Ir para conteúdo

Foto

Tela quadriculada e reiniciando

tela quadriculada reiniciando trava

Este tópico foi arquivado. Isto significa que você não pode mais responder ao tópico.
22 respostas neste tópico

#1
Luck Anão

Luck Anão

    Membro Avançado

  • Membro
  • PipPipPip
  • 210 posts

Pessoal

 

Conforme solicitação do Ciro-Mota estou abrindo esse novo tópico para solucionarem o meu problema.

Meu PC tá travando em uma tela preta com "escritos" quadriculados em azul.

Já atualizei minha placa de rede, mas o problema persiste.

Se tem mais alguma coisa que posso remover, gostaria de ser informado.

 

Posto log do HiJack abaixo.

 

 

Logfile of HijackThis v1.99.1
Scan saved at 16:32:52, on 29/7/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\ARQUIV~1\GbPlugin\GbpSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe
C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe
C:\Arquivos de programas\Epson Software\Event Manager\EEventManager.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50ST7.EXE
C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50RP7.EXE
C:\Arquivos de programas\Java\jre7\bin\jqs.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Hijack This\HijackThis.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylo...000001d6003d9c5
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://start.facemoo...com/?a=ddrnw&s={searchTerms}&f=4
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Arquivos de programas\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - (no file)
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Arquivos de programas\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [avast] "C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [EEventManager] "C:\Arquivos de programas\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [EPSON TX133 TX135 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJB.EXE /FU "C:\WINDOWS\TEMP\E_S7B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [NavSincroLiteDetector] C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\NavCity\NavSincro Lite\NavSincroLite.exe /tray
O4 - Global Startup: PHOTOfunSTUDIO 8.0 LE.lnk = C:\Arquivos de programas\Arquivos comuns\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O15 - Trusted Zone: http://www.bancobrasil.com.br
O15 - Trusted Zone: http://www.bb.com.br
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancob...gin/GbpDist.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - c:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Arquivos de programas\GbPlugin\gbieh.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: EpsonCustomerResearchParticipation - SEIKO EPSON CORPORATION - C:\Arquivos de programas\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50ST7.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50RP7.EXE
O23 - Service: Gbp Service (GbpSv) -   - C:\ARQUIV~1\GbPlugin\GbpSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe" /medsvc (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Arquivos de programas\Java\jre7\bin\jqs.exe" -service -config "C:\Arquivos de programas\Java\jre7\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: KMService - Unknown owner - C:\WINDOWS\system32\srvany.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Arquivos de programas\Sony\Sony PC Companion\PCCService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
 

"Quando Deus quer, não há quem não queira." Ayrton Senna

#2
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 25.278 posts

Luck Anão,

 

Por favor, observe o seguinte:

  • NÃO tente realizar sozinho nenhum procedimento de limpeza. Em especial, não execute por conta própria ferramentas utilizadas no fórum Remoção de Malware. O uso indevido de algumas ferramentas poderá danificar o seu computador ou, no mínimo, remover parcialmente os sinais de uma infecção que serviriam de informação ao analista. A equipe não será responsabilizada por consequências resultantes de uso indevido e/ou não-informado das ferramentas. - Regra nº8 da Remoção de Malwares
  • Não inicie novo tópico sobre esse problema. Poste suas respostas sempre neste tópico.
  • Clique em button_seguir.png (se localiza no canto superior direito do post principal) para que receba notificação por e-mail quando o mesmo for respondido. Você também pode verificar os tópicos assinados usando a opção Conteúdo que sigo acessível através do Painel de Controle do fórum.
  • As análises podem levar algum tempo, portanto seja paciente.
  • As instruções são específicas para o seu computador, e devem ser aplicadas somente nele.
  • Se algo der errado, não importa. Sempre acompanhe seu tópico, informando-me dos resultados, até que seu computador esteja limpo.
  • Aviso: Evite utilizar as tags <QUOTE> ou <CODE> nos logs, isso prejudica a leitura na hora da analise.
  • Não abandone seu tópico. Para nós é importante saber se a remoção foi bem sucedida.
  • Se você não receber uma resposta minha em até 5 dias. Me envie uma MP

Peço que leia as instruções para usar a área Remoção de Vírus:
http://www.linhadefe...mocao-de-virus/

Ao invés de criar um novo tópico, peço que você continue com este e faça uma resposta colocando o log do HijackThis, MbrScan e FSS de acordo com as instruções presentes na página que lhe passei acima.

 

Qualquer dúvida é só perguntar.



#3
Luck Anão

Luck Anão

    Membro Avançado

  • Membro
  • PipPipPip
  • 210 posts

Respondendo com os logs solicitados

Arquivo(s) anexado(s)


"Quando Deus quer, não há quem não queira." Ayrton Senna

#4
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 25.278 posts

Ok,

 

Execute os procedimentos abaixo.

1)

Baixe o AdwCleaner e salve no desktop.
http://general-chang...de/2-adwcleaner

Execute o arquivo adwcleaner.exe

*** Usuários do Windows Vista ou Windows 7 clique com o direito sobre o arquivo adwcleaner.exe, depois clique em execadmin.png.

Clique em Remover.

Abrirá um bloco de notas com o resultado. Selecione, copie e cole o seu conteúdo na próxima resposta.

2)

Desative temporariamente seu antivirus, antispywares e firewall, para não causar conflitos.

Baixe 1268r49.png e salve no desktop. Dê um duplo-clique para executar o Junkware Removal Tool (JRT).

* No Windows Vista e Windows 7:

Clique com o direito sobre o JRT.exe e selecione run_as_adm1.png

A ferramenta comecará o exame do seu sistema. Tenha paciência pois pode demorar um pouco dependendo da quantidades de ítens a examinar.

Ao final, um log se abrirá. É salvo no desktop com o nome de JRT.txt.

Selecione, copie e cole o conteúdo deste log na sua próxima resposta.

3)

Baixe o Malwarebytes' Anti-Malware (MBAM)
http://www.majorgeek..._malware,1.html

Dê um duplo-clique no mbam-setup.exe, escolha a linguagem e na instalação, aceite todas as opções padrão.

  • Verifique se as caixas Atualizar Malwarebytes Anti-Malware e Executar Malwarebytes Anti-Malware estão marcadas e clique então, em Concluir.
  • Se houver atualizações a serem feitas, serão baixadas e instaladas.
  • Ao final da atualização, com o programa aberto, marque Verificação Rápida e clique no botão Verificar.
  • Começará então o exame. Aguarde, pois pode demorar.
  • Ao acabar o exame, clique em OK, depois no botão Mostrar Resultados para ver o relatório.
  • Se houver ítens encontrados, certifique-se de que, estão todos marcados e clique no botão Remover.
  • Ao final da desinfecção, abrirá o Bloco de notas com um log e poderá aparecer um aviso se quer reiniciar o PC. (Ver Nota abaixo)
  • O log é automaticamente salvo pelo MBAM e para vê-lo, clique na aba Logs na janela principal do programa.
  • Selecione, copie e cole todo o conteúdo deste log na sua próxima resposta.

NOTA: Se o MBAM encontrar arquivos que não consiga remover, poderá ter de reiniciar o PC (talvez mais de uma vez). Faça isso imediatamente, ao ser perguntado se quer reiniciar o PC.

Em caso de dúvidas, leia o tutorial do programa:
http://linhadefensiv...showtopic=75554



#5
Luck Anão

Luck Anão

    Membro Avançado

  • Membro
  • PipPipPip
  • 210 posts

Colando os logs:

 

# AdwCleaner v2.306 - Relatório criado em 30/07/2013 às 14:52:29
# Atualizado em 19/07/2013 por Xplode
# Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)
# Usuário : Lu e Tamara - CASA
# Modo de Boot : Normal
# Executado de : C:\Documents and Settings\Lu e Tamara\Desktop\adwcleaner.exe
# Opção [Remover]
 
 
***** [Serviços] *****
 
 
***** [Arquivos/Pastas] *****
 
Arquivo Removido : C:\Arquivos de programas\Mozilla FireFox\Components\AskSearch.js
Arquivo Removido : C:\Arquivos de programas\Mozilla Firefox\searchplugins\babylon.xml
Arquivo Removido : C:\Arquivos de programas\Mozilla Firefox\searchplugins\fcmdSrch.xml
Arquivo Removido : C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Firefox\Profiles\s5kh005o.default\bProtector_extensions.rdf
Arquivo Removido : C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Firefox\Profiles\s5kh005o.default\searchplugins\Askcom.xml
Arquivo Removido : C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Firefox\Profiles\s5kh005o.default\searchplugins\babylon1.xml
Arquivo Removido : C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Firefox\Profiles\s5kh005o.default\searchplugins\BabylonMngr.xml
Arquivo Removido : C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Firefox\Profiles\s5kh005o.default\searchplugins\BrowserProtect.xml
Pasta Removido : C:\Documents and Settings\All Users\Dados de aplicativos\APN
Pasta Removido : C:\Documents and Settings\All Users\Dados de aplicativos\Ask
Pasta Removido : C:\Documents and Settings\All Users\Dados de aplicativos\Babylon
Pasta Removido : C:\Documents and Settings\All Users\Dados de aplicativos\Trymedia
Pasta Removido : C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\PackageAware
Pasta Removido : C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Babylon
Pasta Removido : C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\facemoods.com
Pasta Removido : C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Firefox\Profiles\s5kh005o.default\extensions\ffxtlbr@babylon.com
Pasta Removido : C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Firefox\Profiles\s5kh005o.default\extensions\ffxtlbr@Facemoods.com
Pasta Removido : C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\OpenCandy
 
***** [Registro] *****
 
Chave Removida : HKCU\Software\5b558adabd6fe912
Chave Removida : HKCU\Software\APN PIP
Chave Removida : HKCU\Software\BrowserMngr
Chave Removida : HKCU\Software\DataMngr
Chave Removida : HKCU\Software\facemoods.com
Chave Removida : HKCU\Software\InstallCore
Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB9}
Chave Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65201-89C4-402C-BA80-02D8C59F9B1D}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Chave Removida : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB1-4EC0-403E-8DD8-394C54984B2C}
Chave Removida : HKCU\Software\Softonic
Chave Removida : HKCU\Software\YahooPartnerToolbar
Chave Removida : HKLM\Software\Babylon
Chave Removida : HKLM\Software\BrowserMngr
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Chave Removida : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Chave Removida : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Chave Removida : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Chave Removida : HKLM\SOFTWARE\Classes\Prod.cap
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Chave Removida : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Chave Removida : HKLM\Software\DataMngr
Chave Removida : HKLM\Software\facemoods.com
Chave Removida : HKLM\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Chave Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Chave Removida : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Chave Removida : HKLM\Software\OpenCandy
Chave Removida : HKLM\Software\PIP
Chave Removida : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Valor Removida : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Valor Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Valor Removida : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Valor Removida : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}]
 
***** [Navegadores] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
Substituído : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=110825&tt=0213_7&babsrc=HP_ss&mntrId=0cd39c5c000000000000001d6003d9c5 --> hxxp://www.google.com
Substituído : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4 --> hxxp://www.google.com
 
-\\ Mozilla Firefox v12.0 (pt-BR)
 
Arquivo : C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Firefox\Profiles\s5kh005o.default\prefs.js
 
C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Firefox\Profiles\s5kh005o.default\user.js ... Removido !
 
Removida : user_pref("browser.search.defaultengine", "Ask.com");
Removida : user_pref("browser.search.selectedEngine", "Search the web (Babylon)");
Removida : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=110825&tt=0213_7&babsrc=HP_s[...]
Removida : user_pref("extensions.BabylonToolbar.admin", false);
Removida : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Removida : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Removida : user_pref("extensions.BabylonToolbar.autoRvrt", "false");
Removida : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Removida : user_pref("extensions.BabylonToolbar.excTlbr", false);
Removida : user_pref("extensions.BabylonToolbar.id", "0cd39c5c000000000000001d6003d9c5");
Removida : user_pref("extensions.BabylonToolbar.instlDay", "15715");
Removida : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Removida : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Removida : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Removida : user_pref("extensions.BabylonToolbar.rvrt", "false");
Removida : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Removida : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Removida : user_pref("extensions.BabylonToolbar.vrsn", "1.8.7.2");
Removida : user_pref("extensions.BabylonToolbar.vrsni", "1.8.7.2");
Removida : user_pref("extensions.BabylonToolbar_i.babExt", "");
Removida : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110825&tt=0213_7");
Removida : user_pref("extensions.BabylonToolbar_i.excTlbr", false);
Removida : user_pref("extensions.BabylonToolbar_i.newTab", false);
Removida : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Removida : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Removida : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.7.210:25:41");
Removida : user_pref("extensions.facemoods.DNSErrUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=5");
Removida : user_pref("extensions.facemoods.aflt", "ddrnw");
Removida : user_pref("extensions.facemoods.dfltSrch", true);
Removida : user_pref("extensions.facemoods.dfltSrchPrvdr", "Facemoods Search");
Removida : user_pref("extensions.facemoods.dnsErr", true);
Removida : user_pref("extensions.facemoods.firstRun", true);
Removida : user_pref("extensions.facemoods.hmpg", true);
Removida : user_pref("extensions.facemoods.hmpgUrl", "hxxp://start.facemoods.com/?a=ddrnw");
Removida : user_pref("extensions.facemoods.id", "0cd39c5c000000000000001d6003d9c5");
Removida : user_pref("extensions.facemoods.instlDay", "15330");
Removida : user_pref("extensions.facemoods.mntz", "");
Removida : user_pref("extensions.facemoods.newTab", true);
Removida : user_pref("extensions.facemoods.newTabUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=2");
Removida : user_pref("extensions.facemoods.prtnrId", "facemoods.com");
Removida : user_pref("extensions.facemoods.searchProviderAdded", true);
Removida : user_pref("extensions.facemoods.sid", "85579055aea8460cb6049327b2b73add");
Removida : user_pref("extensions.facemoods.tlbrSrchUrl", "hxxp://start.facemoods.com/?a=ddrnw&f=3");
Removida : user_pref("extensions.facemoods.vrsn", "1.4.17.11");
 
-\\ Google Chrome v28.0.1500.72
 
Arquivo : C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Preferences
 
[OK] Arquivo está limpo.
 
