46:41 - [349,174] ----D C:\Arquivos de programas\Corel O43 - CFD: 26/03/2010 - 09:46:05 - [0,002] ----D C:\Arquivos de programas\Declaração Anual de Movimento Econômico O43 - CFD: 24/12/2010 - 06:49:02 - [3,539] ----D C:\Arquivos de programas\DIFX O43 - CFD: 06/01/2010 - 21:14:09 - [2,900] ----D C:\Arquivos de programas\DigiPix O43 - CFD: 12/09/2011 - 14:46:07 - [33,835] ----D C:\Arquivos de programas\DsNET Corp O43 - CFD: 04/09/2010 - 21:09:08 - [116,757] ----D C:\Arquivos de programas\EasyPHP5.3.0 O43 - CFD: 05/10/2012 - 18:31:04 - [24,098] ----D C:\Arquivos de programas\epson O43 - CFD: 22/08/2012 - 09:50:15 - [159,960] ----D C:\Arquivos de programas\Epson Software O43 - CFD: 15/01/2012 - 15:13:12 - [5,377] ----D C:\Arquivos de programas\Extensis O43 - CFD: 15/12/2009 - 20:36:56 - [2,715] ----D C:\Arquivos de programas\Feitian O43 - CFD: 13/01/2012 - 11:15:54 - [0] ----D C:\Arquivos de programas\Gabest O43 - CFD: 16/10/2012 - 08:56:22 - [3,861] ----D C:\Arquivos de programas\GbPlugin O43 - CFD: 03/04/2012 - 14:55:26 - [116,583] ----D C:\Arquivos de programas\Google O43 - CFD: 16/04/2012 - 18:40:12 - [0] ----D C:\Arquivos de programas\Hewlett-Packard O43 - CFD: 16/04/2012 - 18:40:12 - [30,428] ----D C:\Arquivos de programas\HP O43 - CFD: 17/10/2012 - 16:06:10 - [0] ----D C:\Arquivos de programas\imaxel O43 - CFD: 26/02/2012 - 08:59:44 - [0,030] --H-D C:\Arquivos de programas\InstallJammer Registry O43 - CFD: 22/08/2012 - 09:50:13 - [68,290] --H-D C:\Arquivos de programas\InstallShield Installation Information O43 - CFD: 14/03/2012 - 10:53:25 - [5,511] ----D C:\Arquivos de programas\Internet Explorer O43 - CFD: 01/02/2011 - 22:22:17 - [15,846] ----D C:\Arquivos de programas\IPPS O43 - CFD: 13/01/2012 - 14:20:28 - [13,274] ----D C:\Arquivos de programas\Jasc Software Inc O43 - CFD: 03/10/2012 - 14:48:50 - [187,178] ----D C:\Arquivos de programas\Java O43 - CFD: 15/01/2012 - 16:45:02 - [48,715] ----D C:\Arquivos de programas\K-Lite Codec Pack O43 - CFD: 06/09/2009 - 16:53:13 - [5,663] ----D C:\Arquivos de programas\Koinonia Software O43 - CFD: 24/02/2011 - 21:34:10 - [132,447] ----D C:\Arquivos de programas\LG Electronics O43 - CFD: 10/02/2011 - 18:24:51 - [0] ----D C:\Arquivos de programas\Malwarebytes' Anti-Malware O43 - CFD: 24/12/2010 - 06:48:08 - [0,211] ----D C:\Arquivos de programas\MarkAny O43 - CFD: 02/09/2009 - 20:05:02 - [2,069] ----D C:\Arquivos de programas\Messenger O43 - CFD: 10/11/2009 - 07:35:56 - [0,216] ----D C:\Arquivos de programas\Microsoft O43 - CFD: 01/09/2009 - 09:17:23 - [0] ----D C:\Arquivos de programas\microsoft frontpage O43 - CFD: 30/09/2010 - 14:22:22 - [689,875] ----D C:\Arquivos de programas\Microsoft Office O43 - CFD: 10/11/2009 - 07:37:37 - [1,477] ----D C:\Arquivos de programas\Microsoft Office Outlook Connector O43 - CFD: 06/08/2012 - 11:53:11 - [40,838] ----D C:\Arquivos de programas\Microsoft Silverlight O43 - CFD: 10/11/2009 - 07:36:51 - [1,745] ----D C:\Arquivos de programas\Microsoft SQL Server Compact Edition O43 - CFD: 05/09/2009 - 11:16:00 - [0,014] ----D C:\Arquivos de programas\Microsoft Visual Studio O43 - CFD: 04/11/2011 - 23:09:40 - [5,691] ----D C:\Arquivos de programas\Microsoft Works O43 - CFD: 02/11/2010 - 13:25:34 - [0,148] ----D C:\Arquivos de programas\Microsoft.NET O43 - CFD: 29/05/2012 - 13:18:54 - [0,293] ----D C:\Arquivos de programas\MIKSOFT O43 - CFD: 21/07/2010 - 09:56:32 - [0,005] ----D C:\Arquivos de programas\MiniBiblio O43 - CFD: 01/09/2009 - 13:49:10 - [2,053] ----D C:\Arquivos de programas\Motorola O43 - CFD: 04/11/2011 - 23:07:52 - [9,864] ----D C:\Arquivos de programas\Movie Maker O43 - CFD: 02/05/2010 - 17:19:14 - [0,484] ----D C:\Arquivos de programas\Mozilla Firefox O43 - CFD: 05/09/2009 - 11:16:12 - [0,025] ----D C:\Arquivos de programas\MSBuild O43 - CFD: 01/09/2009 - 09:13:31 - [8,340] ----D C:\Arquivos de programas\MSN Gaming Zone O43 - CFD: 08/04/2010 - 20:28:55 - [0] ----D C:\Arquivos de programas\MSXML 4.0 O43 - CFD: 26/11/2010 - 08:33:47 - [288,996] ----D C:\Arquivos de programas\Nero O43 - CFD: 05/06/2010 - 22:29:32 - [47,736] ----D C:\Arquivos de programas\NetMeeting O43 - CFD: 15/12/2009 - 20:36:57 - [0,316] ----D C:\Arquivos de programas\ngsrv O43 - CFD: 01/09/2009 - 13:33:33 - [16,417] ----D C:\Arquivos de programas\OEM O43 - CFD: 15/08/2012 - 22:35:30 - [33,207] ----D C:\Arquivos de programas\Oracle O43 - CFD: 04/11/2011 - 22:52:39 - [4,155] ----D C:\Arquivos de programas\Outlook Express O43 - CFD: 11/06/2012 - 14:06:17 - [0,001] ----D C:\Arquivos de programas\pazera-software O43 - CFD: 24/12/2010 - 06:48:57 - [9,319] ----D C:\Arquivos de programas\PC Connectivity Solution O43 - CFD: 01/07/2010 - 18:11:02 - [329,702] ----D C:\Arquivos de programas\Photodex O43 - CFD: 01/07/2010 - 19:22:19 - [13,851] ----D C:\Arquivos de programas\Photodex Presenter O43 - CFD: 31/05/2010 - 19:04:18 - [3,289] ----D C:\Arquivos de programas\Plugin Commander Light O43 - CFD: 30/08/2012 - 11:24:34 - [0] ----D C:\Arquivos de programas\PokerStars O43 - CFD: 26/02/2012 - 08:59:32 - [11,053] ----D C:\Arquivos de programas\Programas RFB O43 - CFD: 14/03/2012 - 10:53:24 - [76,497] ----D C:\Arquivos de programas\QuickTime O43 - CFD: 14/03/2012 - 11:15:02 - [0] ----D C:\Arquivos de programas\RAF O43 - CFD: 01/09/2009 - 13:39:54 - [39,800] ----D C:\Arquivos de programas\Reallusion O43 - CFD: 01/09/2009 - 13:42:40 - [58,806] ----D C:\Arquivos de programas\Realtek O43 - CFD: 01/09/2009 - 13:55:26 - [0,386] ----D C:\Arquivos de programas\REALTEK RTL8187SE Wireless LAN Driver O43 - CFD: 09/10/2009 - 20:48:35 - [34,738] ----D C:\Arquivos de programas\Reference Assemblies O43 - CFD: 31/01/2010 - 21:46:27 - [0] ----D C:\Arquivos de programas\ReflexiveArcade O43 - CFD: 15/10/2011 - 11:31:22 - [6,471] ----D C:\Arquivos de programas\RocketDock O43 - CFD: 24/12/2010 - 06:49:07 - [182,014] ----D C:\Arquivos de programas\Samsung O43 - CFD: 30/08/2012 - 11:25:52 - [0] ----D C:\Arquivos de programas\SearchYa! O43 - CFD: 01/09/2009 - 09:15:55 - [0,001] ----D C:\Arquivos de programas\Serviços on-line O43 - CFD: 01/09/2009 - 13:52:36 - [7,409] ----D C:\Arquivos de programas\SiS VGA Utilities V3.88 O43 - CFD: 01/09/2009 - 13:52:28 - [0,007] ----D C:\Arquivos de programas\sisagp O43 - CFD: 01/09/2009 - 13:52:27 - [0,457] ----D C:\Arquivos de programas\SiSUnin O43 - CFD: 14/10/2011 - 12:41:37 - [1,976] ----D C:\Arquivos de programas\Stardock O43 - CFD: 15/01/2012 - 16:44:58 - [0,284] ----D C:\Arquivos de programas\StartNow Toolbar O43 - CFD: 01/09/2009 - 13:36:01 - [25,537] ----D C:\Arquivos de programas\Synaptics O43 - CFD: 23/11/2009 - 13:20:44 - [0,010] ----D C:\Arquivos de programas\Trend Micro O43 - CFD: 01/09/2009 - 18:11:55 - [12,603] ----D C:\Arquivos de programas\TUGZip O43 - CFD: 09/01/2010 - 08:43:12 - [0] --H-D C:\Arquivos de programas\Uninstall Information O43 - CFD: 16/01/2012 - 07:39:25 - [0] ----D C:\Arquivos de programas\URUSoft O43 - CFD: 18/01/2012 - 22:02:02 - [0] ----D C:\Arquivos de programas\Utherverse Digital Inc O43 - CFD: 14/10/2011 - 11:47:14 - [0,612] ----D C:\Arquivos de programas\uTorrent O43 - CFD: 16/04/2012 - 18:37:54 - [0,000] ----D C:\Arquivos de programas\VSO O43 - CFD: 26/10/2009 - 13:06:18 - [6,605] ----D C:\Arquivos de programas\WHO O43 - CFD: 30/01/2011 - 17:39:57 - [109,798] ----D C:\Arquivos de programas\Windows Live O43 - CFD: 10/11/2009 - 07:35:36 - [0,234] ----D C:\Arquivos de programas\Windows Live SkyDrive O43 - CFD: 04/03/2012 - 16:31:26 - [3,415] ----D C:\Arquivos de programas\Windows Media Connect 2 O43 - CFD: 04/03/2012 - 16:31:24 - [7,885] ----D C:\Arquivos de programas\Windows Media Player O43 - CFD: 01/09/2009 - 09:13:23 - [3,752] ----D C:\Arquivos de programas\Windows NT O43 - CFD: 11/06/2010 - 15:25:02 - [0] --H-D C:\Arquivos de programas\WindowsUpdate O43 - CFD: 10/10/2011 - 17:15:16 - [0,779] ----D C:\Arquivos de programas\Winstep O43 - CFD: 01/09/2009 - 09:17:23 - [0] ----D C:\Arquivos de programas\xerox O43 - CFD: 13/07/2010 - 17:10:49 - [0] ----D C:\Arquivos de programas\Yahoo! O43 - CFD: 06/10/2011 - 16:17:52 - [21,610] ----D C:\Arquivos de programas\Yuna Software O43 - CFD: 18/10/2012 - 17:01:32 - [10,351] ----D C:\Arquivos de programas\ZHPDiag O43 - CFD: 22/02/2011 - 14:44:29 - [1,287] ----D C:\Arquivos de programas\Zhuk O43 - CFD: 23/06/2010 - 15:46:08 - [17,356] ----D C:\Arquivos de programas\Arquivos comuns\ACD Systems O43 - CFD: 26/11/2010 - 08:13:38 - [530,447] ----D C:\Arquivos de programas\Arquivos comuns\Adobe O43 - CFD: 26/11/2010 - 08:33:48 - [45,340] ----D C:\Arquivos de programas\Arquivos comuns\Ahead O43 - CFD: 14/03/2012 - 10:52:34 - [32,002] ----D C:\Arquivos de programas\Arquivos comuns\Apple O43 - CFD: 