Arquivo : C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Preferences
 
[OK] Arquivo está limpo.
 
*************************
 
AdwCleaner[S1].txt - [361 octets] - [30/07/2013 14:49:03]
AdwCleaner[S2].txt - [12688 octets] - [30/07/2013 14:52:29]
 
########## EOF - C:\AdwCleaner[S2].txt - [12749 octets] ##########
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.8 (07.29.2013:2)
OS: Microsoft Windows XP x86
Ran by Lu e Tamara on ter 30/07/2013 at 14:58:44,03
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Documents and Settings\Lu e Tamara\start menu\programs\browser manager"
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ter 30/07/2013 at 15:09:03,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
Malwarebytes' Anti-Malware 
www.malwarebytes.org
 
Versão da Base de Dados:  
 
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
 
30/7/2013 15:17:38
mbam-log-2013-07-30 (15-17-38).txt
 
Tipo de Verificação:  Verificação Rápida 
Objetos escaneados:  176645
Tempo decorrido: 3 minuto(s), 28 segundo(s)
 
Processos de Memória Infectados:  0
Módulos de Memória Infectados:  0
Chaves de Registro Infectadas: 0
Valores de Registro Infectados: 0
Itens de Dados no Registro Infectados:  0
Pastas Infectadas:  0
Arquivos Infectados: 0
 
Processos de Memória Infectados: 
(Não foram detectados ítens maliciosos)
 
Módulos de Memória Infectados: 
(Não foram detectados ítens maliciosos)
 
Chaves de Registro Infectadas:
(Não foram detectados ítens maliciosos)
 
Valores de Registro Infectados:
(Não foram detectados ítens maliciosos)
 
Itens de Dados no Registro Infectados: 
(Não foram detectados ítens maliciosos)
 
Pastas Infectadas: 
(Não foram detectados ítens maliciosos)
 
Arquivos Infectados:
(Não foram detectados ítens maliciosos)
 

"Quando Deus quer, não há quem não queira." Ayrton Senna

#6
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 25.278 posts

Boa tarde.

 

Faça o download do OTL by OldTimer, e salve na sua área de trabalho:
http://oldtimer.geekstogo.com/OTL.exe

** Usuários do Windows Vista e Windows 7/8:
Clique com o direito sobre o arquivo OTL.exe, depois clique em execadmin.png
.

Onde diz Saída, marque Padrão
Marque também estas opções:

  • Data de Criação -> mude para 90 dias
  • Usar WhiteList para Nomes de Companhias.

  • Ignorar Arquivos Microsoft
  • Verificar Lop
  • Verificar Purity

Selecione estas linhas em vermelho, clique com o direito sobre a seleção, e escolha a opção copiar

netsvcs
%SYSTEMDRIVE%\*.*
%systemdrive%\drivers\*.exe
%systemroot%\system32\drivers\*.* /90
%PROGRAMFILES%\*.*
%userprofile%\configurações locais\dados de aplicativos\*.exe
%userprofile%\configurações locais\dados de aplicativos\*.txt
%userprofile%\configurações locais\dados de aplicativos\*.ini
%userprofile%\configurações locais\dados de aplicativos\*.dat /30
%userprofile%\configurações locais\dados de aplicativos\*.dll
%userprofile%\*.exe
%userprofile%\*.txt
%userprofile%\*.ini
%userprofile%\*.dat /30
%userprofile%\*.dll
%appdata%\*.*
%windir%\tasks\*.* /s
%PROGRAMFILES%\Internet Explorer\*.*

CREATERESTOREPOINT
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run /s
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMP
HKCU\Software\Microsoft\Internet Explorer\Downloads

%systemdrive%\$Recycle.Bin|@;true;true;true /fp
Net User /c

/md5start

services.*

/md5stop

 

Volte ao programa, clique com o direito em qualquer parte branca da sessão Exames Personalizados/Correções e escolha colar

Clique no botão verif.png

O OTL começará a examinar seu computador. Não interrompa o processo e nem use outras janelas até que ele termine.

Não modifique nenhuma outra configuração, a menos que tenha sido orientado (a) a fazer isso.

O exame demora um pouco, tenha paciência.

Quando terminar, dois blocos de notas serão exibidos: OTL.txt e Extras.txt
Ambos ficarão salvos dentro do mesmo diretório onde está o OTL.exe, ou seja, na sua área de trabalho.

Copie todo o conteúdo do OTL.txt e cole na sua resposta.
Anexe o arquivo Extras.txt

OBS: Caso os logs fiquem muito grandes e exceda o limite do forum, envie-os para um arquivo .zip ou .rar e anexe-os à sua resposta.



#7
Luck Anão

Luck Anão

    Membro Avançado

  • Membro
  • PipPipPip
  • 210 posts

O programa só produziu o log OTL. Não fez naad de arquivo Extras.

 

Log do OTL:

 

OTL logfile created on: 30/7/2013 16:22:12 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Lu e Tamara\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
 
1,75 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 59,25% Memory free
2,60 Gb Paging File | 2,02 Gb Available in Paging File | 77,76% Paging File free
Paging file location(s): C:\pagefile.sys 1020 1344 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 74,53 Gb Total Space | 5,20 Gb Free Space | 6,98% Space Free | Partition Type: NTFS
 
Computer Name: CASA | User Name: Lu e Tamara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/07/30 16:19:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lu e Tamara\Desktop\OTL.exe
PRC - [2013/07/13 12:31:43 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2013/07/12 15:49:47 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
PRC - [2013/07/01 20:19:59 | 000,581,184 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Arquivos de programas\epson\EpsonCustomerResearchParticipation\EPCP.exe
PRC - [2013/06/30 13:10:41 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe
PRC - [2013/05/09 05:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastUI.exe
PRC - [2013/05/09 05:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
PRC - [2013/03/12 07:32:50 | 000,253,816 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
PRC - [2011/03/30 09:18:40 | 000,056,712 | ---- | M] ( ) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe
PRC - [2010/08/30 09:32:24 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Arquivos de programas\Epson Software\Event Manager\EEventManager.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
PRC - [2009/09/13 19:00:00 | 000,153,600 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50ST7.EXE
PRC - [2009/09/13 19:00:00 | 000,121,856 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50RP7.EXE
PRC - [2008/04/13 23:20:58 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/28 13:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Defender\MsMpEng.exe
PRC - [2006/08/03 03:53:02 | 000,053,248 | R--- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2006/07/10 15:33:16 | 000,176,128 | R--- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\S3Trayp.exe
PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/07/30 05:12:40 | 002,089,472 | ---- | M] () -- C:\Arquivos de programas\Alwil Software\Avast5\defs\13073000\algo.dll
MOD - [2013/07/12 15:49:44 | 000,396,240 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013/07/12 15:49:43 | 013,599,184 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
MOD - [2013/07/12 15:49:42 | 004,052,944 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013/07/12 15:48:49 | 001,597,392 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2009/01/10 19:15:44 | 000,159,744 | ---- | M] () -- C:\Arquivos de programas\FreeTime\FormatFactory\FFModules\Filters\Haali\mmfinfo.dll
MOD - [2009/01/10 19:14:06 | 000,023,552 | ---- | M] () -- C:\Arquivos de programas\FreeTime\FormatFactory\FFModules\Filters\Haali\mkunicode.dll
MOD - [2008/04/13 23:20:33 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Disabled | Unknown] -- C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2013/07/14 12:12:52 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/01 20:19:59 | 000,581,184 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Arquivos de programas\epson\EpsonCustomerResearchParticipation\EPCP.exe -- (EpsonCustomerResearchParticipation)
SRV - [2013/06/30 13:10:41 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/06/26 17:38:28 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/09 05:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/02/04 18:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Arquivos de programas\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011/03/30 09:18:40 | 000,056,712 | ---- | M] ( ) [Auto | Running] -- C:\Arquivos de programas\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/09/13 19:00:00 | 000,153,600 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50ST7.EXE -- (EPSON_EB_RPCV4_04)
SRV - [2009/09/13 19:00:00 | 000,121,856 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50RP7.EXE -- (EPSON_PM_RPCV4_04)
SRV - [2008/04/13 23:20:37 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2007/05/28 13:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2003/07/28 19:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2003/04/18 18:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvany.exe -- (KMService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (CrystalSysInfo)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (afq6velc)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (a6dllrnk)
DRV - [2013/07/09 12:52:10 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2013/07/09 12:52:10 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2013/06/27 16:32:36 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/06/27 16:32:36 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/06/27 16:32:36 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 05:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 05:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 05:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 05:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/05/09 05:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/06/03 10:45:50 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2012/05/31 20:21:04 | 000,146,304 | R--- | M] (360.cn) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\360FileOem.sys -- (360FileOem)
DRV - [2012/05/31 20:21:04 | 000,054,912 | R--- | M] (360安全中心) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\360HookOem.sys -- (360HookOem)
DRV - [2012/05/31 20:21:04 | 000,023,168 | R--- | M] (360安全中心) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\360RegOem.sys -- (360RegOem)
DRV - [2011/03/30 09:20:02 | 000,046,600 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\gbpkm.sys -- (GbpKm)
DRV - [2011/01/22 08:28:31 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/02/11 09:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/11/16 13:33:38 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009/03/25 14:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007/09/17 06:34:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2006/11/02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/09/11 23:43:38 | 000,659,456 | R--- | M] (S3 Graphics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\S3gIGPm.sys -- (S3GIGP)
DRV - [2006/08/23 03:54:22 | 000,042,752 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2006/06/29 17:20:08 | 000,048,896 | ---- | M] (PHILOG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PhSerUsb.sys -- (PhSerUsb)
DRV - [2006/02/23 00:39:06 | 000,011,264 | R--- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\xfilt.sys -- (xfilt)
DRV - [2006/02/23 00:38:32 | 000,009,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\videX32.sys -- (videX32)
DRV - [2006/02/07 08:52:58 | 000,006,912 | R--- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\JGOGO.sys -- (JGOGO)
DRV - [2005/08/11 02:49:28 | 000,393,088 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2004/10/27 15:21:30 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/08/12 23:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 94 46 D5 BC 35 8B CB 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8C0107A5-184B-4E00-9F30-8B62C364C463}: "URL" = http://www.google.co...rch?hl=pt-BR&q={searchTerms}&meta=&rlz=1I7ADSA_pt-BR
IE - HKCU\..\SearchScopes\{BF2C9952-C14F-4A27-A1CC-4F2F4CD4C4CE}: "URL" = http://www.bing.com/...h?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {87F8774F-B485-47E2-A755-A40A8A5E886C}:1.0.16.6
FF - prefs.js..extensions.enabledItems: {B1018341-ED1D-4a84-991D-B4C33320533F}:1.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..network.proxy.autoconfig_url: "http://build.losetwi...:8084/dlx64.dat"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Arquivos de programas\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Arquivos de programas\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Arquivos de programas\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Arquivos de programas\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Dados de aplicativos\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Arquivos de programas\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8:  File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2013/07/30 14:52:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2013/07/01 13:31:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Components: C:\Arquivos de programas\Mozilla Thunderbird\components [2013/06/26 17:38:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Plugins: C:\Arquivos de programas\Mozilla Thunderbird\plugins
 
[2009/12/13 14:00:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Extensions
[2009/12/13 14:00:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/01/12 01:07:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa79}
[2013/07/30 14:52:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Firefox\Profiles\s5kh005o.default\extensions
[2011/01/17 22:08:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Firefox\Profiles\s5kh005o.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/05/07 22:19:44 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de programas\Mozilla Firefox\extensions
[2012/04/20 22:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\mozilla firefox\components\browsercomps.dll
[2008/09/03 21:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Arquivos de programas\mozilla firefox\plugins\npbittorrent.dll
[2009/08/03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\mozilla firefox\plugins\npOGAPlugin.dll
[2009/10/26 15:53:52 | 000,102,400 | ---- | M] (Zylom) -- C:\Arquivos de programas\mozilla firefox\plugins\npzylomgamesplayer.dll
[2012/04/20 23:26:25 | 000,001,027 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\buscape.xml
[2012/04/20 23:26:25 | 000,001,212 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\mercadolivre.xml
[2012/04/20 23:26:24 | 000,002,040 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\twitter.xml
[2012/04/20 23:26:25 | 000,001,168 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\wikipedia-br.xml
[2012/04/20 23:26:24 | 000,000,952 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\yahoo-br.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://g1.globo.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Lu e Tamara\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Lu e Tamara\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Lu e Tamara\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Arquivos de programas\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Office Genuine Advantage (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npOGAPlugin.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npzylomgamesplayer.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Arquivos de programas\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U21 (Enabled) = C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Unity Player (Enabled) = C:\Arquivos de programas\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Arquivos de programas\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
 
O1 HOSTS File: ([2011/02/02 22:43:55 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Arquivos de programas\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Arquivos de programas\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O4 - HKLM..\Run: [Adobe ARM] C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EEventManager] C:\Arquivos de programas\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [JMB36X Configure] C:\WINDOWS\System32\JMRaidTool.exe (JMicron Technology Corp.)
O4 - HKLM..\Run: [S3Trayp] C:\WINDOWS\System32\S3Trayp.exe (S3 Graphics Co., Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [DIMBaixando a sua atualização...1338924290338] c:\Arquivos de programas\Corel\CorelDRAW Graphics Suite X6\Draw\DIM.exe (Corel Corporation)
O4 - HKCU..\Run: [EPSON TX133 TX135 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJB.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [NavSincroLiteDetector] C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\NavCity\NavSincro Lite\NavSincroLite.exe (NavCity - Tecnologia em movimento)
O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\PHOTOfunSTUDIO 8.0 LE.lnk = C:\Arquivos de programas\Arquivos comuns\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www14] https in Trusted sites)
O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www2] https in Trusted sites)
O15 - HKCU\..Trusted Domains: bb.com.br ([www] http in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} https://www14.bancob...gin/GbpDist.cab (GbpDistObj Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.21.192.111 201.21.192.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41F0B04E-BB38-47CD-816C-8C1536E512A8}: DhcpNameServer = 201.21.192.111 201.21.192.116
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Arquivos de programas\GbPlugin\gbieh.dll) - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O24 - Desktop Components:0 (Minha página inicial atual) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Arquivos de programas\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip - C:\WINDOWS\System32\iprip.dll (Microsoft Corporation)
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 90 Days ==========
 
[2013/07/30 16:19:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lu e Tamara\Desktop\OTL.exe
[2013/07/30 14:58:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/07/30 14:47:39 | 000,562,042 | ---- | C] (Oleg N. Scherbakov) -- C:\Documents and Settings\Lu e Tamara\Desktop\JRT.exe
[2013/07/30 14:20:17 | 000,357,145 | ---- | C] (Farbar) -- C:\Documents and Settings\Lu e Tamara\Desktop\FSS.exe
[2013/07/30 14:20:11 | 000,147,456 | ---- | C] (Eric_71) -- C:\Documents and Settings\Lu e Tamara\Desktop\MbrScan.exe
[2013/07/30 13:18:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Google Earth
[2013/07/28 13:29:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013/07/28 13:28:47 | 000,000,000 | ---D | C] -- C:\7a313c2edecda62121652d
[2013/07/28 11:36:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Sony
[2013/07/27 17:15:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Lu e Tamara\Recent
[2013/07/27 17:11:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lu e Tamara\Desktop\Nova pasta
[2013/07/23 10:34:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Minhas paletas
[2013/07/23 10:29:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Protexis
[2013/07/23 00:43:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Corel
[2013/07/23 00:41:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Visual Studio 2008
[2013/07/23 00:29:10 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft SDKs
[2013/07/23 00:28:55 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Visual Studio 9.0
[2013/07/23 00:21:10 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Protexis
[2013/07/23 00:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Corel
[2013/07/23 00:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\Corel
[2013/07/22 22:13:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\CorelDRAW Graphics Suite X6
[2013/07/09 12:52:13 | 000,025,200 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\drivers\ggsemc.sys
[2013/07/09 12:52:13 | 000,012,400 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\drivers\ggflt.sys
[2013/07/09 12:51:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Sony Ericsson
[2013/07/09 12:51:04 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Sony Ericsson
[2013/07/09 12:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Sony
[2013/07/09 12:41:38 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Sony
[2013/07/08 15:41:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\NavCity
[2013/07/03 16:21:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lu e Tamara\aTubeCatcher
[2013/07/03 15:58:36 | 000,489,392 | ---- | C] (Ask Partner Network) -- C:\Documents and Settings\Lu e Tamara\Meus documentos\APNSetup.exe
[2013/06/30 13:11:15 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Java
[2013/06/30 12:44:50 | 000,000,000 | ---D | C] -- C:\5292e64457bda8b74e9324
[2013/06/26 17:38:15 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Mozilla Thunderbird
[2013/05/13 21:08:18 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/05/04 14:11:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Crônicas de 1 fã
[2013/02/14 17:43:35 | 003,649,536 | ---- | C] (NavCity - Tecnologia em movimento) -- C:\Documents and Settings\Lu e Tamara\NavSincroLite.exe
[2013/02/14 17:43:35 | 000,651,264 | ---- | C] (NavCity) -- C:\Documents and Settings\Lu e Tamara\HRAlertaUpdater.exe
[2013/02/14 17:43:35 | 000,618,496 | ---- | C] (NavCity) -- C:\Documents and Settings\Lu e Tamara\NavSincroLiteUpdater.exe
[2013/02/14 17:43:35 | 000,192,512 | ---- | C] (ICSharpCode.net) -- C:\Documents and Settings\Lu e Tamara\ICSharpCode.SharpZipLib.dll
[2012/02/25 14:09:45 | 004,411,392 | ---- | C] (Gabest) -- C:\Arquivos de programas\mplayerc.exe
[2011/05/29 21:27:03 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\pcouffin.sys
[4 C:\Documents and Settings\Lu e Tamara\Meus documentos\*.tmp files -> C:\Documents and Settings\Lu e Tamara\Meus documentos\*.tmp -> ]
 
========== Files - Modified Within 90 Days ==========
 
[2013/07/30 16:19:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lu e Tamara\Desktop\OTL.exe
[2013/07/30 16:16:11 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/30 16:16:05 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/30 15:37:00 | 000,001,192 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-884357618-682003330-1003UA.job
[2013/07/30 14:57:48 | 000,000,346 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013/07/30 14:55:25 | 000,000,382 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/07/30 14:54:46 | 000,001,068 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/30 14:54:45 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1214440339-884357618-682003330-1003.job
[2013/07/30 14:54:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/30 14:47:44 | 000,562,042 | ---- | M] (Oleg N. Scherbakov) -- C:\Documents and Settings\Lu e Tamara\Desktop\JRT.exe
[2013/07/30 14:47:07 | 000,666,633 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Desktop\adwcleaner.exe
[2013/07/30 14:23:12 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Desktop\Dump_Hdd0_DR0.mbr
[2013/07/30 14:20:20 | 000,357,145 | ---- | M] (Farbar) -- C:\Documents and Settings\Lu e Tamara\Desktop\FSS.exe
[2013/07/30 14:20:14 | 000,147,456 | ---- | M] (Eric_71) -- C:\Documents and Settings\Lu e Tamara\Desktop\MbrScan.exe
[2013/07/30 12:36:00 | 000,001,140 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-884357618-682003330-1003Core.job
[2013/07/30 12:30:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/07/28 13:37:39 | 148,811,776 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2013/07/28 13:27:36 | 000,529,734 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat
[2013/07/28 13:27:36 | 000,492,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/07/28 13:27:36 | 000,097,814 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat
[2013/07/28 13:27:36 | 000,084,320 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/07/25 14:56:58 | 000,000,000 | RH-- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\fcdf31c27daf836670ae3ef9432ca8342
[2013/07/24 14:05:52 | 000,384,016 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/21 15:28:00 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1214440339-884357618-682003330-1003.job
[2013/07/10 12:21:54 | 000,002,969 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/07/09 14:02:08 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2013/07/09 14:02:08 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ggflt_01009.Wdf
[2013/07/09 14:02:05 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2013/07/09 12:52:10 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\drivers\ggsemc.sys
[2013/07/09 12:52:10 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\drivers\ggflt.sys
[2013/07/06 20:52:41 | 000,322,818 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Meus documentos\ED_1_MTE__2013_ABERTURA.PDF
[2013/06/27 16:32:36 | 000,770,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/06/27 16:32:36 | 000,369,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/06/27 16:32:36 | 000,175,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/06/27 16:32:36 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013/06/27 16:32:36 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013/06/27 16:32:36 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013/06/10 12:46:33 | 000,001,173 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\vso_ts_preview.xml
[2013/06/08 20:15:20 | 000,346,699 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Meus documentos\edital_80_-_edital_de_abertura.pdf
[2013/06/06 17:41:04 | 000,489,392 | ---- | M] (Ask Partner Network) -- C:\Documents and Settings\Lu e Tamara\Meus documentos\APNSetup.exe
[2013/05/14 19:44:27 | 000,566,792 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Meus documentos\churrasco.cdr
[2013/05/12 19:10:18 | 000,000,369 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Meus documentos.lnk
[2013/05/09 05:59:10 | 000,056,080 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/05/09 05:59:10 | 000,049,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/05/09 05:59:09 | 000,066,336 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/05/09 05:59:09 | 000,049,760 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/05/09 05:59:08 | 000,029,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/05/09 05:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/05/09 05:58:28 | 000,229,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[4 C:\Documents and Settings\Lu e Tamara\Meus documentos\*.tmp files -> C:\Documents and Settings\Lu e Tamara\Meus documentos\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/07/30 14:47:02 | 000,666,633 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Desktop\adwcleaner.exe
[2013/07/30 14:22:56 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Desktop\Dump_Hdd0_DR0.mbr
[2013/07/28 00:11:24 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2013/07/25 14:56:58 | 000,000,000 | RH-- | C] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\fcdf31c27daf836670ae3ef9432ca8342
[2013/07/23 23:18:05 | 000,347,526 | ---- | C] () -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\WPFFontCache_v0400-System.dat
[2013/07/09 14:02:08 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2013/07/09 14:02:08 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ggflt_01009.Wdf
[2013/07/09 14:02:05 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2013/07/06 20:52:41 | 000,322,818 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Meus documentos\ED_1_MTE__2013_ABERTURA.PDF
[2013/06/27 16:32:36 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013/06/27 16:32:36 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013/06/27 16:32:36 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013/06/19 15:23:07 | 000,000,902 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/08 20:15:20 | 000,346,699 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Meus documentos\edital_80_-_edital_de_abertura.pdf
[2013/05/14 19:44:27 | 000,566,792 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Meus documentos\churrasco.cdr
[2013/05/13 21:08:21 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/05/13 21:08:21 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/05/12 19:10:18 | 000,000,369 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Meus documentos.lnk
[2013/04/17 22:28:27 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2013/04/11 21:36:57 | 000,000,176 | ---- | C] () -- C:\WINDOWS\REC-NET.INI
[2013/04/08 18:32:19 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2013/04/08 18:32:18 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2013/04/08 18:32:18 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2013/04/08 18:32:18 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2013/04/08 18:32:18 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2013/04/08 18:32:18 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2013/04/08 18:32:18 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2013/04/08 18:32:18 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2013/04/08 18:32:18 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2013/04/08 18:32:18 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2013/04/08 18:32:18 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2013/04/08 18:32:18 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2013/04/08 18:32:18 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2013/04/08 18:32:18 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2013/04/08 18:32:18 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2013/04/08 18:32:18 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2013/04/08 18:32:18 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2013/04/08 18:32:18 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2013/04/08 18:32:18 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2012/09/26 20:57:14 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012/09/26 20:57:14 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012/09/26 20:57:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012/09/26 20:57:14 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012/09/14 12:21:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2012/09/13 17:06:30 | 000,000,094 | ---- | C] () -- C:\WINDOWS\ETX133.ini
[2012/03/25 20:53:44 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2012/02/16 05:01:32 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/11 20:24:54 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\srvany.exe
[2011/10/05 18:27:22 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011/05/29 21:28:15 | 000,001,173 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\vso_ts_preview.xml
[2011/05/29 21:27:03 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\inst.exe
[2011/05/29 21:27:03 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\pcouffin.cat
[2011/05/29 21:27:03 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\pcouffin.inf
[2011/04/06 14:47:17 | 000,000,167 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\default.rss
[2008/12/30 21:56:35 | 000,000,106 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\default.pls
[2008/12/30 21:52:27 | 000,041,472 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2009/11/11 12:03:17 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/04/29 01:34:41 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:53:26 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 23:20:41 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010/03/07 13:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Alwil Software
[2011/03/22 22:08:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Big Fish Games
[2011/10/05 18:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Canneverbe Limited
[2010/02/10 13:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DAEMON Tools Lite
[2013/06/26 20:22:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\EPSON
[2009/09/23 23:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\FarmFrenzy2
[2011/04/27 12:38:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin
[2010/10/17 21:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\NCH Swift Sound
[2009/01/06 00:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\NFS Underground
[2012/01/24 15:27:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Nitro PDF
[2011/04/25 16:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PlayFirst
[2011/03/02 23:53:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCap Games
[2013/01/23 10:59:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Samsung
[2013/07/09 12:41:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Sony
[2011/03/22 21:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP
[2012/09/13 17:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\UDL
[2013/06/25 16:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\vsosdk
[2010/03/21 22:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Zylom
[2010/06/13 21:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Anabel
[2011/08/02 22:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\AnvSoft
[2009/02/12 14:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Any Video Converter
[2010/05/10 16:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Atari
[2012/06/19 22:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\AVI ReComp
[2013/07/28 13:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\BitTorrent
[2009/01/12 01:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Broad Intelligence
[2011/10/05 18:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Canneverbe Limited
[2008/12/30 08:53:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\DAEMON Tools
[2011/08/24 19:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\DAEMON Tools Lite
[2011/08/24 19:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\DAEMON Tools Pro
[2012/01/24 15:26:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Downloaded Installations
[2012/10/01 15:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\EPSON
[2012/01/25 18:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Expert PDF 7
[2012/03/25 20:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\FreeAudioPack
[2013/04/17 22:21:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\FreeCDRipper
[2011/03/22 23:39:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\GetRightToGo
[2012/09/13 17:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Leadertech
[2010/03/21 22:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\MysteryStudio
[2013/07/08 15:41:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\NavCity
[2009/10/05 21:16:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\NCH Swift Sound
[2012/01/24 15:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Nitro PDF
[2012/07/04 21:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Oracle
[2012/09/29 16:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Orbit
[2013/01/10 09:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\PDFReaderPackages
[2011/04/25 16:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\PlayFirst
[2012/09/29 15:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\ProgSense
[2013/01/23 11:01:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Samsung
[2013/01/10 09:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\SumatraPDF
[2012/02/01 16:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\SWiSH Max4
[2009/12/13 14:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Thunderbird
[2009/07/18 12:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\TuxPaint
[2013/06/11 16:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Vso
[2010/06/13 21:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Zylom
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*.* >
[2013/07/30 14:49:03 | 000,000,361 | ---- | M] () -- C:\AdwCleaner[S1].txt
[2013/07/30 14:56:10 | 000,012,819 | ---- | M] () -- C:\AdwCleaner[S2].txt
[2009/07/13 17:21:03 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2001/10/28 12:06:10 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2013/04/17 22:28:32 | 000,001,119 | ---- | M] () -- C:\INSTALL.LOG
[2008/12/29 10:52:38 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/12/29 10:52:38 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/12/29 19:53:48 | 000,251,696 | RHS- | M] () -- C:\ntldr
[2013/07/30 14:54:33 | 1069,547,520 | -HS- | M] () -- C:\pagefile.sys
[2013/07/30 14:54:58 | 000,002,834 | ---- | M] () -- C:\SMax.log
[2012/10/09 11:05:08 | 000,002,836 | ---- | M] () -- C:\SMax.log.bak
[2001/01/10 12:23:58 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
 