08/10/2009 - 17:06:23 - [1,719] ----D C:\Arquivos de programas\Arquivos comuns\Canon O43 - CFD: 01/04/2010 - 08:47:20 - [14,638] ----D C:\Arquivos de programas\Arquivos comuns\Corel O43 - CFD: 30/08/2012 - 11:21:02 - [0,195] ----D C:\Arquivos de programas\Arquivos comuns\DESIGNER O43 - CFD: 22/08/2012 - 09:48:29 - [0,263] ----D C:\Arquivos de programas\Arquivos comuns\EPSON O43 - CFD: 16/05/2010 - 20:18:39 - [0,148] ----D C:\Arquivos de programas\Arquivos comuns\Hewlett-Packard O43 - CFD: 01/04/2010 - 08:47:14 - [8,888] ----D C:\Arquivos de programas\Arquivos comuns\InstallShield O43 - CFD: 03/10/2012 - 14:49:36 - [1,184] ----D C:\Arquivos de programas\Arquivos comuns\Java O43 - CFD: 02/09/2009 - 17:20:38 - [0,625] ----D C:\Arquivos de programas\Arquivos comuns\Macrovision Shared O43 - CFD: 30/09/2010 - 14:23:03 - [238,696] ----D C:\Arquivos de programas\Arquivos comuns\Microsoft Shared O43 - CFD: 01/09/2009 - 09:15:22 - [0,271] ----D C:\Arquivos de programas\Arquivos comuns\MSSoap O43 - CFD: 13/10/2009 - 19:42:24 - [0] ----D C:\Arquivos de programas\Arquivos comuns\ODBC O43 - CFD: 06/09/2009 - 16:53:13 - [0,849] ----D C:\Arquivos de programas\Arquivos comuns\Opus Shared O43 - CFD: 01/09/2009 - 13:39:54 - [4,081] ----D C:\Arquivos de programas\Arquivos comuns\Reallusion O43 - CFD: 01/09/2009 - 09:15:26 - [0,008] ----D C:\Arquivos de programas\Arquivos comuns\Serviços O43 - CFD: 01/09/2009 - 09:03:42 - [3,612] ----D C:\Arquivos de programas\Arquivos comuns\SpeechEngines O43 - CFD: 24/02/2010 - 20:45:32 - [0] ----D C:\Arquivos de programas\Arquivos comuns\Symantec Shared O43 - CFD: 10/11/2009 - 07:37:37 - [46,597] ----D C:\Arquivos de programas\Arquivos comuns\System O43 - CFD: 10/11/2009 - 07:21:50 - [0] ----D C:\Arquivos de programas\Arquivos comuns\Windows Live O43 - CFD: 12/10/2009 - 20:48:08 - [17,770] ----D C:\Arquivos de programas\Arquivos comuns\WindowsLiveInstaller O43 - CFD: 11/06/2010 - 18:16:21 - [0,001] ----D C:\Documents and Settings\All Users\Application Data O43 - CFD: 18/10/2012 - 16:55:03 - [700,422] R-H-D C:\Documents and Settings\All Users\Dados de aplicativos O43 - CFD: 05/10/2012 - 18:37:28 - [0,007] ----D C:\Documents and Settings\All Users\Desktop O43 - CFD: 22/02/2012 - 18:29:36 - [55,666] R---D C:\Documents and Settings\All Users\Documentos O43 - CFD: 17/10/2012 - 18:58:28 - [0,221] -SH-D C:\Documents and Settings\All Users\DRM O43 - CFD: 01/09/2009 - 09:03:18 - [0] ----D C:\Documents and Settings\All Users\Favoritos O43 - CFD: 30/08/2012 - 11:24:29 - [0,361] R---D C:\Documents and Settings\All Users\Menu Iniciar O43 - CFD: 22/08/2012 - 10:23:40 - [0,177] --H-D C:\Documents and Settings\All Users\Modelos O43 - CFD: 23/06/2010 - 15:48:50 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\ACD Systems O43 - CFD: 02/07/2012 - 21:59:01 - [83,729] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Adobe O43 - CFD: 26/11/2010 - 11:40:52 - [1,913] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Ahead O43 - CFD: 04/11/2011 - 15:15:56 - [0,015] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Alien Skin O43 - CFD: 11/08/2010 - 15:45:59 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\AMPSoft O43 - CFD: 14/03/2012 - 11:16:34 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Apple Computer O43 - CFD: 19/12/2010 - 18:25:51 - [0,002] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Audacity O43 - CFD: 17/10/2011 - 12:25:36 - [0,072] ----D C:\Documents and Settings\Carol\Dados de aplicativos\AVG2012 O43 - CFD: 25/09/2010 - 19:22:34 - [0,052] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Blueberry O43 - CFD: 24/11/2011 - 13:27:25 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\CameraWindowDC O43 - CFD: 01/11/2010 - 10:30:34 - [0,001] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Canneverbe Limited O43 - CFD: 06/05/2010 - 07:43:07 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\CANON INC O43 - CFD: 06/05/2010 - 09:45:32 - [3,714] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Corel O43 - CFD: 21/05/2010 - 17:13:47 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\DivX O43 - CFD: 04/07/2010 - 10:30:16 - [0,000] ----D C:\Documents and Settings\Carol\Dados de aplicativos\DVDVideoSoftIEHelpers O43 - CFD: 22/08/2012 - 10:55:56 - [0,007] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Epson O43 - CFD: 03/04/2012 - 14:55:57 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Google O43 - CFD: 31/10/2011 - 18:45:24 - [0,000] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Help O43 - CFD: 12/06/2010 - 08:04:00 - [0,033] ----D C:\Documents and Settings\Carol\Dados de aplicativos\HP O43 - CFD: 05/05/2010 - 18:24:31 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Identities O43 - CFD: 07/05/2010 - 09:32:40 - [0,014] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Imagenomic O43 - CFD: 24/05/2012 - 13:35:46 - [0,067] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Imaxel O43 - CFD: 14/03/2012 - 11:14:55 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\InstallShield O43 - CFD: 22/08/2012 - 10:12:11 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Leadertech O43 - CFD: 03/04/2011 - 10:57:56 - [1,891] ----D C:\Documents and Settings\Carol\Dados de aplicativos\LG Electronics O43 - CFD: 25/09/2010 - 19:09:11 - [0,031] ----D C:\Documents and Settings\Carol\Dados de aplicativos\LogSys O43 - CFD: 09/11/2010 - 18:30:09 - [0,063] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Macromedia O43 - CFD: 05/05/2010 - 18:24:44 - [1,237] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Malwarebytes O43 - CFD: 18/10/2012 - 15:51:48 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Media Player Classic O43 - CFD: 29/05/2012 - 14:00:20 - [28,121] -S--D C:\Documents and Settings\Carol\Dados de aplicativos\Microsoft O43 - CFD: 01/07/2010 - 18:11:14 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Mozilla O43 - CFD: 01/07/2010 - 18:11:14 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Netscape O43 - CFD: 17/10/2012 - 16:07:30 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Octoshape O43 - CFD: 29/05/2012 - 21:13:02 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Oracle O43 - CFD: 24/12/2010 - 06:51:03 - [0,000] ----D C:\Documents and Settings\Carol\Dados de aplicativos\PC Suite O43 - CFD: 01/07/2010 - 19:00:48 - [0,149] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Photodex O43 - CFD: 12/09/2010 - 13:29:20 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Real O43 - CFD: 21/07/2010 - 18:33:39 - [6,258] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Reallusion O43 - CFD: 24/12/2010 - 06:48:27 - [6,960] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Samsung O43 - CFD: 08/08/2012 - 20:28:04 - [0,006] R-H-D C:\Documents and Settings\Carol\Dados de aplicativos\SecuROM O43 - CFD: 07/05/2010 - 18:03:19 - [55,252] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Sun O43 - CFD: 18/10/2012 - 15:51:48 - [2,638] ----D C:\Documents and Settings\Carol\Dados de aplicativos\uTorrent O43 - CFD: 16/04/2012 - 18:37:32 - [0,145] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Vso O43 - CFD: 10/06/2010 - 15:11:13 - [0] ----D C:\Documents and Settings\Carol\Dados de aplicativos\Yahoo! O43 - CFD: 24/11/2011 - 13:27:24 - [0,005] ----D C:\Documents and Settings\Carol\Dados de aplicativos\ZoomBrowser EX O43 - CFD: 24/02/2011 - 21:34:10 - [0] --H-D C:\Documents and Settings\Carol\Dados de aplicativos\{D94BA408-F110-488B-A65E-3AE7945F79E6} O43 - CFD: 22/08/2012 - 10:01:03 - [0,000] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\ABBYY O43 - CFD: 23/06/2010 - 15:48:53 - [21,833] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\ACD Systems O43 - CFD: 25/11/2010 - 16:33:06 - [352,114] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Adobe O43 - CFD: 26/11/2010 - 12:15:44 - [1,860] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Ahead O43 - CFD: 14/03/2012 - 10:52:24 - [0] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Apple O43 - CFD: 14/03/2012 - 10:51:59 - [0,009] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Apple Computer O43 - CFD: 14/08/2012 - 19:36:27 - [0,806] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Ares O43 - CFD: 10/08/2010 - 20:44:12 - [0,000] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\bi O43 - CFD: 15/10/2011 - 11:41:01 - [0] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Conduit O43 - CFD: 18/12/2011 - 10:17:00 - [0] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Deployment O43 - CFD: 24/12/2010 - 06:49:26 - [139,231] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Downloaded Installations O43 - CFD: 20/01/2012 - 10:10:31 - [34,501] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Extensis