< %systemdrive%\drivers\*.exe >
 
< %systemroot%\system32\drivers\*.* /90 >
[2013/05/09 05:59:08 | 000,029,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys
[2013/05/09 05:59:09 | 000,066,336 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys
[2013/05/09 05:59:09 | 000,049,760 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys
[2013/05/09 05:59:10 | 000,049,376 | ---- | M] () -- C:\WINDOWS\system32\drivers\aswRvrt.sys
[2013/06/27 16:32:36 | 000,770,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSnx.sys
[2013/06/27 16:32:36 | 000,000,175 | ---- | M] () -- C:\WINDOWS\system32\drivers\aswSnx.sys.sum
[2013/06/27 16:32:36 | 000,369,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSP.sys
[2013/06/27 16:32:36 | 000,000,175 | ---- | M] () -- C:\WINDOWS\system32\drivers\aswSP.sys.sum
[2013/05/09 05:59:10 | 000,056,080 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys
[2013/06/27 16:32:36 | 000,175,176 | ---- | M] () -- C:\WINDOWS\system32\drivers\aswVmm.sys
[2013/06/27 16:32:36 | 000,000,175 | ---- | M] () -- C:\WINDOWS\system32\drivers\aswVmm.sys.sum
[2013/07/09 12:52:10 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\system32\drivers\ggflt.sys
[2013/07/09 12:52:10 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\system32\drivers\ggsemc.sys
[2013/07/09 14:02:05 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2013/07/09 14:02:08 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_ggflt_01009.Wdf
[2013/07/09 14:02:08 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_ggsemc_01009.Wdf
 
< %PROGRAMFILES%\*.* >
[2008/12/10 15:14:40 | 004,411,392 | ---- | M] (Gabest) -- C:\Arquivos de programas\mplayerc.exe
 
< %userprofile%\configurações locais\dados de aplicativos\*.exe >
 
< %userprofile%\configurações locais\dados de aplicativos\*.txt >
 
< %userprofile%\configurações locais\dados de aplicativos\*.ini >
[2011/12/07 20:20:50 | 000,041,472 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\configurações locais\dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
< %userprofile%\configurações locais\dados de aplicativos\*.dat /30 >
[2013/07/23 10:33:33 | 000,099,704 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\configurações locais\dados de aplicativos\GDIPFONTCACHEV1.DAT
 
< %userprofile%\configurações locais\dados de aplicativos\*.dll >
 
< %userprofile%\*.exe >
[2011/11/16 13:10:30 | 000,651,264 | ---- | M] (NavCity) -- C:\Documents and Settings\Lu e Tamara\HRAlertaUpdater.exe
[2013/02/14 14:53:20 | 003,649,536 | ---- | M] (NavCity - Tecnologia em movimento) -- C:\Documents and Settings\Lu e Tamara\NavSincroLite.exe
[2011/11/11 11:03:38 | 000,618,496 | ---- | M] (NavCity) -- C:\Documents and Settings\Lu e Tamara\NavSincroLiteUpdater.exe
 
< %userprofile%\*.txt >
[2010/11/22 05:41:53 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\4.txt
[2013/04/08 12:57:07 | 000,036,429 | -H-- | M] () -- C:\Documents and Settings\Lu e Tamara\debug.txt
[2013/02/14 17:43:41 | 000,000,099 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\versaoHR.txt
 
< %userprofile%\*.ini >
[2013/07/30 14:53:30 | 000,000,330 | -HS- | M] () -- C:\Documents and Settings\Lu e Tamara\ntuser.ini
 
< %userprofile%\*.dat /30 >
[2013/07/30 14:53:30 | 013,631,488 | -H-- | M] () -- C:\Documents and Settings\Lu e Tamara\NTUSER.DAT
 
< %userprofile%\*.dll >
[2013/04/08 12:57:06 | 000,192,512 | ---- | M] (ICSharpCode.net) -- C:\Documents and Settings\Lu e Tamara\ICSharpCode.SharpZipLib.dll
 
< %appdata%\*.* >
[2011/05/22 19:30:51 | 000,000,167 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\default.rss
[2008/12/29 07:47:07 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\desktop.ini
[2013/07/25 14:56:58 | 000,000,000 | RH-- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\fcdf31c27daf836670ae3ef9432ca8342
[2011/05/29 21:27:03 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\inst.exe
[2011/05/29 21:27:03 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\pcouffin.cat
[2011/05/29 21:27:03 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\pcouffin.inf
[2011/05/29 21:27:10 | 000,000,034 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\pcouffin.log
[2011/05/29 21:27:03 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\pcouffin.sys
[2013/06/10 12:46:33 | 000,001,173 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\vso_ts_preview.xml
 
< %windir%\tasks\*.* /s >
[2013/07/30 16:16:05 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/30 14:55:25 | 000,000,382 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2001/10/28 12:07:04 | 000,000,065 | RH-- | M] () -- C:\WINDOWS\tasks\desktop.ini
[2013/07/30 14:54:46 | 000,001,068 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/30 16:16:11 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/30 12:36:00 | 000,001,140 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-884357618-682003330-1003Core.job
[2013/07/30 15:37:00 | 000,001,192 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-884357618-682003330-1003UA.job
[2013/07/30 14:57:48 | 000,000,346 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013/07/30 14:54:45 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1214440339-884357618-682003330-1003.job
[2013/07/21 15:28:00 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1214440339-884357618-682003330-1003.job
[2013/07/30 14:54:43 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/07/22 15:35:44 | 000,000,516 | ---- | M] () -- C:\WINDOWS\tasks\Wise Registry Cleaner 4.job
 
< %PROGRAMFILES%\Internet Explorer\*.* >
[2009/03/08 04:35:04 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\ExtExport.exe
[2009/03/08 04:24:28 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\hmmapi.dll
[2009/07/01 04:08:06 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iecompat.dll
[2013/06/07 18:53:34 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iedvtool.dll
[2008/04/13 23:21:01 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iedw.exe
[2013/06/07 18:53:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\ieproxy.dll
[2009/03/08 14:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe
[2009/03/08 14:33:36 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe.mui
[2013/06/07 18:53:45 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\jsdbgui.dll
[2009/03/08 04:35:02 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\jsdebuggeride.dll
[2009/03/08 04:35:04 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\JSProfilerCore.dll
[2009/03/08 04:35:12 | 000,233,984 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\jsprofilerui.dll
[2009/01/07 18:20:18 | 000,355,832 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\pdm.dll
[2009/01/07 18:20:54 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\sqmapi.dll
[2013/06/07 18:54:00 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\xpshims.dll
 
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >
"DefaultConnectionSettings" = 46 00 00 00 CE 00 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 80 BD 84 55 98 89 CE 01 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 17 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 80 02 00 00 00 00 00 00 00 02 00 00 01 00 00 00 34 00 34 00 30 00 33 00 33 00 39 00 2D 00 38 00 38 00 34 00 33 00 35 00 37 00 36 00 31 00 38 00 2D 00 36 00 38 00 32 00 30 00 30 00 33 00 33 00 33 00 30 00 2D 00 31 00 30 00 30 00 33 00 5C 00 53 00 6F 00 66 00 74 00 02 00 00 00 C0 A8 00 07 00 00 00 00 00 00 00 00 72 00 6F 00 73 00 6F 00 66 00 74 00 5C 00 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 00 4E 00 54 00 5C 00 43 00 75 00 72 00 72 00 65 00 6E 00 74 00 56 00 65 00 72 00 73 00 69 00 6F 00 6E 00 5C 00 41 00 70 00 70 00 43 00 6F 00 6D 00 70 00 61 00 74 00 46 00 6C 00 61 00 67 00 73 00 5C 00 4C 00 61 00 79 00 65 00 72 00 73 00 00 00 00 00  [Binary data over 200 bytes]
"SavedLegacySettings" = 46 00 00 00 32 1C 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 80 BD 84 55 98 89 CE 01 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 17 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 80 02 00 00 00 00 00 00 00 02 00 00 01 00 00 00 34 00 34 00 30 00 33 00 33 00 39 00 2D 00 38 00 38 00 34 00 33 00 35 00 37 00 36 00 31 00 38 00 2D 00 36 00 38 00 32 00 30 00 30 00 33 00 33 00 33 00 30 00 2D 00 31 00 30 00 30 00 33 00 5C 00 53 00 6F 00 66 00 74 00 02 00 00 00 C0 A8 00 07 00 00 00 00 00 00 00 00 72 00 6F 00 73 00 6F 00 66 00 74 00 5C 00 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 00 4E 00 54 00 5C 00 43 00 75 00 72 00 72 00 65 00 6E 00 74 00 56 00 65 00 72 00 73 00 69 00 6F 00 6E 00 5C 00 41 00 70 00 70 00 43 00 6F 00 6D 00 70 00 61 00 74 00 46 00 6C 00 61 00 67 00 73 00 5C 00 4C 00 61 00 79 00 65 00 72 00 73 00 00 00 00 00  [Binary data over 200 bytes]
 
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations >
 
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments >
 
< HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\CTFMON.EXE -- [2008/04/13 23:20:54 | 000,015,360 | ---- | M] (Microsoft Corporation)
"DWQueuedReporting" = "C:\ARQUIV~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" -t -- [2010/12/20 23:26:32 | 000,519,584 | ---- | M] (Microsoft Corporation)
 
< HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMP >
 
< HKCU\Software\Microsoft\Internet Explorer\Downloads >
 
< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >
 
< Net User /c >
Contas de usu rio para \\CASA
-------------------------------------------------------------------------------
Administrador            Convidado                HelpAssistant            
Lu e Tamara              SUPPORT_388945a0         
Comando conclu¡do com ˆxito.
 
< MD5 for: SERVICES  >
[2001/10/28 12:07:26 | 000,006,953 | ---- | M] () MD5=89ABDE406B847C6C8B4BEAA1E0B42BEE -- C:\WINDOWS\system32\drivers\etc\services
 
< MD5 for: SERVICES.ASFX  >
[2012/09/23 20:43:52 | 000,002,588 | ---- | M] () MD5=0D18AE3100D7B9D49DCB1CE1EABA21F7 -- C:\Arquivos de programas\Adobe\Reader 11.0\Reader\Locale\pt_BR\Services\Services.asfx
 
< MD5 for: SERVICES.CFG  >
[2013/05/11 07:37:26 | 000,558,990 | ---- | M] () MD5=FE8FB005031C2574E990DAC1F9F5ACF8 -- C:\Arquivos de programas\Adobe\Reader 11.0\Reader\Services\Services.cfg
 
< MD5 for: SERVICES.CNF  >
[2012/06/11 22:59:46 | 000,000,046 | ---- | M] () MD5=74D2CB4C4B272C39CDE2212F68FE9D9B -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Meus Sites\_vti_pvt\services.cnf
[2013/06/27 14:18:19 | 000,000,003 | ---- | M] () MD5=864E46AD77EBE7A312EB11241A5114B6 -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Meus Sites\meusite\_vti_pvt\services.cnf
 
< MD5 for: SERVICES.DAT  >
[2013/07/29 04:23:09 | 000,002,235 | ---- | M] () MD5=3F56F15AB110188F78E3DCE876FC707E -- C:\Documents and Settings\Lu e Tamara\Configurações locais\temp\jrt\services.dat
 
< MD5 for: SERVICES.EXE  >
[2009/02/09 08:17:04 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=38867483E0CB504BB8F277E05729881E -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=C52DEB6D8CD4B096BF1A9EC001F36507 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=C52DEB6D8CD4B096BF1A9EC001F36507 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=C52DEB6D8CD4B096BF1A9EC001F36507 -- C:\WINDOWS\system32\services.exe
[2008/04/13 23:21:17 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=EE7999BAACA84CFAA03726E677EE2A33 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
 
< MD5 for: SERVICES.MOCHIADS.COM.SOL  >
[2013/04/21 22:32:20 | 000,000,351 | ---- | M] () MD5=D4722C42C3FD131E723A60E7C5B6054B -- C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\3T6W4EXJ\mochiads.com\services.mochiads.com.sol
 
< MD5 for: SERVICES.MSC  >
[2001/10/28 12:07:26 | 000,033,074 | ---- | M] () MD5=420018D54146F64F42AC7D60525549F3 -- C:\WINDOWS\system32\services.msc
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 204 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst
@Alternate Data Stream - 194 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:0A8E2C33
@Alternate Data Stream - 12 bytes -> C:\WINDOWS\System32\drivers:IncompleteBoot.cnt
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:E73B14E2
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:661DFA1C
 
< End of report >

"Quando Deus quer, não há quem não queira." Ayrton Senna

#8
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 25.278 posts

 

O programa só produziu o log OTL. Não fez naad de arquivo Extras.

 

Você já tinha executado o OTL.

 

Execute novamente o OTL e dessa vez, marque também a opção:

 

Usar SafeList em Exame Extra do Registro

 

Poste os logs gerados.



#9
Luck Anão

Luck Anão

    Membro Avançado

  • Membro
  • PipPipPip
  • 210 posts
Colando LOG do OTL e anexando LOG do Extras
 
 
OTL logfile created on: 30/7/2013 16:53:50 - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Lu e Tamara\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
 
1,75 Gb Total Physical Memory | 0,76 Gb Available Physical Memory | 43,33% Memory free
2,60 Gb Paging File | 1,75 Gb Available in Paging File | 67,25% Paging File free
Paging file location(s): C:\pagefile.sys 1020 1344 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 74,53 Gb Total Space | 5,16 Gb Free Space | 6,92% Space Free | Partition Type: NTFS
 
Computer Name: CASA | User Name: Lu e Tamara | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 90 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013/07/30 16:19:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lu e Tamara\Desktop\OTL.exe
PRC - [2013/07/13 12:31:43 | 000,217,992 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\GoogleCrashHandler.exe
PRC - [2013/07/12 15:49:47 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
PRC - [2013/07/01 20:19:59 | 000,581,184 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Arquivos de programas\epson\EpsonCustomerResearchParticipation\EPCP.exe
PRC - [2013/06/30 13:10:41 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe
PRC - [2013/06/26 17:38:26 | 000,389,016 | ---- | M] (Mozilla Corporation) -- C:\Arquivos de programas\Mozilla Thunderbird\thunderbird.exe
PRC - [2013/05/09 05:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastUI.exe
PRC - [2013/05/09 05:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
PRC - [2013/03/12 07:32:50 | 000,253,816 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
PRC - [2011/03/30 09:18:40 | 000,056,712 | ---- | M] ( ) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe
PRC - [2010/08/30 09:32:24 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Arquivos de programas\Epson Software\Event Manager\EEventManager.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
PRC - [2009/09/13 19:00:00 | 000,153,600 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50ST7.EXE
PRC - [2009/09/13 19:00:00 | 000,121,856 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50RP7.EXE
PRC - [2008/04/13 23:20:58 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/05/28 13:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
PRC - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Defender\MsMpEng.exe
PRC - [2006/08/03 03:53:02 | 000,053,248 | R--- | M] (S3 Graphics, Inc.) -- C:\WINDOWS\system32\VTTimer.exe
PRC - [2006/07/10 15:33:16 | 000,176,128 | R--- | M] (S3 Graphics Co., Ltd.) -- C:\WINDOWS\system32\S3Trayp.exe
PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013/07/30 05:12:40 | 002,089,472 | ---- | M] () -- C:\Arquivos de programas\Alwil Software\Avast5\defs\13073000\algo.dll
MOD - [2013/07/12 15:49:44 | 000,396,240 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
MOD - [2013/07/12 15:49:43 | 013,599,184 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
MOD - [2013/07/12 15:49:42 | 004,052,944 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.72\pdf.dll
MOD - [2013/07/12 15:48:49 | 001,597,392 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
MOD - [2013/06/26 17:38:27 | 002,244,504 | ---- | M] () -- C:\Arquivos de programas\Mozilla Thunderbird\mozjs.dll
MOD - [2013/06/26 17:38:27 | 000,158,104 | ---- | M] () -- C:\Arquivos de programas\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2013/06/26 17:38:27 | 000,022,424 | ---- | M] () -- C:\Arquivos de programas\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2009/01/10 19:15:44 | 000,159,744 | ---- | M] () -- C:\Arquivos de programas\FreeTime\FormatFactory\FFModules\Filters\Haali\mmfinfo.dll
MOD - [2009/01/10 19:14:06 | 000,023,552 | ---- | M] () -- C:\Arquivos de programas\FreeTime\FormatFactory\FFModules\Filters\Haali\mkunicode.dll
MOD - [2008/04/13 23:20:33 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [Disabled | Unknown] -- C:\Arquivos de programas\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv)
SRV - [2013/07/14 12:12:52 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/07/01 20:19:59 | 000,581,184 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Arquivos de programas\epson\EpsonCustomerResearchParticipation\EPCP.exe -- (EpsonCustomerResearchParticipation)
SRV - [2013/06/30 13:10:41 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/06/26 17:38:28 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/05/09 05:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/02/04 18:43:22 | 000,155,824 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Arquivos de programas\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011/03/30 09:18:40 | 000,056,712 | ---- | M] ( ) [Auto | Running] -- C:\Arquivos de programas\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/09/13 19:00:00 | 000,153,600 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50ST7.EXE -- (EPSON_EB_RPCV4_04)
SRV - [2009/09/13 19:00:00 | 000,121,856 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50RP7.EXE -- (EPSON_PM_RPCV4_04)
SRV - [2008/04/13 23:20:37 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2007/05/28 13:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2006/11/03 19:19:58 | 000,013,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV - [2003/07/28 19:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2003/04/18 18:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\system32\srvany.exe -- (KMService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (CrystalSysInfo)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (afq6velc)
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (a6dllrnk)
DRV - [2013/07/09 12:52:10 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2013/07/09 12:52:10 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2013/06/27 16:32:36 | 000,770,344 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/06/27 16:32:36 | 000,369,584 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/06/27 16:32:36 | 000,175,176 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 05:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 05:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 05:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 05:59:09 | 000,049,760 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013/05/09 05:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/06/03 10:45:50 | 000,005,504 | ---- | M] () [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2012/05/31 20:21:04 | 000,146,304 | R--- | M] (360.cn) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\360FileOem.sys -- (360FileOem)
DRV - [2012/05/31 20:21:04 | 000,054,912 | R--- | M] (360安全中心) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\360HookOem.sys -- (360HookOem)
DRV - [2012/05/31 20:21:04 | 000,023,168 | R--- | M] (360安全中心) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\360RegOem.sys -- (360RegOem)
DRV - [2011/03/30 09:20:02 | 000,046,600 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\gbpkm.sys -- (GbpKm)
DRV - [2011/01/22 08:28:31 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/02/11 09:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/11/16 13:33:38 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009/03/25 14:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2007/09/17 06:34:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2006/11/02 06:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/09/11 23:43:38 | 000,659,456 | R--- | M] (S3 Graphics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\S3gIGPm.sys -- (S3GIGP)
DRV - [2006/08/23 03:54:22 | 000,042,752 | R--- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\jraid.sys -- (JRAID)
DRV - [2006/06/29 17:20:08 | 000,048,896 | ---- | M] (PHILOG) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PhSerUsb.sys -- (PhSerUsb)
DRV - [2006/02/23 00:39:06 | 000,011,264 | R--- | M] (VIA Technologies,Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\xfilt.sys -- (xfilt)
DRV - [2006/02/23 00:38:32 | 000,009,728 | R--- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\videX32.sys -- (videX32)
DRV - [2006/02/07 08:52:58 | 000,006,912 | R--- | M] (JMicron ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\JGOGO.sys -- (JGOGO)
DRV - [2005/08/11 02:49:28 | 000,393,088 | R--- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (SenFiltService)
DRV - [2004/10/27 15:21:30 | 000,145,920 | ---- | M] (Windows ® Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004/08/12 23:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 94 46 D5 BC 35 8B CB 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8C0107A5-184B-4E00-9F30-8B62C364C463}: "URL" = http://www.google.co...rch?hl=pt-BR&q={searchTerms}&meta=&rlz=1I7ADSA_pt-BR
IE - HKCU\..\SearchScopes\{BF2C9952-C14F-4A27-A1CC-4F2F4CD4C4CE}: "URL" = http://www.bing.com/...h?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {87F8774F-B485-47E2-A755-A40A8A5E886C}:1.0.16.6
FF - prefs.js..extensions.enabledItems: {B1018341-ED1D-4a84-991D-B4C33320533F}:1.5.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..network.proxy.autoconfig_url: "http://build.losetwi...:8084/dlx64.dat"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Arquivos de programas\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0:  File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Arquivos de programas\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Arquivos de programas\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Arquivos de programas\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Documents and Settings\All Users\Dados de aplicativos\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Arquivos de programas\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8:  File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Arquivos de programas\Mozilla Firefox\components [2013/07/30 14:52:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Arquivos de programas\Mozilla Firefox\plugins [2013/07/01 13:31:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Components: C:\Arquivos de programas\Mozilla Thunderbird\components [2013/06/26 17:38:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.7\extensions\\Plugins: C:\Arquivos de programas\Mozilla Thunderbird\plugins
 
[2009/12/13 14:00:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Extensions
[2009/12/13 14:00:35 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009/01/12 01:07:07 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Extensions\{ae2cff10-0d52-4066-8be9-4abcf119fa79}
[2013/07/30 14:52:40 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Firefox\Profiles\s5kh005o.default\extensions
[2011/01/17 22:08:16 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Mozilla\Firefox\Profiles\s5kh005o.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/05/07 22:19:44 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de programas\Mozilla Firefox\extensions
[2012/04/20 22:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Arquivos de programas\mozilla firefox\components\browsercomps.dll
[2008/09/03 21:11:24 | 000,054,600 | ---- | M] (BitTorrent, Inc.) -- C:\Arquivos de programas\mozilla firefox\plugins\npbittorrent.dll
[2009/08/03 15:07:42 | 000,373,104 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\mozilla firefox\plugins\npOGAPlugin.dll
[2009/10/26 15:53:52 | 000,102,400 | ---- | M] (Zylom) -- C:\Arquivos de programas\mozilla firefox\plugins\npzylomgamesplayer.dll
[2012/04/20 23:26:25 | 000,001,027 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\buscape.xml
[2012/04/20 23:26:25 | 000,001,212 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\mercadolivre.xml
[2012/04/20 23:26:24 | 000,002,040 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\twitter.xml
[2012/04/20 23:26:25 | 000,001,168 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\wikipedia-br.xml
[2012/04/20 23:26:24 | 000,000,952 | ---- | M] () -- C:\Arquivos de programas\mozilla firefox\searchplugins\yahoo-br.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://g1.globo.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Lu e Tamara\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Lu e Tamara\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Lu e Tamara\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Arquivos de programas\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\np32dsw.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office 2003 (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\NPOFFICE.DLL
CHR - plugin: Office Genuine Advantage (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npOGAPlugin.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\Arquivos de programas\Mozilla Firefox\plugins\npzylomgamesplayer.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Arquivos de programas\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U21 (Enabled) = C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Unity Player (Enabled) = C:\Arquivos de programas\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_168.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Arquivos de programas\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
 
O1 HOSTS File: ([2011/02/02 22:43:55 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Arquivos de programas\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Arquivos de programas\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O4 - HKLM..\Run: [Adobe ARM] C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EEventManager] C:\Arquivos de programas\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [High Definition Audio Property Page Shortcut] C:\WINDOWS\System32\HdAShCut.exe (Windows ® Server 2003 DDK provider)
O4 - HKLM..\Run: [JMB36X Configure] C:\WINDOWS\System32\JMRaidTool.exe (JMicron Technology Corp.)
O4 - HKLM..\Run: [S3Trayp] C:\WINDOWS\System32\S3Trayp.exe (S3 Graphics Co., Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [VTTimer] C:\WINDOWS\System32\VTTimer.exe (S3 Graphics, Inc.)
O4 - HKCU..\Run: [DIMBaixando a sua atualização...1338924290338] c:\Arquivos de programas\Corel\CorelDRAW Graphics Suite X6\Draw\DIM.exe (Corel Corporation)
O4 - HKCU..\Run: [EPSON TX133 TX135 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJB.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [NavSincroLiteDetector] C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\NavCity\NavSincro Lite\NavSincroLite.exe (NavCity - Tecnologia em movimento)
O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\PHOTOfunSTUDIO 8.0 LE.lnk = C:\Arquivos de programas\Arquivos comuns\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html File not found
O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www] http in Trusted sites)
O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www14] https in Trusted sites)
O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www2] https in Trusted sites)
O15 - HKCU\..Trusted Domains: bb.com.br ([www] http in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} http://download.micr.../OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macr...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} https://www14.bancob...gin/GbpDist.cab (GbpDistObj Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.21.192.111 201.21.192.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41F0B04E-BB38-47CD-816C-8C1536E512A8}: DhcpNameServer = 201.21.192.111 201.21.192.116
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Arquivos de programas\GbPlugin\gbieh.dll) - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O24 - Desktop Components:0 (Minha página inicial atual) - About:Home
O28 - HKLM ShellExecuteHooks: {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Arquivos de programas\Windows Defender\MpShHook.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip - C:\WINDOWS\System32\iprip.dll (Microsoft Corporation)
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 90 Days ==========
 