O43 - CFD: 19/06/2012 - 10:48:57 - [0] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\FUJIFILM O43 - CFD: 03/02/2011 - 15:47:29 - [1634,208] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google O43 - CFD: 31/10/2011 - 18:38:19 - [0] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Help O43 - CFD: 29/08/2011 - 16:49:54 - [24,356] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\IM O43 - CFD: 22/10/2010 - 21:25:10 - [0] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\LogMeIn O43 - CFD: 03/01/2012 - 19:14:02 - [811,842] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Microsoft O43 - CFD: 13/10/2009 - 19:43:37 - [0] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Microsoft Help O43 - CFD: 22/02/2011 - 14:48:16 - [0,001] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Oleg_Zhuk O43 - CFD: 29/05/2012 - 21:12:55 - [8,099] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Sun O43 - CFD: 25/09/2010 - 19:04:38 - [1,013] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\TechSmith O43 - CFD: 14/10/2011 - 11:48:22 - [0] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Temp O43 - CFD: 14/10/2011 - 11:46:04 - [0] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\uTorrent O43 - CFD: 23/07/2010 - 19:36:11 - [0,000] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\vdownloader O43 - CFD: 11/06/2012 - 18:06:17 - [0] ----D C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\WMTools Downloaded Files O43 - CFD: 05/05/2010 - 18:24:38 - [0,015] R---D C:\Documents and Settings\Carol\Menu Iniciar\Programas\Acessórios O43 - CFD: 10/06/2010 - 15:11:04 - [0,003] ----D C:\Documents and Settings\Carol\Menu Iniciar\Programas\CCleaner O43 - CFD: 11/06/2010 - 20:27:02 - [0,000] R---D C:\Documents and Settings\Carol\Menu Iniciar\Programas\Ferramentas administrativas O43 - CFD: 15/05/2010 - 21:52:37 - [0,005] ----D C:\Documents and Settings\Carol\Menu Iniciar\Programas\Google Chrome O43 - CFD: 18/11/2011 - 10:14:54 - [0,002] R---D C:\Documents and Settings\Carol\Menu Iniciar\Programas\Inicializar O43 - CFD: 26/02/2012 - 08:56:11 - [0,004] ----D C:\Documents and Settings\Carol\Menu Iniciar\Programas\Programas RFB2012 ~ Scan Program Folder in 01mn 21s ---\\ Last modified or created files under Windows and System32 (O44) O44 - LFC:[MD5.4978D66C90C61FBE0D867ABFD16225B4] - 18/10/2012 - 16:58:18 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1175729] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 18/10/2012 - 16:56:55 ---A- . (...) -- C:\WINDOWS\0.log [0] O44 - LFC:[MD5.AEB48C397FD462E8EA365D9DAC0977E9] - 18/10/2012 - 16:56:54 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159] O44 - LFC:[MD5.1842CA012C3BD35C6C0FFED61450F566] - 18/10/2012 - 16:56:50 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 18/10/2012 - 16:56:22 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048] O44 - LFC:[MD5.200F365B2ED41BB0765CD09E5108D61B] - 18/10/2012 - 16:55:36 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32282] O44 - LFC:[MD5.70B9AD79B3D53FFFA5B294C52E3D0EC2] - 18/10/2012 - 16:55:08 ---A- . (...) -- C:\AdwCleaner[s1].txt [6132] O44 - LFC:[MD5.22BD8CB3635018887E7A2F747D3BFC96] - 18/10/2012 - 16:47:45 ---A- . (...) -- C:\WINDOWS\setupapi.log [2176] O44 - LFC:[MD5.DD86A4F2692C8F4D4622451C302A25F0] - 18/10/2012 - 15:55:11 ---A- . (...) -- C:\hijackthis.log [12887] O44 - LFC:[MD5.EDCEAF74C3345517A2F792ED64558A92] - 17/10/2012 - 18:59:05 ---A- . (...) -- C:\WINDOWS\NeroDigital.ini [116] O44 - LFC:[MD5.BFF44AB6919E71C976F394DD511E84AA] - 14/10/2012 - 11:16:28 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [2262] O44 - LFC:[MD5.0E10FC1911D6A138C513BC05FF60BEF4] - 09/10/2012 - 16:19:19 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerApp.exe [696760] O44 - LFC:[MD5.81D851DB12CD7AB54F0BF352036D7721] - 09/10/2012 - 16:19:19 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl [73656] O44 - LFC:[MD5.2548F78CB2E08EF4C19CB7F32AD1D6D2] - 09/10/2012 - 16:19:17 ---A- . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\WINDOWS\system32\FlashPlayerInstaller.exe [10220472] O44 - LFC:[MD5.A18569289EBC2C5D854F20B34AE2FA77] - 03/10/2012 - 14:48:56 ---A- . (.Oracle Corporation - No comment.) -- C:\WINDOWS\system32\WindowsAccessBridge.dll [93672] O44 - LFC:[MD5.68C62E206FE88FA7695C290953E3CA18] - 03/10/2012 - 14:48:53 ---A- . (.Oracle Corporation - Java Control Panel.) -- C:\WINDOWS\system32\javacpl.cpl [143872] O44 - LFC:[MD5.26AA6FE941BEF224B97589B3FA191509] - 03/10/2012 - 14:48:53 ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\WINDOWS\system32\deployJava1.dll [746984] O44 - LFC:[MD5.E62F8C879F6CE332B8ADCE134065BC88] - 03/10/2012 - 14:48:53 ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\WINDOWS\system32\java.exe [174056] O44 - LFC:[MD5.5BD255C0051A41738FCB67F3A0C68DCA] - 03/10/2012 - 14:48:53 ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\WINDOWS\system32\javaw.exe [174056] O44 - LFC:[MD5.BABCB7BF8C7210A666546A8B34F7BC54] - 03/10/2012 - 14:48:53 ---A- . (.Oracle Corporation - Java Web Start Launcher.) -- C:\WINDOWS\system32\javaws.exe [246760] O44 - LFC:[MD5.AB87C54CA19675880B0CAE65B8AF140C] - 03/10/2012 - 14:48:53 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\WINDOWS\system32\npDeployJava1.dll [821736] ~ Scan Files in 00mn 06s ---\\ Operations and functions at Windows Explorer startup (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll O46 - SEH:ShellExecuteHooks - GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\ARQUIV~1\GbPlugin\gbiehAbn.dll O46 - SEH:ShellExecuteHooks - GbPluginObj Class - {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll ~ Scan ShellExecuteHooks in 00mn 00s ---\\ Export authorized application key (O47) O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gerenciador de sessão de ajuda de área de trabalho remota da Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export SP - "C:\Arquivos de programas\Bonjour\mDNSResponder.exe" [Enabled] .(.Apple Computer, Inc. - Bonjour Service.) -- C:\Arquivos de programas\Bonjour\mDNSResponder.exe O47 - AAKE:Key Export SP - "C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.exe O47 - AAKE:Key Export SP - "C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Groove.) -- C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.exe O47 - AAKE:Key Export SP - "C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office OneNote.) -- C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\mmc.exe" [Enabled] .(.Microsoft Corporation - Console de gerenciamento Microsoft.) -- C:\WINDOWS\system32\mmc.exe O47 - AAKE:Key Export SP - "C:\Arquivos de programas\Ares\Ares.exe" [Enabled] .(.Ares Development Group - Ares p2p for windows.) -- C:\Arquivos de programas\Ares\Ares.exe O47 - AAKE:Key Export SP - "C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe" [Enabled] .(...) -- C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\HP\Digital Imaging\bin\hpqste08.exe" [Enabled] .(...) -- C:\Arquivos de programas\HP\Digital Imaging\bin\hpqste08.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\HP\Digital Imaging\bin\hpofxm08.exe" [Enabled] .(...) -- C:\Arquivos de programas\HP\Digital Imaging\bin\hpofxm08.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\HP\Digital Imaging\bin\hposfx08.exe" [Enabled] .(...) -- C:\Arquivos de programas\HP\Digital Imaging\bin\hposfx08.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\HP\Digital Imaging\bin\hposid01.exe" [Enabled] .(...) -- C:\Arquivos de programas\HP\Digital Imaging\bin\hposid01.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\HP\Digital Imaging\bin\hpqscnvw.exe" [Enabled] .(...) -- C:\Arquivos de programas\HP\Digital Imaging\bin\hpqscnvw.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\HP\Digital Imaging\bin\hpqkygrp.exe" [Enabled] .(...) -- C:\Arquivos de programas\HP\Digital Imaging\bin\hpqkygrp.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\HP\Digital Imaging\bin\hpqCopy.exe" [Enabled] .(...) -- C:\Arquivos de programas\HP\Digital Imaging\bin\hpqCopy.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\HP\Digital Imaging\bin\hpfccopy.exe" [Enabled] .(...) -- C:\Arquivos de programas\HP\Digital Imaging\bin\hpfccopy.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\HP\Digital Imaging\bin\hpzwiz01.exe" [Enabled] .(...) -- C:\Arquivos de programas\HP\Digital Imaging\bin\hpzwiz01.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\HP\Digital Imaging\Unload\HpqPhUnl.exe" [Enabled] .(...) -- C:\Arquivos de programas\HP\Digital Imaging\Unload\HpqPhUnl.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\HP\Digital Imaging\Unload\HpqDIA.exe" [Enabled] .(...) -- C:\Arquivos de programas\HP\Digital Imaging\Unload\HpqDIA.