[2013/07/30 16:19:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lu e Tamara\Desktop\OTL.exe
[2013/07/30 14:58:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013/07/30 14:47:39 | 000,562,042 | ---- | C] (Oleg N. Scherbakov) -- C:\Documents and Settings\Lu e Tamara\Desktop\JRT.exe
[2013/07/30 14:20:17 | 000,357,145 | ---- | C] (Farbar) -- C:\Documents and Settings\Lu e Tamara\Desktop\FSS.exe
[2013/07/30 14:20:11 | 000,147,456 | ---- | C] (Eric_71) -- C:\Documents and Settings\Lu e Tamara\Desktop\MbrScan.exe
[2013/07/30 13:18:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Google Earth
[2013/07/28 13:29:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MRT
[2013/07/28 13:28:47 | 000,000,000 | ---D | C] -- C:\7a313c2edecda62121652d
[2013/07/28 11:36:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Sony
[2013/07/27 17:15:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Lu e Tamara\Recent
[2013/07/27 17:11:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lu e Tamara\Desktop\Nova pasta
[2013/07/23 10:34:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Minhas paletas
[2013/07/23 10:29:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Protexis
[2013/07/23 00:43:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Corel
[2013/07/23 00:41:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Visual Studio 2008
[2013/07/23 00:29:10 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft SDKs
[2013/07/23 00:28:55 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Visual Studio 9.0
[2013/07/23 00:21:10 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Protexis
[2013/07/23 00:20:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Corel
[2013/07/23 00:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\Corel
[2013/07/22 22:13:52 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\CorelDRAW Graphics Suite X6
[2013/07/09 12:52:13 | 000,025,200 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\drivers\ggsemc.sys
[2013/07/09 12:52:13 | 000,012,400 | ---- | C] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\drivers\ggflt.sys
[2013/07/09 12:51:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Sony Ericsson
[2013/07/09 12:51:04 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Sony Ericsson
[2013/07/09 12:41:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Sony
[2013/07/09 12:41:38 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Sony
[2013/07/08 15:41:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\NavCity
[2013/07/03 16:21:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lu e Tamara\aTubeCatcher
[2013/07/03 15:58:36 | 000,489,392 | ---- | C] (Ask Partner Network) -- C:\Documents and Settings\Lu e Tamara\Meus documentos\APNSetup.exe
[2013/06/30 13:11:15 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Java
[2013/06/30 12:44:50 | 000,000,000 | ---D | C] -- C:\5292e64457bda8b74e9324
[2013/06/26 17:38:15 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Mozilla Thunderbird
[2013/05/13 21:08:18 | 000,066,336 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/05/04 14:11:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Crônicas de 1 fã
[2013/02/14 17:43:35 | 003,649,536 | ---- | C] (NavCity - Tecnologia em movimento) -- C:\Documents and Settings\Lu e Tamara\NavSincroLite.exe
[2013/02/14 17:43:35 | 000,651,264 | ---- | C] (NavCity) -- C:\Documents and Settings\Lu e Tamara\HRAlertaUpdater.exe
[2013/02/14 17:43:35 | 000,618,496 | ---- | C] (NavCity) -- C:\Documents and Settings\Lu e Tamara\NavSincroLiteUpdater.exe
[2013/02/14 17:43:35 | 000,192,512 | ---- | C] (ICSharpCode.net) -- C:\Documents and Settings\Lu e Tamara\ICSharpCode.SharpZipLib.dll
[2012/02/25 14:09:45 | 004,411,392 | ---- | C] (Gabest) -- C:\Arquivos de programas\mplayerc.exe
[2011/05/29 21:27:03 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\pcouffin.sys
[4 C:\Documents and Settings\Lu e Tamara\Meus documentos\*.tmp files -> C:\Documents and Settings\Lu e Tamara\Meus documentos\*.tmp -> ]
 
========== Files - Modified Within 90 Days ==========
 
[2013/07/30 16:37:00 | 000,001,192 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-884357618-682003330-1003UA.job
[2013/07/30 16:19:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lu e Tamara\Desktop\OTL.exe
[2013/07/30 16:16:11 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/30 16:16:05 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/30 14:57:48 | 000,000,346 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013/07/30 14:55:25 | 000,000,382 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013/07/30 14:54:46 | 000,001,068 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/30 14:54:45 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1214440339-884357618-682003330-1003.job
[2013/07/30 14:54:36 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/30 14:47:44 | 000,562,042 | ---- | M] (Oleg N. Scherbakov) -- C:\Documents and Settings\Lu e Tamara\Desktop\JRT.exe
[2013/07/30 14:47:07 | 000,666,633 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Desktop\adwcleaner.exe
[2013/07/30 14:23:12 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Desktop\Dump_Hdd0_DR0.mbr
[2013/07/30 14:20:20 | 000,357,145 | ---- | M] (Farbar) -- C:\Documents and Settings\Lu e Tamara\Desktop\FSS.exe
[2013/07/30 14:20:14 | 000,147,456 | ---- | M] (Eric_71) -- C:\Documents and Settings\Lu e Tamara\Desktop\MbrScan.exe
[2013/07/30 12:36:00 | 000,001,140 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-884357618-682003330-1003Core.job
[2013/07/30 12:30:15 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/07/28 13:37:39 | 148,811,776 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2013/07/28 13:27:36 | 000,529,734 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat
[2013/07/28 13:27:36 | 000,492,260 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/07/28 13:27:36 | 000,097,814 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat
[2013/07/28 13:27:36 | 000,084,320 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/07/25 14:56:58 | 000,000,000 | RH-- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\fcdf31c27daf836670ae3ef9432ca8342
[2013/07/24 14:05:52 | 000,384,016 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/21 15:28:00 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1214440339-884357618-682003330-1003.job
[2013/07/10 12:21:54 | 000,002,969 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2013/07/09 14:02:08 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2013/07/09 14:02:08 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ggflt_01009.Wdf
[2013/07/09 14:02:05 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2013/07/09 12:52:10 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\drivers\ggsemc.sys
[2013/07/09 12:52:10 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\System32\drivers\ggflt.sys
[2013/07/06 20:52:41 | 000,322,818 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Meus documentos\ED_1_MTE__2013_ABERTURA.PDF
[2013/06/27 16:32:36 | 000,770,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013/06/27 16:32:36 | 000,369,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013/06/27 16:32:36 | 000,175,176 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/06/27 16:32:36 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013/06/27 16:32:36 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013/06/27 16:32:36 | 000,000,175 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013/06/10 12:46:33 | 000,001,173 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\vso_ts_preview.xml
[2013/06/08 20:15:20 | 000,346,699 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Meus documentos\edital_80_-_edital_de_abertura.pdf
[2013/06/06 17:41:04 | 000,489,392 | ---- | M] (Ask Partner Network) -- C:\Documents and Settings\Lu e Tamara\Meus documentos\APNSetup.exe
[2013/05/14 19:44:27 | 000,566,792 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Meus documentos\churrasco.cdr
[2013/05/12 19:10:18 | 000,000,369 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Meus documentos.lnk
[2013/05/09 05:59:10 | 000,056,080 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013/05/09 05:59:10 | 000,049,376 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/05/09 05:59:09 | 000,066,336 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013/05/09 05:59:09 | 000,049,760 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013/05/09 05:59:08 | 000,029,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2013/05/09 05:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013/05/09 05:58:28 | 000,229,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[4 C:\Documents and Settings\Lu e Tamara\Meus documentos\*.tmp files -> C:\Documents and Settings\Lu e Tamara\Meus documentos\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/07/30 14:47:02 | 000,666,633 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Desktop\adwcleaner.exe
[2013/07/30 14:22:56 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Desktop\Dump_Hdd0_DR0.mbr
[2013/07/28 00:11:24 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2013/07/25 14:56:58 | 000,000,000 | RH-- | C] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\fcdf31c27daf836670ae3ef9432ca8342
[2013/07/23 23:18:05 | 000,347,526 | ---- | C] () -- C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\WPFFontCache_v0400-System.dat
[2013/07/09 14:02:08 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ggsemc_01009.Wdf
[2013/07/09 14:02:08 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_ggflt_01009.Wdf
[2013/07/09 14:02:05 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2013/07/06 20:52:41 | 000,322,818 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Meus documentos\ED_1_MTE__2013_ABERTURA.PDF
[2013/06/27 16:32:36 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013/06/27 16:32:36 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013/06/27 16:32:36 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013/06/19 15:23:07 | 000,000,902 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/06/08 20:15:20 | 000,346,699 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Meus documentos\edital_80_-_edital_de_abertura.pdf
[2013/05/14 19:44:27 | 000,566,792 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Meus documentos\churrasco.cdr
[2013/05/13 21:08:21 | 000,175,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013/05/13 21:08:21 | 000,049,376 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013/05/12 19:10:18 | 000,000,369 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Meus documentos.lnk
[2013/04/17 22:28:27 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2013/04/11 21:36:57 | 000,000,176 | ---- | C] () -- C:\WINDOWS\REC-NET.INI
[2013/04/08 18:32:19 | 000,000,097 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2013/04/08 18:32:18 | 000,111,932 | ---- | C] () -- C:\WINDOWS\System32\EPPICPrinterDB.dat
[2013/04/08 18:32:18 | 000,031,053 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern131.dat
[2013/04/08 18:32:18 | 000,027,417 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern121.dat
[2013/04/08 18:32:18 | 000,026,154 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern1.dat
[2013/04/08 18:32:18 | 000,024,903 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern3.dat
[2013/04/08 18:32:18 | 000,021,390 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern5.dat
[2013/04/08 18:32:18 | 000,020,148 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern2.dat
[2013/04/08 18:32:18 | 000,011,811 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern4.dat
[2013/04/08 18:32:18 | 000,004,943 | ---- | C] () -- C:\WINDOWS\System32\EPPICPattern6.dat
[2013/04/08 18:32:18 | 000,001,146 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_DU.dat
[2013/04/08 18:32:18 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_PT.dat
[2013/04/08 18:32:18 | 000,001,139 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_BP.dat
[2013/04/08 18:32:18 | 000,001,136 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_ES.dat
[2013/04/08 18:32:18 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_FR.dat
[2013/04/08 18:32:18 | 000,001,129 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_CF.dat
[2013/04/08 18:32:18 | 000,001,120 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_IT.dat
[2013/04/08 18:32:18 | 000,001,107 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_GE.dat
[2013/04/08 18:32:18 | 000,001,104 | ---- | C] () -- C:\WINDOWS\System32\EPPICPresetData_EN.dat
[2012/09/26 20:57:14 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012/09/26 20:57:14 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012/09/26 20:57:14 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012/09/26 20:57:14 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012/09/14 12:21:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\EEventManager.INI
[2012/09/13 17:06:30 | 000,000,094 | ---- | C] () -- C:\WINDOWS\ETX133.ini
[2012/03/25 20:53:44 | 000,484,352 | ---- | C] () -- C:\WINDOWS\System32\lame_enc.dll
[2012/02/16 05:01:32 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/11 20:24:54 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\srvany.exe
[2011/10/05 18:27:22 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2011/05/29 21:28:15 | 000,001,173 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\vso_ts_preview.xml
[2011/05/29 21:27:03 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\inst.exe
[2011/05/29 21:27:03 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\pcouffin.cat
[2011/05/29 21:27:03 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\pcouffin.inf
[2011/04/06 14:47:17 | 000,000,167 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\default.rss
[2008/12/30 21:56:35 | 000,000,106 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\default.pls
[2008/12/30 21:52:27 | 000,041,472 | ---- | C] () -- C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2009/11/11 12:03:17 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009/04/29 01:34:41 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:53:26 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 23:20:41 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010/03/07 13:45:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Alwil Software
[2011/03/22 22:08:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Big Fish Games
[2011/10/05 18:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Canneverbe Limited
[2010/02/10 13:29:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DAEMON Tools Lite
[2013/06/26 20:22:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\EPSON
[2009/09/23 23:53:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\FarmFrenzy2
[2011/04/27 12:38:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin
[2010/10/17 21:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\NCH Swift Sound
[2009/01/06 00:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\NFS Underground
[2012/01/24 15:27:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Nitro PDF
[2011/04/25 16:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PlayFirst
[2011/03/02 23:53:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCap Games
[2013/01/23 10:59:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Samsung
[2013/07/09 12:41:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Sony
[2011/03/22 21:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\TEMP
[2012/09/13 17:13:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\UDL
[2013/06/25 16:06:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\vsosdk
[2010/03/21 22:52:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Zylom
[2010/06/13 21:37:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Anabel
[2011/08/02 22:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\AnvSoft
[2009/02/12 14:31:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Any Video Converter
[2010/05/10 16:17:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Atari
[2012/06/19 22:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\AVI ReComp
[2013/07/28 13:35:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\BitTorrent
[2009/01/12 01:07:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Broad Intelligence
[2011/10/05 18:27:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Canneverbe Limited
[2008/12/30 08:53:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\DAEMON Tools
[2011/08/24 19:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\DAEMON Tools Lite
[2011/08/24 19:15:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\DAEMON Tools Pro
[2012/01/24 15:26:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Downloaded Installations
[2012/10/01 15:11:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\EPSON
[2012/01/25 18:33:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Expert PDF 7
[2012/03/25 20:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\FreeAudioPack
[2013/04/17 22:21:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\FreeCDRipper
[2011/03/22 23:39:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\GetRightToGo
[2012/09/13 17:18:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Leadertech
[2010/03/21 22:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\MysteryStudio
[2013/07/08 15:41:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\NavCity
[2009/10/05 21:16:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\NCH Swift Sound
[2012/01/24 15:36:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Nitro PDF
[2012/07/04 21:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Oracle
[2012/09/29 16:26:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Orbit
[2013/01/10 09:24:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\PDFReaderPackages
[2011/04/25 16:03:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\PlayFirst
[2012/09/29 15:59:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\ProgSense
[2013/01/23 11:01:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Samsung
[2013/01/10 09:24:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\SumatraPDF
[2012/02/01 16:18:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\SWiSH Max4
[2009/12/13 14:00:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Thunderbird
[2009/07/18 12:27:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\TuxPaint
[2013/06/11 16:35:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Vso
[2010/06/13 21:35:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\Zylom
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*.* >
[2013/07/30 14:49:03 | 000,000,361 | ---- | M] () -- C:\AdwCleaner[S1].txt
[2013/07/30 14:56:10 | 000,012,819 | ---- | M] () -- C:\AdwCleaner[S2].txt
[2009/07/13 17:21:03 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2001/10/28 12:06:10 | 000,004,952 | RHS- | M] () -- C:\Bootfont.bin
[2013/04/17 22:28:32 | 000,001,119 | ---- | M] () -- C:\INSTALL.LOG
[2008/12/29 10:52:38 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2008/12/29 10:52:38 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2004/08/03 22:38:34 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/12/29 19:53:48 | 000,251,696 | RHS- | M] () -- C:\ntldr
[2013/07/30 14:54:33 | 1069,547,520 | -HS- | M] () -- C:\pagefile.sys
[2013/07/30 14:54:58 | 000,002,834 | ---- | M] () -- C:\SMax.log
[2012/10/09 11:05:08 | 000,002,836 | ---- | M] () -- C:\SMax.log.bak
[2001/01/10 12:23:58 | 000,162,304 | ---- | M] () -- C:\UNWISE.EXE
 
< %systemdrive%\drivers\*.exe >
 
< %systemroot%\system32\drivers\*.* /90 >
[2013/05/09 05:59:08 | 000,029,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys
[2013/05/09 05:59:09 | 000,066,336 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswMonFlt.sys
[2013/05/09 05:59:09 | 000,049,760 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswRdr.sys
[2013/05/09 05:59:10 | 000,049,376 | ---- | M] () -- C:\WINDOWS\system32\drivers\aswRvrt.sys
[2013/06/27 16:32:36 | 000,770,344 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSnx.sys
[2013/06/27 16:32:36 | 000,000,175 | ---- | M] () -- C:\WINDOWS\system32\drivers\aswSnx.sys.sum
[2013/06/27 16:32:36 | 000,369,584 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswSP.sys
[2013/06/27 16:32:36 | 000,000,175 | ---- | M] () -- C:\WINDOWS\system32\drivers\aswSP.sys.sum
[2013/05/09 05:59:10 | 000,056,080 | ---- | M] (AVAST Software) -- C:\WINDOWS\system32\drivers\aswTdi.sys
[2013/06/27 16:32:36 | 000,175,176 | ---- | M] () -- C:\WINDOWS\system32\drivers\aswVmm.sys
[2013/06/27 16:32:36 | 000,000,175 | ---- | M] () -- C:\WINDOWS\system32\drivers\aswVmm.sys.sum
[2013/07/09 12:52:10 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\system32\drivers\ggflt.sys
[2013/07/09 12:52:10 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) -- C:\WINDOWS\system32\drivers\ggsemc.sys
[2013/07/09 14:02:05 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
[2013/07/09 14:02:08 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_ggflt_01009.Wdf
[2013/07/09 14:02:08 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\system32\drivers\Msft_Kernel_ggsemc_01009.Wdf
 
< %PROGRAMFILES%\*.* >
[2008/12/10 15:14:40 | 004,411,392 | ---- | M] (Gabest) -- C:\Arquivos de programas\mplayerc.exe
 
< %userprofile%\configurações locais\dados de aplicativos\*.exe >
 
< %userprofile%\configurações locais\dados de aplicativos\*.txt >
 
< %userprofile%\configurações locais\dados de aplicativos\*.ini >
[2011/12/07 20:20:50 | 000,041,472 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\configurações locais\dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
< %userprofile%\configurações locais\dados de aplicativos\*.dat /30 >
[2013/07/23 10:33:33 | 000,099,704 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\configurações locais\dados de aplicativos\GDIPFONTCACHEV1.DAT
 
< %userprofile%\configurações locais\dados de aplicativos\*.dll >
 
< %userprofile%\*.exe >
[2011/11/16 13:10:30 | 000,651,264 | ---- | M] (NavCity) -- C:\Documents and Settings\Lu e Tamara\HRAlertaUpdater.exe
[2013/02/14 14:53:20 | 003,649,536 | ---- | M] (NavCity - Tecnologia em movimento) -- C:\Documents and Settings\Lu e Tamara\NavSincroLite.exe
[2011/11/11 11:03:38 | 000,618,496 | ---- | M] (NavCity) -- C:\Documents and Settings\Lu e Tamara\NavSincroLiteUpdater.exe
 
< %userprofile%\*.txt >
[2010/11/22 05:41:53 | 000,000,002 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\4.txt
[2013/04/08 12:57:07 | 000,036,429 | -H-- | M] () -- C:\Documents and Settings\Lu e Tamara\debug.txt
[2013/02/14 17:43:41 | 000,000,099 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\versaoHR.txt
 
< %userprofile%\*.ini >
[2013/07/30 14:53:30 | 000,000,330 | -HS- | M] () -- C:\Documents and Settings\Lu e Tamara\ntuser.ini
 
< %userprofile%\*.dat /30 >
[2013/07/30 14:53:30 | 013,631,488 | -H-- | M] () -- C:\Documents and Settings\Lu e Tamara\NTUSER.DAT
 
< %userprofile%\*.dll >
[2013/04/08 12:57:06 | 000,192,512 | ---- | M] (ICSharpCode.net) -- C:\Documents and Settings\Lu e Tamara\ICSharpCode.SharpZipLib.dll
 
< %appdata%\*.* >
[2011/05/22 19:30:51 | 000,000,167 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\default.rss
[2008/12/29 07:47:07 | 000,000,062 | -HS- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\desktop.ini
[2013/07/25 14:56:58 | 000,000,000 | RH-- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\fcdf31c27daf836670ae3ef9432ca8342
[2011/05/29 21:27:03 | 000,087,608 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\inst.exe
[2011/05/29 21:27:03 | 000,007,887 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\pcouffin.cat
[2011/05/29 21:27:03 | 000,001,144 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\pcouffin.inf
[2011/05/29 21:27:10 | 000,000,034 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\pcouffin.log
[2011/05/29 21:27:03 | 000,047,360 | ---- | M] (VSO Software) -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\pcouffin.sys
[2013/06/10 12:46:33 | 000,001,173 | ---- | M] () -- C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\vso_ts_preview.xml
 
< %windir%\tasks\*.* /s >
[2013/07/30 16:16:05 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/07/30 14:55:25 | 000,000,382 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2001/10/28 12:07:04 | 000,000,065 | RH-- | M] () -- C:\WINDOWS\tasks\desktop.ini
[2013/07/30 14:54:46 | 000,001,068 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/07/30 16:16:11 | 000,001,072 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/07/30 12:36:00 | 000,001,140 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-884357618-682003330-1003Core.job
[2013/07/30 16:37:00 | 000,001,192 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1214440339-884357618-682003330-1003UA.job
[2013/07/30 14:57:48 | 000,000,346 | -H-- | M] () -- C:\WINDOWS\tasks\MP Scheduled Scan.job
[2013/07/30 14:54:45 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-1214440339-884357618-682003330-1003.job
[2013/07/21 15:28:00 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-1214440339-884357618-682003330-1003.job
[2013/07/30 14:54:43 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/07/22 15:35:44 | 000,000,516 | ---- | M] () -- C:\WINDOWS\tasks\Wise Registry Cleaner 4.job
 
< %PROGRAMFILES%\Internet Explorer\*.* >
[2009/03/08 04:35:04 | 000,144,384 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\ExtExport.exe
[2009/03/08 04:24:28 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\hmmapi.dll
[2009/07/01 04:08:06 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iecompat.dll
[2013/06/07 18:53:34 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iedvtool.dll
[2008/04/13 23:21:01 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iedw.exe
[2013/06/07 18:53:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\ieproxy.dll
[2009/03/08 14:09:26 | 000,638,816 | -HS- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe
[2009/03/08 14:33:36 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe.mui
[2013/06/07 18:53:45 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\jsdbgui.dll
[2009/03/08 04:35:02 | 000,121,344 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\jsdebuggeride.dll
[2009/03/08 04:35:04 | 000,118,272 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\JSProfilerCore.dll
[2009/03/08 04:35:12 | 000,233,984 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\jsprofilerui.dll
[2009/01/07 18:20:18 | 000,355,832 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\pdm.dll
[2009/01/07 18:20:54 | 000,134,144 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\sqmapi.dll
[2013/06/07 18:54:00 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Internet Explorer\xpshims.dll
 
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >
"DefaultConnectionSettings" = 46 00 00 00 CE 00 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 80 BD 84 55 98 89 CE 01 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 17 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 80 02 00 00 00 00 00 00 00 02 00 00 01 00 00 00 34 00 34 00 30 00 33 00 33 00 39 00 2D 00 38 00 38 00 34 00 33 00 35 00 37 00 36 00 31 00 38 00 2D 00 36 00 38 00 32 00 30 00 30 00 33 00 33 00 33 00 30 00 2D 00 31 00 30 00 30 00 33 00 5C 00 53 00 6F 00 66 00 74 00 02 00 00 00 C0 A8 00 07 00 00 00 00 00 00 00 00 72 00 6F 00 73 00 6F 00 66 00 74 00 5C 00 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 00 4E 00 54 00 5C 00 43 00 75 00 72 00 72 00 65 00 6E 00 74 00 56 00 65 00 72 00 73 00 69 00 6F 00 6E 00 5C 00 41 00 70 00 70 00 43 00 6F 00 6D 00 70 00 61 00 74 00 46 00 6C 00 61 00 67 00 73 00 5C 00 4C 00 61 00 79 00 65 00 72 00 73 00 00 00 00 00  [Binary data over 200 bytes]
"SavedLegacySettings" = 46 00 00 00 32 1C 00 00 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 80 BD 84 55 98 89 CE 01 00 00 00 00 00 00 00 00 00 00 00 00 02 00 00 00 17 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 02 00 00 00 00 00 00 80 02 00 00 00 00 00 00 00 02 00 00 01 00 00 00 34 00 34 00 30 00 33 00 33 00 39 00 2D 00 38 00 38 00 34 00 33 00 35 00 37 00 36 00 31 00 38 00 2D 00 36 00 38 00 32 00 30 00 30 00 33 00 33 00 33 00 30 00 2D 00 31 00 30 00 30 00 33 00 5C 00 53 00 6F 00 66 00 74 00 02 00 00 00 C0 A8 00 07 00 00 00 00 00 00 00 00 72 00 6F 00 73 00 6F 00 66 00 74 00 5C 00 57 00 69 00 6E 00 64 00 6F 00 77 00 73 00 20 00 4E 00 54 00 5C 00 43 00 75 00 72 00 72 00 65 00 6E 00 74 00 56 00 65 00 72 00 73 00 69 00 6F 00 6E 00 5C 00 41 00 70 00 70 00 43 00 6F 00 6D 00 70 00 61 00 74 00 46 00 6C 00 61 00 67 00 73 00 5C 00 4C 00 61 00 79 00 65 00 72 00 73 00 00 00 00 00  [Binary data over 200 bytes]
 
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations >
 
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments >
 
< HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run /s >
"CTFMON.EXE" = C:\WINDOWS\system32\CTFMON.EXE -- [2008/04/13 23:20:54 | 000,015,360 | ---- | M] (Microsoft Corporation)
"DWQueuedReporting" = "C:\ARQUIV~1\ARQUIV~1\MICROS~1\DW\dwtrig20.exe" -t -- [2010/12/20 23:26:32 | 000,519,584 | ---- | M] (Microsoft Corporation)
 
< HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ENABLE_SCRIPT_PASTE_URLACTION_IF_PROMP >
 
< HKCU\Software\Microsoft\Internet Explorer\Downloads >
 
< %systemdrive%\$Recycle.Bin|@;true;true;true /fp >
 
< Net User /c >
Contas de usu rio para \\CASA
-------------------------------------------------------------------------------
Administrador            Convidado                HelpAssistant            
Lu e Tamara              SUPPORT_388945a0         
Comando conclu¡do com ˆxito.
 