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\HP\Digital Imaging\bin\hpoews01.exe" [Enabled] .(...) -- C:\Arquivos de programas\HP\Digital Imaging\bin\hpoews01.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\HP\Digital Imaging\bin\hpqnrs08.exe" [Enabled] .(...) -- C:\Arquivos de programas\HP\Digital Imaging\bin\hpqnrs08.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\Samsung\Samsung New PC Studio\npsasvr.exe" [Enabled] .(.PeeringPortal - KTF MUSIC AoD Server.) -- C:\Arquivos de programas\Samsung\Samsung New PC Studio\npsasvr.exe O47 - AAKE:Key Export SP - "C:\Arquivos de programas\Samsung\Samsung New PC Studio\npsvsvr.exe" [Enabled] .(.PeeringPortal - KTF MUSIC VoD Server.) -- C:\Arquivos de programas\Samsung\Samsung New PC Studio\npsvsvr.exe O47 - AAKE:Key Export SP - "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export SP - "C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe O47 - AAKE:Key Export SP - "C:\Arquivos de programas\IncrediMail\Bin\IncMail.exe" [Enabled] .(...) -- C:\Arquivos de programas\IncrediMail\Bin\IncMail.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\IncrediMail\Bin\ImApp.exe" [Enabled] .(...) -- C:\Arquivos de programas\IncrediMail\Bin\ImApp.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\IncrediMail\Bin\ImpCnt.exe" [Enabled] .(...) -- C:\Arquivos de programas\IncrediMail\Bin\ImpCnt.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc. - µTorrent.) -- C:\Arquivos de programas\uTorrent\uTorrent.exe O47 - AAKE:Key Export SP - "C:\Arquivos de programas\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Arquivos de programas\Messenger\msmsgs.exe O47 - AAKE:Key Export SP - "C:\Arquivos de programas\AVG\AVG2012\avgmfapx.exe" [Enabled] .(...) -- C:\Arquivos de programas\AVG\AVG2012\avgmfapx.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Arquivos de programas\PSafe\PSRsync.exe" [Enabled] .(...) -- C:\Arquivos de programas\PSafe\PSRsync.exe (.not file.) O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gerenciador de sessão de ajuda de área de trabalho remota da Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe O47 - AAKE:Key Export DP - "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe O47 - AAKE:Key Export DP - "C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" [Enabled] .(.Microsoft Corporation - Windows Live Sync.) -- C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe ~ Scan Keys in 00mn 00s ---\\ Local Security Authority-LSA Deny (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (...) -- O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Kerberos Security Package.) -- C:\WINDOWS\system32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\system32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\system32\wdigest.dll ~ Scan Keys in 00mn 00s ---\\ Safe Boot Control (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\procexp90.Sys . (...) -- C:\WINDOWS\system32\Drivers\procexp90.Sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Driver de filtro do sistema de arquivos da restauração do sistema.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmboot.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - NT Disk Manager I/O Driver.) -- C:\WINDOWS\system32\Drivers\dmio.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\procexp90.Sys . (...) -- C:\WINDOWS\system32\Drivers\procexp90.Sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Driver de filtro do sistema de arquivos da restauração do sistema.) -- C:\WINDOWS\system32\Drivers\sr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.) ~ Scan CSB in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ Scan IFEO in 00mn 00s ---\\ MountPoints2 Shell Key (MPKS) (O51) O51 - MPSK:{045fa726-4075-11e0-917e-00030dd8fd88}\AutoRun\command. (...) -- H:\USBAutoRun.exe (.not file.) O51 - MPSK:{4a704ebe-58fc-11df-8f60-00030dd8fd88}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.) O51 - MPSK:{f28bb4fd-37d8-11e1-93db-00030dd8fd88}\AutoRun\command. (...) -- G:\USBAutoRun.exe (.not file.) ~ Scan Keys in 00mn 00s ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec de áudio DSP Group TrueSpeech para MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\ir41_32.ax O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.tscc"="tsccvid.dll" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\WINDOWS\system32\tsccvid.dll O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (...) -- C:\WINDOWS\system32\xvidvfw.dll O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\WINDOWS\system32\yv12vfw.dll O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\system32\ac3acm.acm O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\WINDOWS\system32\lameACM.acm O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (...) -- C:\WINDOWS\system32\ff_vfw.dll O52 - TDSD: \Drivers32\"VIDC.FMVC"="fmcodec.dll" . (.Fox Magic Software - FM Screen Capture Codec (VFW).) -- C:\WINDOWS\system32\fmcodec.dll O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm O52 - TDSD: \drivers.desc\"tsccvid.dll"="TechSmith Screen Capture Codec" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- C:\WINDOWS\system32\tsccvid.dll O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\WINDOWS\system32\ac3acm.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\WINDOWS\system32\ff_vfw.dll ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\Acrobat Assistant 8.0 [Key] . (.Adobe Systems Inc. - AcroTray.) -- C:\Arquivos de programas\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe O53 - SMSR:HKLM\...\startupreg\Adobe Photo Downloader [Key] . (...) -- C:\Arquivos de programas\Adobe\Adobe Photoshop Lightroom 1.2\apdproxy.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\avgnt [Key] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe O53 - SMSR:HKLM\...\startupreg\CorelDRAW Graphics Suite 11b [Key] . (.Corel Corporation - Registration.) -- C:\Arquivos de programas\Corel\Corel Graphics 12\Languages\BR\Programs\Registration.exe O53 - SMSR:HKLM\...\startupreg\CTFMON.EXE [Key] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Google Installer.) -- C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe O53 - SMSR:HKLM\...\startupreg\GrooveMonitor [Key] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe O53 - SMSR:HKLM\...\startupreg\Malwarebytes Anti-Malware (reboot) [Key] . (...) -- C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\NeroFilterCheck [Key] . (.Ahead Software Gmbh - NeroCheck.) -- C:\WINDOWS\system32\NeroCheck.exe O53 - SMSR:HKLM\...\startupreg\SiSPower [Key] . (.Silicon Integrated Systems Corporation - Dynamic link library for setting Power Sche.) -- C:\WINDOWS\system32\SiSPower.dll O53 - SMSR:HKLM\...\startupreg\SMSERIAL [Key] . (.Motorola Inc. - SM56 Modem Helper.) -- C:\Arquivos de programas\Motorola\SMSERIAL\sm56hlpr.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe O53 - SMSR:HKLM\...\startupreg\SynTPEnh [Key] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Arquivos de programas\Synaptics\SynTP\SynTPEnh.exe ~ Scan SMSR Keys in 00mn 00s ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Cliente DPA para plataformas de 32 bits.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI Authentication Package.) -- C:\WINDOWS\system32\digest.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Cliente DPA para plataformas de 32 bits.) -- C:\WINDOWS\system32\msapsspc.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Digest SSPI Authentication Package.) -- C:\WINDOWS\system32\digest.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=67108863 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=323 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ~ Scan Keys in 00mn 00s ---\\ System Drivers List (SDL) (O58) O58 - SDL:[MD5.BDECE634F62B3656DE73D51CA8EA32A9] - 31/05/2012 - 21:21:04 R--A- . (.360.cn - 360FileOem.) -- C:\WINDOWS\system32\Drivers\360FileOem.sys [146304] O58 - SDL:[MD5.C1E76718BAB6BCA0D18E5670F074F821] - 14/04/2008 - 09:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9032] ~ Scan Drivers in 00mn 00s ---\\ List all tools cleaner (LATC) (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis ~ Scan ADS in 00mn 00s ---\\ List all legacy services(LALS) (O64) O64 - Services: CurCS - 31/05/2012 - C:\WINDOWS\system32\drivers\360HookOem.sys (360HookOem) .(.360???? - 360HookOem.) - LEGACY_360HOOKOEM O64 - Services: CurCS - 09/10/2012 - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (AdobeFlashPlayerUpdateSvc) .(.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 11.4 r4.) - LEGACY_ADOBEFLASHPLAYERUPDATESVC O64 - Services: CurCS - 13/05/2009 - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (AntiVirSchedulerService) .(.Avira GmbH - Antivirus Scheduler.) - LEGACY_ANTIVIRSCHEDULERSERVICE O64 - Services: CurCS - 21/07/2009 - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (AntiVirService) .(.Avira GmbH - Antivirus On-Access Service.) - LEGACY_ANTIVIRSERVICE O64 - Services: CurCS - 13/02/2009 - C:\Arquivos de programas\Avira\AntiVir Desktop\avgio.sys (avgio) .(.Avira GmbH - Avira AntiVir Support for Minifilter.) - LEGACY_AVGIO O64 - Services: CurCS - 07/12/2009 - C:\WINDOWS\system32\DRIVERS\avgntflt.sys (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 30/03/2009 - C:\WINDOWS\system32\DRIVERS\avipbb.sys (avipbb) .(.Avira GmbH - Avira Driver for RootKit Detection.) - LEGACY_AVIPBB O64 - Services: CurCS - 28/02/2006 - C:\Arquivos de programas\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Computer, Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE O64 - Services: CurCS - ??\??\???? - (DcomLaunch) .(. - .) - LEGACY_DCOMLAUNCH O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys (dmboot) .(.Microsoft Corp., Veritas Software - NT Disk Manager Startup Driver.) - LEGACY_DMBOOT O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmload.sys (dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD O64 - Services: CurCS - 02/09/2009 - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (FLEXnet Licensing Service) .(.Macrovision Europe Ltd. - Activation Licensing Service.) - LEGACY_FLEXNET_LICENSING O64 - Services: CurCS - 07/04/2009 - C:\WINDOWS\system32\FsUsbExDisk.sys - FsUsbExDisk (FsUsbExDisk) .(...) - LEGACY_FSUSBEXDISK O64 - Services: CurCS - 07/04/2009 - C:\WINDOWS\system32\FsUsbExService.exe (FsUsbExService) .(.Teruten - FsUsbDevice.) - LEGACY_FSUSBEXSERVICE O64 - Services: CurCS - 18/09/2012 - C:\WINDOWS\system32\drivers\gbpkm.sys (GbpKm) .(.GAS Tecnologia - GbPlugin Device Driver.) - LEGACY_GBPKM O64 - Services: CurCS - 18/09/2012 - C:\Arquivos de programas\GbPlugin\gbpsv.exe (GbpSv) .(.Unknown owner - G-Buster Browser Defense - Service.) - LEGACY_GBPSV O64 - Services: CurCS - 18/03/2010 - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe (gupdate) .(.Google Inc. - Google Installer.) - LEGACY_GUPDATE O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (HTTPFilter) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HTTPFILTER O64 - Services: CurCS - 03/10/2012 - C:\Arquivos de programas\Java\jre7\bin\jqs.exe (JavaQuickStarterService) .(.Oracle Corporation - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (LmHosts) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_LMHOSTS O64 - Services: CurCS - 26/07/2012 - C:\Arquivos de programas\EPSON\MyEpson Portal\mepService.exe (MyEpson Portal Service) .(.SEIKO EPSON CORPORATION - MyEpson Portal Service.) - LEGACY_MYEPSON_PORTAL_SERVICE O64 - Services: CurCS - 15/12/2009 - C:\Arquivos de programas\ngsrv\ngslotd.exe (ngSlotD) .(.OEM - ngslotd.) - LEGACY_NGSLOTD O64 - Services: CurCS - 03/03/2006 - C:\WINDOWS\system32\HPZipm12.exe (Pml Driver HPZ12) .(.HP - PML Driver.) - LEGACY_PML_DRIVER_HPZ12 O64 - Services: CurCS - ??\??\???? - (RpcSs) .(. - .) - LEGACY_RPCSS O64 - Services: CurCS - 01/07/2010 - C:\Arquivos de programas\Photodex\ProShowProducer\ScsiAccess.exe - ScsiAccess (ScsiAccess) .(...) - LEGACY_SCSIACCESS O64 - Services: CurCS - 07/04/2008 - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe (ServiceLayer) .(.Nokia. - ServiceLayer Module.) - LEGACY_SERVICELAYER O64 - Services: CurCS - 11/05/2009 - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV O64 - Services: CurCS - ??\??\???? - (TermService) .(. - .) - LEGACY_TERMSERVICE ~ Scan Services in 00mn 00s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Arquivos de programas\Internet Explorer\IEXPLORE.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> <ChromeHTML.Carol>[HKCU\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\WINDOWS\system32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <ChromeHTML.Carol>[HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\system32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\WINDOWS\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <chrome.exe> <>[HKLM\..\Shell\open\Command] (...) -- C:\Documents and Settings\Edson\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (...) -- C:\Documents and Settings\Edson\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: <Google Chrome.Carol> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Documents and Settings\Edson\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: <Google Chrome.Carol> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\WINDOWS\system32\ie4uinit.exe (.not file.) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Documents and Settings\Edson\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: <Google Chrome.Carol> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\WINDOWS\system32\ie4uinit.exe (.not file.) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Documents and Settings\Edson\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: <Google Chrome.Carol> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\WINDOWS\system32\ie4uinit.exe (.not file.) ~ Scan Keys in 00mn 00s ---\\ Search Svchost Services (SSS) (O83) O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\WINDOWS\system32\appmgmts.dll [172032] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Windows Audio Service.) -- C:\WINDOWS\system32\audiosrv.dll [42496] O83 - Search Svchost Services: Browser (Browser) . (.Microsoft Corporation - Computer Browser Service DLL.) -- C:\WINDOWS\system32\browser.dll [77824] O83 - Search Svchost Services: CryptSvc (CryptSvc) . (.Microsoft Corporation - Cryptographic Services.) -- C:\WINDOWS\system32\cryptsvc.dll [62464] O83 - Search Svchost Services: DMServer (DMServer) . (.Microsoft Corp. - Dll do serviço do Gerenciador de discos lógicos.) -- C:\WINDOWS\system32\dmserver.dll [23552] O83 - Search Svchost Services: DHCP (DHCP) . (.Microsoft Corporation - Serviço do Cliente DHCP.) -- C:\WINDOWS\system32\dhcpcsvc.dll [126976] O83 - Search Svchost Services: ERSvc (ERSvc) . (.Microsoft Corporation - Windows Error Reporting Service.) -- C:\WINDOWS\system32\ersvc.dll [23040] O83 - Search Svchost Services: EventSystem (EventSystem) . (.Microsoft Corporation - No comment.) -- C:\WINDOWS\system32\es.dll [253952] O83 - Search Svchost Services: FastUserSwitchingCompatibility (FastUserSwitchingCompatibility) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\WINDOWS\system32\shsvcs.dll [135168] O83 - Search Svchost Services: HidServ (HidServ) . (...) -- C:\WINDOWS\system32\hidserv.dll [0] O83 - Search Svchost Services: LanmanServer (LanmanServer) . (.Microsoft Corporation - Server Service DLL.) -- C:\WINDOWS\system32\srvsvc.dll [99840] O83 - Search Svchost Services: LanmanWorkstation (LanmanWorkstation) . (.Microsoft Corporation - Workstation Service DLL.) -- C:\WINDOWS\system32\wkssvc.dll [132096] O83 - Search Svchost Services: Messenger (Messenger) . (.Microsoft Corporation - NT Messenger Service.) -- C:\WINDOWS\system32\msgsvc.dll [33792] O83 - Search Svchost Services: Netman (Netman) . (.Microsoft Corporation - Gerenciador de conexões de rede.) -- C:\WINDOWS\system32\netman.dll [198144] O83 - Search Svchost Services: Nla (Nla) . (.Microsoft Corporation - Fornecedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\WINDOWS\system32\mswsock.dll [247808] O83 - Search Svchost Services: Ntmssvc (Ntmssvc) . (.Microsoft Corporation - Gerenciador de armazenamento removível.) -- C:\WINDOWS\system32\ntmssvc.dll [437248] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Remote Access AutoDial Manager.) -- C:\WINDOWS\system32\rasauto.dll [88576] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Remote Access Connection Manager.) -- C:\WINDOWS\system32\rasmans.dll [186368] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamic Interface Manager.) -- C:\WINDOWS\system32\mprdim.dll [53248] O83 - Search Svchost Services: Schedule (Schedule) . (.Microsoft Corporation - Mecanismo do 'Agendador de tarefas'.) -- C:\WINDOWS\system32\schedsvc.dll [193536] O83 - Search Svchost Services: Seclogon (Seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\WINDOWS\system32\seclogon.dll [18944] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification Service (SENS).) -- C:\WINDOWS\system32\sens.dll [39424] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\WINDOWS\system32\ipnathlp.dll [331264] O83 - Search Svchost Services: SRService (SRService) . (.Microsoft Corporation - Serviço de restauração do sistema.) -- C:\WINDOWS\system32\srsvc.dll [171520] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft® Windows.) -- C:\WINDOWS\system32\tapisrv.dll [249856] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\WINDOWS\system32\shsvcs.dll [135168] O83 - Search Svchost Services: TrkWks (TrkWks) . (.Microsoft Corporation - Distributed Link Tracking Client.) -- C:\WINDOWS\system32\trkwks.dll [90112] O83 - Search Svchost Services: W32Time (W32Time) . (.Microsoft Corporation - Windows Time Service.) -- C:\WINDOWS\system32\w32time.dll [176128] O83 - Search Svchost Services: WZCSVC (WZCSVC) . (.Microsoft Corporation - Serviço de configuração zero sem fio.) -- C:\WINDOWS\system32\wzcsvc.dll [483840] O83 - Search Svchost Services: Wmi (Wmi) . (.Microsoft Corporation - API de base do Windows 32 avançada.) -- C:\WINDOWS\system32\advapi32.dll [683520] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [145408] O83 - Search Svchost Services: wscsvc (wscsvc) . (.Microsoft Corporation - Windows Security Center Service.) -- C:\WINDOWS\system32\wscsvc.dll [80896] O83 - Search Svchost Services: xmlprov (xmlprov) . (.Microsoft Corporation - Network Provisioning Service.) -- C:\WINDOWS\system32\xmlprov.dll [129024] O83 - Search Svchost Services: napagent (napagent) . (.Microsoft Corporation - Tempo de Execução de Serviço de Agente de Quarentena.) -- C:\WINDOWS\system32\qagentrt.dll [292864] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\WINDOWS\system32\kmsvc.dll [61440] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de plano de fundo.) -- C:\WINDOWS\system32\qmgr.dll [409088] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\WINDOWS\system32\shsvcs.dll [135168] O83 - Search Svchost Services: helpsvc (helpsvc) . (.Microsoft Corporation - Microsoft PCHealth Service Holder.) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400] O83 - Search Svchost Services: WmdmPmSN (WmdmPmSN) . (.Microsoft Corporation - Microsoft Media Device Service Provider.) -- C:\WINDOWS\system32\MsPMSNSv.dll [27136] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update AutoUpdate Service.) -- C:\WINDOWS\system32\wuauserv.dll [6656] ~ Scan Services in 00mn 00s ---\\ Search Particular Root Folder (SPRF) (O84) [MD5.254FBCA565E049648B0CCE2CEADF05D2] [sPRF][16/04/2012] (...) -- C:\Documents and Settings\Carol\Dados de aplicativos\inst.exe [87608] [MD5.5B6C11DE7E839C05248CED8825470FEF] [sPRF][16/04/2012] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Documents and Settings\Carol\Dados de aplicativos\pcouffin.sys [47360] [MD5.536CD780316928CA40C9940D03DC9443] [sPRF][18/10/2012] (...) -- C:\Documents and Settings\Carol\Desktop\adwcleaner.exe [538941] [MD5.E897110EE5E67FABB83B154DF9C68D6A] [sPRF][18/10/2012] (...) -- C:\Documents and Settings\Carol\Desktop\ZHPDiag_silent.exe [794216] [MD5.AE326A97F634217CAC29739D376DF934] [sPRF][15/08/2011] (...) -- C:\Documents and Settings\Carol\Desktop\ZHP_uninstall.exe [344187] [MD5.8F2142E72159595A6DD57F252A433F59] [sPRF][17/12/2011] (.LogMeIn, Inc. - LogMeIn, Inc. Remote Access Components.) -- C:\WINDOWS\Downloaded Program Files\avutil-51.dll [160144] [MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [sPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576] [MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [sPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608] [MD5.D41D8CD98F00B204E9800998ECF8427E] [sPRF][30/12/1899] (...) -- C:\WINDOWS\Downloaded Program Files\gbpdist.dll [99392] [MD5.7BBA5B65F6645D9FD314DDB8D3953A95] [sPRF][19/09/2003] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [299008] [MD5.03ACB02756E2017BC27BACB3C9930E03] [sPRF][15/12/2011] (.LogMeIn, Inc. - LMIGuardianSvc.) -- C:\WINDOWS\Downloaded Program Files\LMIGuardian.exe [374160] [MD5.AA980C42D5813C5BE0416657DE7BF768] [sPRF][15/12/2011] (.LogMeIn, Inc. - LMIGuardianDll.) -- C:\WINDOWS\Downloaded Program Files\LMIGuardianDll.dll [1021328] [MD5.EC1E76BDB94FBEC62314C59839A04E86] [sPRF][15/12/2011] (.LogMeIn, Inc. - LMIGuardianEvt.) -- C:\WINDOWS\Downloaded Program Files\LMIGuardianEvt.dll [320912] [MD5.8F700DA1A1A75501D6EEF76BC866EB29] [sPRF][16/05/2011] (...) -- C:\WINDOWS\Downloaded Program Files\LMIProxyHelper.exe [70984] [MD5.E20F38184ECB403A82FFE0096D3CCCCD] [sPRF][15/12/2011] (...) -- C:\WINDOWS\Downloaded Program Files\RACtrl.dll [4617616] [MD5.7AB0145B8ED119263BF359948BF04589] [sPRF][17/12/2011] (.LogMeIn, Inc. - LogMeIn, Inc. Remote Access Components.) -- C:\WINDOWS\Downloaded Program Files\swscale-2.dll [239504] ~ Scan Files in 00mn 00s ---\\ Additionnal Scan (O88) Database Version : 9186 - (22/09/2012) Clés trouvées (Keys found) : 0 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 2 Fichiers trouvés (Files found) : 0 C:\Arquivos de programas\StartNow Toolbar =>Adware.Zugo C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Conduit =>Toolbar.Conduit ~ Scan Additionnel in 00mn 06s ---\\ Router Hijack DNS (O89) (None) ---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 09/10/2012 250808 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Auto 13/05/2009 108289 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe SS - | Auto 21/07/2009 185089 | (AntiVirService) . (.Avira GmbH.) - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe SR - | Auto 28/02/2006 229376 | (Bonjour Service) . (.Apple Computer, Inc..) - C:\Arquivos de programas\Bonjour\mDNSResponder.exe SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe SS - | Demand 02/09/2009 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SR - | Auto 07/04/2009 233472 | (FsUsbExService) . (.Teruten.) - C:\WINDOWS\system32\FsUsbExService.exe SS - | Auto 281584 | (GbpSv) . (...) - C:\Arquivos de programas\GbPlugin\gbpsv.exe SS - | Auto 18/03/2010 136176 | (gupdate) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe SS - | Demand 18/03/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe SR - | Auto 03/10/2012 161768 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Arquivos de programas\Java\jre7\bin\jqs.exe SR - | Auto 26/07/2012 703616 | (MyEpson Portal Service) . (.SEIKO EPSON CORPORATION.) - C:\Arquivos de programas\EPSON\MyEpson Portal\mepService.exe SR - | Auto 15/12/2009 56832 | (ngSlotD) . (.OEM.) - C:\Arquivos de programas\ngsrv\ngslotd.exe SS - | Auto 03/03/2006 69632 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe SR - | Auto 186760 | (ScsiAccess) . (...) - C:\Arquivos de programas\Photodex\ProShowProducer\ScsiAccess.exe SS - | Demand 07/04/2008 430592 | (ServiceLayer) . (.Nokia..) - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe ~ Scan Services in 00mn 04s ---\\ Search Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by Carol at 18/10/2012 17:03:18 device: opened successfully user: MBR read successfully Disk trace: kernel: MBR read successfully user & kernel MBR OK ~ Scan MBR in 00mn 02s ---\\ Search Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Carol at 18/10/2012 17:03:20 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 04s End of the scan (1780 lines in 02mn 05s)(0) Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Outubro 18, 2012 Boa Tarde! carol2906 carol2906, em 18 outubro 2012 - 17:17 , disse:Veja se está correto o que eu fiz... eu não achei link no relatório do segundo programa rodado, espero que eu tenha feito o certo... |- Ok! Não houve prejuízos para a análise. -/- |- Feche programas/pastas que estejam abertas. |- Feche,também,o navegador! |- Para Windows Vista,desabilite a UAC. |- Para Windows Vista ou 7,clique direito em ZHPFix.exe e execute-o como administrador. |- Selecione e copie estas informações,que estão no Code,para o "Bloco de Notas". R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://unimesvirtual.com R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.) [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-725345543-920026266-1801674531-1003Core] (...) -- C:\Documents and Settings\Carol\Configura‡äes locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-725345543-920026266-1801674531-1003UA] (...) -- C:\Documents and Settings\Carol\Configura‡äes locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-725345543-920026266-1801674531-1005Core] (...) -- C:\Documents and Settings\Carol\Configura‡äes locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-725345543-920026266-1801674531-1005UA] (...) -- C:\Documents and Settings\Carol\Configura‡äes locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (.not file.) O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} Orphean Key O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} Orphean Key O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Orphean Key O2 - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} Orphean Key O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Orphean Key O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} Orphean Key O2 - BHO: (no name) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} Orphean Key O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} Orphean Key O2 - BHO: (no name) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} Orphean Key O2 - BHO: (no name) - {C41A1C0E-EA6C-11D4-B1B8-444553540007} Orphean Key O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} Orphean Key O3 - Toolbar: (no name) - [HKLM]{47833539-D0C5-4125-9FA8-0819E2EAAC93} . (...) -- (.not file.) O3 - Toolbar: (no name) - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (...) -- (.not file.) O4 - HKLM\..\Run: [NPSStartup] Orphean Key O9 - Extra button: &Enviar para o OneNote - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} -- C:\Arquivos de programas\PokerStars\main.ico (.not file.) O9 - Extra button: &Enviar para o OneNote - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} -- C:\Arquivos de programas\PokerStars\main.ico (.not file.) => PokerStars Online Game O41 - Driver: (InCDPass) . (. - .) - C:\WINDOWS\system32\drivers\InCDPass.sys (.not file.) O41 - Driver: (InCDRm) . (. - .) - C:\WINDOWS\system32\drivers\InCDRm.sys (.not file.) O43 - CFD: 30/08/2012 - 11:24:34 - [0] ----D C:\Arquivos de programas\PokerStars => PartyGaming PokerStars O44 - LFC:[MD5.DD86A4F2692C8F4D4622451C302A25F0] - 18/10/2012 - 15:55:11 ---A- . (...) -- C:\hijackthis.log [12887] O47 - AAKE:Key Export SP - "C:\Arquivos de programas\IncrediMail\Bin\ImApp.exe" [Enabled] .(...) -- C:\Arquivos de programas\IncrediMail\Bin\ImApp.exe (.not file.) => IncrediMail O47 - AAKE:Key Export SP - "C:\Arquivos de programas\IncrediMail\Bin\ImpCnt.exe" [Enabled] .(...) -- C:\Arquivos de programas\IncrediMail\Bin\ImpCnt.exe (.not file.) => IncrediMail O47 - AAKE:Key Export SP - "C:\Arquivos de programas\PSafe\PSRsync.exe" [Enabled] .(...) -- C:\Arquivos de programas\PSafe\PSRsync.exe (.not file.) [HKLM\Software\360Safe] => Infection Diverse (Lozavita.Troj) [HKCU\Software\Avg] [HKLM\Software\Avg] [HKLM\Software\Swearware] C:\Documents and Settings\Carol\Configurações locais\Dados de aplicativos\Conduit => Toolbar.Conduit C:\Arquivos de programas\StartNow Toolbar =>Adware.Zugo hostfix proxyfix emptytemp emptyflash firewallraz sysrestore |- Estando com o Bloco de Notas aberto,acione os atalhos: "Ctrl+A" -> "Ctrl+C" |- Minimize o Bloco de Notas. |- Clique no menu,"Paste ClipBoard". |- Clique em "GO" -> Oui. |- Ps: Temos,àcima,sequência de imagens para maior exclarecimento. |- Poste o relatório: C:\ZHP\ZHPFix[R1].txt Abs! Compartilhar este post Link para o post Compartilhar em outros sites
carol2906 0 Denunciar post Postado Outubro 18, 2012 Segue o relatório: Rapport de ZHPFix 1.3.01 par Nicolas Coolman, Update du 22/09/2012 Fichier d'export Registre : Run by Carol at 18/10/2012 18:18:09 Windows XP Professional Service Pack 3 (Build 2600) Web site : http://nicolascoolman.skyrock.com/ ========== Registry Key ========== DELETED Key: CLSID BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} DELETED Key: CLSID BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} DELETED Key: CLSID BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} DELETED Key: CLSID BHO: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} DELETED Key: CLSID BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} DELETED Key: CLSID BHO: {9030D464-4C02-4ABF-8ECC-5164760863C6} DELETED Key: CLSID BHO: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} DELETED Key: CLSID BHO: {AE7CD045-E861-484f-8273-0445EE161910} DELETED Key: CLSID BHO: {C41A1C0E-EA6C-11D4-B1B8-444553540003} DELETED Key: CLSID BHO: {C41A1C0E-EA6C-11D4-B1B8-444553540007} DELETED Key: CLSID BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} DELETED Key: CLSID Extra Buttons: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} NOT FOUND Key: CLSID Extra Buttons: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} DELETED Driver Key: InCDPass DELETED Driver Key: InCDRm DELETED Key: HKLM\Software\360Safe DELETED Key: HKCU\Software\Avg DELETED Key: HKLM\Software\Avg DELETED Key: HKLM\Software\Swearware ========== Registry Value ========== DELETED URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} DELETED Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} DELETED Toolbar: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} DELETED RunValue: NPSStartup DELETED AAKE KeyValue: C:\Arquivos de programas\IncrediMail\Bin\ImApp.exe DELETED AAKE KeyValue: C:\Arquivos de programas\IncrediMail\Bin\ImpCnt.exe DELETED AAKE KeyValue: C:\Arquivos de programas\PSafe\PSRsync.exe ProxyFix : Proxy killed successfully DELETED ProxyServer Value DELETED ProxyEnable Value DELETED EnableHttp1_1 Value DELETED ProxyHttp1.1 Value DELETED ProxyOverride Value DELETED FirewallRaz (SP) : %windir%\Network Diagnostic\xpnetdiag.exe DELETED FirewallRaz (SP) : %windir%\system32\sessmgr.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\HP\Digital Imaging\bin\hpqtra08.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\HP\Digital Imaging\bin\hpqste08.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\HP\Digital Imaging\bin\hpofxm08.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\HP\Digital Imaging\bin\hposfx08.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\HP\Digital Imaging\bin\hposid01.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\HP\Digital Imaging\bin\hpqscnvw.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\HP\Digital Imaging\bin\hpqkygrp.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\HP\Digital Imaging\bin\hpqCopy.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\HP\Digital Imaging\bin\hpfccopy.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\HP\Digital Imaging\bin\hpzwiz01.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\HP\Digital Imaging\Unload\HpqPhUnl.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\HP\Digital Imaging\Unload\HpqDIA.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\HP\Digital Imaging\bin\hpoews01.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\HP\Digital Imaging\bin\hpqnrs08.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\IncrediMail\Bin\IncMail.exe DELETED FirewallRaz (SP) : C:\Arquivos de programas\AVG\AVG2012\avgmfapx.exe DELETED FirewallRaz (DP) : %windir%\Network Diagnostic\xpnetdiag.exe DELETED FirewallRaz (DP) : %windir%\system32\sessmgr.exe No Value in Firewall Exception Register Key (FirewallRaz) ========== Registry Data Items ========== REMOVED R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page ========== Repertory ========== DELETED Folder: C:\Arquivos de programas\PokerStars DELETED Folder: c:\documents and settings\carol\configurações locais\dados de aplicativos\conduit DELETED Folder: c:\arquivos de programas\startnow toolbar DELETED Window Temporary: DELETED Flash Cookies: ========== File ========== NOT FOUND File: c:\arquivos de programas\pokerstars\main.ico (.not file.) DELETED File: c:\hijackthis.log NOT FOUND File: c:\arquivos de programas\incredimail\bin\imapp.exe NOT FOUND File: c:\arquivos de programas\incredimail\bin\impcnt.exe NOT FOUND File: c:\arquivos de programas\psafe\psrsync.exe DELETED Window Temporary: DELETED Flash Cookies: ========== Task ========== DELETED Task: GoogleUpdateTaskUserS-1-5-21-725345543-920026266-1801674531-1003Core DELETED Task: GoogleUpdateTaskUserS-1-5-21-725345543-920026266-1801674531-1003UA DELETED Task: GoogleUpdateTaskUserS-1-5-21-725345543-920026266-1801674531-1005Core DELETED Task: GoogleUpdateTaskUserS-1-5-21-725345543-920026266-1801674531-1005UA ========== Restoration ========== Restore System Point created succefully ========== Summary ========== 19 : Registry Key 34 : Registry Value 1 : Registry Data Items 5 : Repertory 7 : File 4 : Task 1 : Restoration End of clean in 00mn 35s ========== Report File ========== C:\ZHP\ZHPFix[R1].txt - 18/10/2012 18:18:09 [5152] PS: Oie, depois que rodei o ultimo programa tentei excluir um arquivo de texo do meu computador e deu o seguinte erro: An exception (OEEDFADE) occurred during DllEntryPoint or DllMain in module: C:\ARQUIV~1\TUGZip\Plugins\TzArchive10.tgp Unable to load: TzArchive10.tgp Oie, tentei excluir outro arquivo pra fazer um texte e o erro persiste... o que pode ser? Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Outubro 18, 2012 Olá! carol2906 |- Seus problemas permanecem? Pois se foram solucionados,as ferramentas terão que ser removidas. Abs! Compartilhar este post Link para o post Compartilhar em outros sites
carol2906 0 Denunciar post Postado Outubro 18, 2012 Olá! carol2906 |- Seus problemas permanecem? Pois se foram solucionados,as ferramentas terão que ser removidas. Abs! Parece que deu uma melhorada, acho que o problema maior é que ele está ultrapassado. Bom, mas como disse no tópico anterior , depois que eu rodei o último programa tentei excluir um arquivo de texto do meu computador e deu o seguinte erro: An exception (OEEDFADE) occurred during DllEntryPoint or DllMain in module: C:\ARQUIV~1\TUGZip\Plugins\TzArchive10.tgp Unable to load: TzArchive10.tgp Tentei excluir outro arquivo (uma foto)pra fazer um teste e o erro persiste... o que pode ser? Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Outubro 18, 2012 Olá! carol2906 |- Reinstale este software: C:\ARQUIV~1\TUGZip << -/- |- Baixe: < > ( ... by OldTimer Tools ) |- Clique em Salvar! |- Salve-o no desktop! |- Duplo clique em OTL.exe >> Executar. >> |- Configure "Verificação de Arquivos",segundo a screenshot! |- Ps: Faça o mesmo para estes! |- Em "Exame Extra do Registro",assinale "Nenhum". *crack* /s *keygen* /s *serial* /s *AutoKMS* /s *loader* /s %APPDATA%\Local\*. %APPDATA%\*.exe /s %APPDATA%\*. %USERPROFILE%\AppData\Local\*.* %USERPROFILE%\AppData\Roaming\*.* %systemroot%\assembly\tmp\*.* /S /MD5 %systemroot%\assembly\temp\*.* /S /MD5 %systemroot%\assembly\GAC\*.* /S /MD5 %systemroot%\assembly\GAC_32\*.* /S /MD5 %systemroot%\system32\config\systemprofile\AppData\Local\*.* %windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.* %windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes /md5start netsvcs services.exe /md5stop regedit /e c:\registrybackup.reg /c type c:\boot.ini >> test.txt /c %systemroot%\system32\Tasks\*.* /s %windir%\tasks\*.* /s |- Cole estas informações,que estão no Code,para o campo "Exames Personalizados/Correções". |- Concluindo,poste o relatório: OTL.txt |- Para grandes relatórios,acesse: < > |- Maiores informações: < |Link| > Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
carol2906 0 Denunciar post Postado Outubro 18, 2012 Olá! carol2906 |- Reinstale este software: C:\ARQUIV~1\TUGZip << -/- |- Baixe: < > ( ... by OldTimer Tools ) |- Clique em Salvar! |- Salve-o no desktop! |- Duplo clique em OTL.exe >> Executar. >> |- Configure "Verificação de Arquivos",segundo a screenshot! |- Ps: Faça o mesmo para estes! |- Em "Exame Extra do Registro",assinale "Nenhum". *crack* /s *keygen* /s *serial* /s *AutoKMS* /s *loader* /s %APPDATA%\Local\*. %APPDATA%\*.exe /s %APPDATA%\*. %USERPROFILE%\AppData\Local\*.* %USERPROFILE%\AppData\Roaming\*.* %systemroot%\assembly\tmp\*.* /S /MD5 %systemroot%\assembly\temp\*.* /S /MD5 %systemroot%\assembly\GAC\*.* /S /MD5 %systemroot%\assembly\GAC_32\*.* /S /MD5 %systemroot%\system32\config\systemprofile\AppData\Local\*.* %windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.* %windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes /md5start netsvcs services.exe /md5stop regedit /e c:\registrybackup.reg /c type c:\boot.ini >> test.txt /c %systemroot%\system32\Tasks\*.* /s %windir%\tasks\*.* /s |- Cole estas informações,que estão no Code,para o campo "Exames Personalizados/Correções". |- Concluindo,poste o relatório: OTL.txt |- Para grandes relatórios,acesse: < > |- Maiores informações: < |Link| > Abraços! Tentei por duas vezes sem sucesso conseguir o relatório. Fiz todos os passos do screenshot executei mas no meio da análise o computador trava inteiro e não roda mais o programa. Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Outubro 18, 2012 Olá! carol2906 %APPDATA%\Local\*. %APPDATA%\*.exe /s %APPDATA%\*. %USERPROFILE%\AppData\Local\*.* %USERPROFILE%\AppData\Roaming\*.* %systemroot%\assembly\tmp\*.* /S %systemroot%\assembly\temp\*.* /S %systemroot%\system32\config\systemprofile\AppData\Local\*.* %windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.* %windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes regedit /e c:\registrybackup.reg /c %systemroot%\system32\Tasks\*.* /s %windir%\tasks\*.* /s |- Abra,novamente,a ferramenta e cole estas informações para o campo: Exames Personalizados/Correções |- Clique em "Verificar". |- Ps: Se houver travamentos,execute a OTL em seu rápido escaneamento. ( QuickScan ) Abs! Compartilhar este post Link para o post Compartilhar em outros sites
carol2906 0 Denunciar post Postado Outubro 18, 2012 Oi, tentei de novo e o travamento persiste mesmo executando em quick scan... Ele trava quando está nessa etapa "scanning chrome settings" Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Outubro 18, 2012 Oi, tentei de novo e o travamento persiste mesmo executando em quick scan... Ele trava quando está nessa etapa "scanning chrome settings" Olá! carol2906 |- O Chrome está travando a ferramenta. |- Abra a OTL e clique: Limpeza -> Confirme o reboot. -/- |- Baixe: |DelFix| ( ... de Xplode ) |- Estando na página,clique na seta verde para o download. ( Seta verde! ) |- Salve-a em um local conveniente! ( desktop! ) |- Feche aplicativos que estejam abertos. |- Clique em "Suppression" >> Clique em "Désinstallation". -/- |- Execute escaneamento online em | | |- Utilize o navegador "Internet Explorer",para essa tarefa! |- Siga,conforme a imagem,essa verificação ou scan. |- Ao concluir,clique em "List of found threats" >> "Export to text file" |- Salve esse texto no desktop,com o nome: Esetlog |- Ps: Caso nada seja detectado,não teremos relatório ou lista presente. |- Poste o relatório que estará no desktop! ( Esetlog.txt ) Abs! Compartilhar este post Link para o post Compartilhar em outros sites
carol2906 0 Denunciar post Postado Outubro 19, 2012 Segue o log: C:\System Volume Information\_restore{0FB930BA-0651-4A81-A82B-34E3259F24C6}\RP710\A0062852.dll Win32/Toolbar.Funmoods application cleaned by deleting - quarantined C:\System Volume Information\_restore{0FB930BA-0651-4A81-A82B-34E3259F24C6}\RP710\A0062853.dll Win32/Toolbar.Funmoods application cleaned by deleting - quarantined C:\System Volume Information\_restore{0FB930BA-0651-4A81-A82B-34E3259F24C6}\RP710\A0062854.dll Win32/Toolbar.Funmoods application cleaned by deleting - quarantined C:\System Volume Information\_restore{0FB930BA-0651-4A81-A82B-34E3259F24C6}\RP710\A0062855.dll Win32/Toolbar.Funmoods application cleaned by deleting - quarantined C:\System Volume Information\_restore{0FB930BA-0651-4A81-A82B-34E3259F24C6}\RP710\A0062856.dll Win32/Toolbar.Funmoods application cleaned by deleting - quarantined C:\System Volume Information\_restore{0FB930BA-0651-4A81-A82B-34E3259F24C6}\RP710\A0062858.exe Win32/Toolbar.Funmoods application cleaned by deleting - quarantined C:\System Volume Information\_restore{0FB930BA-0651-4A81-A82B-34E3259F24C6}\RP711\A0062912.dll Win32/Toolbar.Funmoods application cleaned by deleting - quarantined F:\RECYCLER\S-1-5-21-725345543-920026266-1801674531-1005\Df2.exe a variant of Win32/InstallCore.AW application cleaned by deleting - quarantined Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Outubro 19, 2012 Boa Noite! carol2906 |- O escaneamento detectou o Funmoods,no volume,e nenhum malware em potencial. |- Seus logs estão limpos! |- Algum problema? Tudo Ok? Abs! Compartilhar este post Link para o post Compartilhar em outros sites
carol2906 0 Denunciar post Postado Outubro 19, 2012 Olá, boa tarde! O computador de maneira geral está bacana... Mas o problema com os sites continua, ele não carrega nenhum site tipo walmart, carrefour, extra, ponto frio etc...estou tentando olhar algumas coisas e não consigo, dá a mensagem request timeout o tempo todo desde o início da semana. Mas isso acredito agora que seja problema com minha internet, pois hoje nem meu tablet eu consigo conectar nestes sites. Á noite meu marido vai trazer o notebook e vou testar pra ver se conecta, se não conectar vou entrar em contato com meu provedor. Muito obrigada pela ajuda com a limpeza de meu computador! Até a próxima... Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Outubro 19, 2012 Olá! carol2906 carol2906, em 19 outubro 2012 - 13:51 , disse:Á noite meu marido vai trazer o notebook e vou testar pra ver se conecta, se não conectar vou entrar em contato com meu provedor. |- Ok! Esse teste será providencial,mas acredito que seu Modem ou roteador estejam mal ajustados. |- Poste aqui,no Fórum Redes,e relate o problema. Abs! Compartilhar este post Link para o post Compartilhar em outros sites
carol2906 0 Denunciar post Postado Outubro 19, 2012 Olá! carol2906 |- Ok! Esse teste será providencial,mas acredito que seu Modem ou roteador estejam mal ajustados. |- Poste aqui,no Fórum Redes,e relate o problema. Abs! Ok, vou postar lá pra me ajudarem... Obrigada mais uma vez! Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Outubro 19, 2012 PROBLEMA RESOLVIDO Caso o autor necessite que o tópico seja reaberto basta enviar uma Mensagem Privada para um Moderador com um link para o tópico. Compartilhar este post Link para o post Compartilhar em outros sites