< MD5 for: SERVICES  >
[2001/10/28 12:07:26 | 000,006,953 | ---- | M] () MD5=89ABDE406B847C6C8B4BEAA1E0B42BEE -- C:\WINDOWS\system32\drivers\etc\services
 
< MD5 for: SERVICES.ASFX  >
[2012/09/23 20:43:52 | 000,002,588 | ---- | M] () MD5=0D18AE3100D7B9D49DCB1CE1EABA21F7 -- C:\Arquivos de programas\Adobe\Reader 11.0\Reader\Locale\pt_BR\Services\Services.asfx
 
< MD5 for: SERVICES.CFG  >
[2013/05/11 07:37:26 | 000,558,990 | ---- | M] () MD5=FE8FB005031C2574E990DAC1F9F5ACF8 -- C:\Arquivos de programas\Adobe\Reader 11.0\Reader\Services\Services.cfg
 
< MD5 for: SERVICES.CNF  >
[2012/06/11 22:59:46 | 000,000,046 | ---- | M] () MD5=74D2CB4C4B272C39CDE2212F68FE9D9B -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Meus Sites\_vti_pvt\services.cnf
[2013/06/27 14:18:19 | 000,000,003 | ---- | M] () MD5=864E46AD77EBE7A312EB11241A5114B6 -- C:\Documents and Settings\Lu e Tamara\Meus documentos\Meus Sites\meusite\_vti_pvt\services.cnf
 
< MD5 for: SERVICES.DAT  >
[2013/07/29 04:23:09 | 000,002,235 | ---- | M] () MD5=3F56F15AB110188F78E3DCE876FC707E -- C:\Documents and Settings\Lu e Tamara\Configurações locais\temp\jrt\services.dat
 
< MD5 for: SERVICES.EXE  >
[2009/02/09 08:17:04 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=38867483E0CB504BB8F277E05729881E -- C:\WINDOWS\$hf_mig$\KB956572\SP3QFE\services.exe
[2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=C52DEB6D8CD4B096BF1A9EC001F36507 -- C:\WINDOWS\ERDNT\cache\services.exe
[2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=C52DEB6D8CD4B096BF1A9EC001F36507 -- C:\WINDOWS\system32\dllcache\services.exe
[2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) MD5=C52DEB6D8CD4B096BF1A9EC001F36507 -- C:\WINDOWS\system32\services.exe
[2008/04/13 23:21:17 | 000,109,056 | ---- | M] (Microsoft Corporation) MD5=EE7999BAACA84CFAA03726E677EE2A33 -- C:\WINDOWS\ServicePackFiles\i386\services.exe
 
< MD5 for: SERVICES.MOCHIADS.COM.SOL  >
[2013/04/21 22:32:20 | 000,000,351 | ---- | M] () MD5=D4722C42C3FD131E723A60E7C5B6054B -- C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\3T6W4EXJ\mochiads.com\services.mochiads.com.sol
 
< MD5 for: SERVICES.MSC  >
[2001/10/28 12:07:26 | 000,033,074 | ---- | M] () MD5=420018D54146F64F42AC7D60525549F3 -- C:\WINDOWS\system32\services.msc
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 204 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst
@Alternate Data Stream - 194 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:0A8E2C33
@Alternate Data Stream - 12 bytes -> C:\WINDOWS\System32\drivers:IncompleteBoot.cnt
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:E73B14E2
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:661DFA1C
 
< End of report >
 

Arquivo(s) anexado(s)


"Quando Deus quer, não há quem não queira." Ayrton Senna

#10
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 25.278 posts

Ok,
 
1)
 
Selecione estas linhas dentro do CODE, clique com o direito sobre a seleção e escolha a opção copiar

OBS: Certifique-se de copiar começando pela letra e sinal de dois pontos ": O" de OTL.
 

:OTL
DRV - [2012/05/31 20:21:04 | 000,146,304 | R--- | M] (360.cn) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\360FileOem.sys -- (360FileOem)
DRV - [2012/05/31 20:21:04 | 000,054,912 | R--- | M] (360安全中心) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\360HookOem.sys -- (360HookOem)
DRV - [2012/05/31 20:21:04 | 000,023,168 | R--- | M] (360安全中心) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\360RegOem.sys -- (360RegOem)
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{8C0107A5-184B-4E00-9F30-8B62C364C463}: "URL" = http://www.google.co...rch?hl=pt-BR&q={searchTerms}&meta=&rlz=1I7ADSA_pt-BR
IE - HKCU\..\SearchScopes\{BF2C9952-C14F-4A27-A1CC-4F2F4CD4C4CE}: "URL" = http://www.bing.com/...h?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
FF - prefs.js..network.proxy.autoconfig_url: "http://build.losetwi...:8084/dlx64.dat"
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
[2013/07/03 15:58:36 | 000,489,392 | ---- | C] (Ask Partner Network) -- C:\Documents and Settings\Lu e Tamara\Meus documentos\APNSetup.exe
@Alternate Data Stream - 194 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:0A8E2C33
@Alternate Data Stream - 12 bytes -> C:\WINDOWS\System32\drivers:IncompleteBoot.cnt
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:E73B14E2
@Alternate Data Stream - 101 bytes -> C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:661DFA1C

:files
ipconfig /flushdns /c

:Commands
[createrestorepoint]
[purity]
[emptytemp]

Execute o OTL.exe

Clique com o direito em qualquer parte branca, da sessão Exames Personalizados/Correções e escolha a opção colar

Feche TODAS as janelas (exceto o próprio OTL).
Clique no botão BotaoConsertar.png

O programa executará o script e reiniciará o seu computador.
Quando o Windows for carregado, o OTL será executado automaticamente. Permita a sua execução.
Um bloco de notas será aberto, contendo algumas informações.
Copie TODO o conteúdo deste bloco de notas e cole na sua resposta.

Uma cópia deste log ficará armazenado na pasta C:\_OTL\MovedFiles com o nome no seguinte formato data_hora.log.

Exemplo: 03142010_145545.log
 
2)
 
Poste um novo log do HijackThis.



#11
Luck Anão

Luck Anão

    Membro Avançado

  • Membro
  • PipPipPip
  • 210 posts

Postando os logs depois da execução do OTL.

 

All processes killed
========== OTL ==========
Error: Unable to stop service 360FileOem!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\360FileOem deleted successfully.
C:\WINDOWS\system32\drivers\360FileOem.sys moved successfully.
Error: Unable to stop service 360HookOem!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\360HookOem deleted successfully.
C:\WINDOWS\system32\drivers\360HookOem.sys moved successfully.
Error: Unable to stop service 360RegOem!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\360RegOem deleted successfully.
C:\WINDOWS\system32\drivers\360RegOem.sys moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8C0107A5-184B-4E00-9F30-8B62C364C463}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C0107A5-184B-4E00-9F30-8B62C364C463}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BF2C9952-C14F-4A27-A1CC-4F2F4CD4C4CE}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BF2C9952-C14F-4A27-A1CC-4F2F4CD4C4CE}\ not found.
Prefs.js: "http://build.losetwi...:8084/dlx64.dat" removed from network.proxy.autoconfig_url
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
C:\Documents and Settings\Lu e Tamara\Meus documentos\APNSetup.exe moved successfully.
ADS C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:0A8E2C33 deleted successfully.
ADS C:\WINDOWS\System32\drivers:IncompleteBoot.cnt deleted successfully.
ADS C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:E73B14E2 deleted successfully.
ADS C:\Documents and Settings\All Users\Dados de aplicativos\TEMP:661DFA1C deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Configuração de IP do Windows
Liberação do cache do DNS Resolver bem-sucedida.
C:\Documents and Settings\Lu e Tamara\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\Lu e Tamara\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
Restore point Set: OTL Restore Point
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: LocalService
->Temp folder emptied: 65748 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Google Chrome cache emptied: 6488260 bytes
 
User: Lu e Tamara
->Temp folder emptied: 162972110 bytes
->Temporary Internet Files folder emptied: 2487209 bytes
->Java cache emptied: 461080 bytes
->FireFox cache emptied: 5865494 bytes
->Google Chrome cache emptied: 245297012 bytes
->Flash cache emptied: 648 bytes
 
User: NetworkService
->Temp folder emptied: 1863020 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 25742687 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 430,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 07302013_174739
 
Files\Folders moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...
 
 
 
Log do HiJack
 

Logfile of HijackThis v1.99.1
Scan saved at 17:58:41, on 30/7/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\ARQUIV~1\GbPlugin\GbpSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50ST7.EXE
C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50RP7.EXE
C:\Arquivos de programas\Java\jre7\bin\jqs.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\notepad.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe
C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe
C:\Arquivos de programas\Epson Software\Event Manager\EEventManager.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Hijack This\HijackThis.exe
 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Arquivos de programas\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Arquivos de programas\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [avast] "C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [EEventManager] "C:\Arquivos de programas\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [EPSON TX133 TX135 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJB.EXE /FU "C:\WINDOWS\TEMP\E_S7B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [NavSincroLiteDetector] C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\NavCity\NavSincro Lite\NavSincroLite.exe /tray
O4 - HKCU\..\Run: [DIMBaixando a sua atualização...1338924290338] "c:\Arquivos de programas\Corel\CorelDRAW Graphics Suite X6\Draw\DIM.exe" "c:\documents and settings\all users\dados de aplicativos\corel\downloads\540240626_310002\1338924290338\dim_params.xml" -Launch=3 -uibase="c:\documents and settings\all users\dados de aplicativos\corel\messages\540240626_310002\br\messagecache1\workflow"
O4 - Global Startup: PHOTOfunSTUDIO 8.0 LE.lnk = C:\Arquivos de programas\Arquivos comuns\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O15 - Trusted Zone: http://www.bancobrasil.com.br
O15 - Trusted Zone: http://www.bb.com.br
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancob...gin/GbpDist.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - c:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Arquivos de programas\GbPlugin\gbieh.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: EpsonCustomerResearchParticipation - SEIKO EPSON CORPORATION - C:\Arquivos de programas\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50ST7.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50RP7.EXE
O23 - Service: Gbp Service (GbpSv) -   - C:\ARQUIV~1\GbPlugin\GbpSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe" /medsvc (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Arquivos de programas\Java\jre7\bin\jqs.exe" -service -config "C:\Arquivos de programas\Java\jre7\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: KMService - Unknown owner - C:\WINDOWS\system32\srvany.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Arquivos de programas\Sony\Sony PC Companion\PCCService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
 

"Quando Deus quer, não há quem não queira." Ayrton Senna

#12
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 25.278 posts

Baixe e execute o MiniToolBox (por Farbar)

Selecione as opções:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files

Feche todos os seus navegadores e clique no botão Go.

Aguarde a ferramenta terminar o scan (é bem rapido) e ao final será aberto um bloco de notas.

Copie e cole o conteúdo desse bloco de notas na sua proxima resposta.

NOTA: Quando a opção "Reset FF Proxy Settings", o Fixefox deve ser fechado.



#13
Luck Anão

Luck Anão

    Membro Avançado

  • Membro
  • PipPipPip
  • 210 posts

Postando log

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Lu e Tamara (administrator) on 30-07-2013 at 18:23:33
Running from "C:\Documents and Settings\Lu e Tamara\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Configuração de IP do Windows
 
 
 
Liberação do cache do DNS Resolver bem-sucedida.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.autoconfig_url", "http://build.losetwi...:8084/dlx64.dat"
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Realtek RTL8169/8110 Family Gigabit Ethernet NIC = Conexão local (Connected)
 
 
# ---------------------------------- 
# Configuração de Interface IP                  
# ---------------------------------- 
pushd interface ip
 
 
# Configuração de interface IP para "Conexão local"
 
set address name="Conexão local" source=dhcp 
set dns name="Conexão local" source=dhcp register=PRIMARY
set wins name="Conexão local" source=dhcp
 
 
popd
# Final da configuração de interface IP
 
 
 
 
Configuração de IP do Windows
 
 
 
        Nome do host . . . . . . . . . . . : CASA
 
        Sufixo DNS primário. . . . . . . . : 
 
        Tipo de nó . . . . . . . . . . . . : desconhecido
 
        Roteamento de IP ativado . . . . . : não
 
        Proxy WINS ativado . . . . . . . . : não
 
 
 
Adaptador Ethernet Conexão local:
 
 
 
        Sufixo DNS específico de conexão  . : 
 
        Descrição . . . . . . . . . . . . . : Realtek RTL8169/8110 Family Gigabit Ethernet NIC
 
        Endereço físico . . . . . . . . . . : 00-1D-60-03-D9-C5
 
        DHCP ativado. . . . . . . . . . . . : Sim
 
        Configuração automática ativada . . : Sim
 
        Endereço IP . . . . . . . . . . . . : 192.168.0.7
 
        Máscara de sub-rede . . . . . . . . : 255.255.255.0
 
        Endereço IP . . . . . . . . . . . . : fe80::21d:60ff:fe03:d9c5%4
 
        Gateway padrão. . . . . . . . . . . : 192.168.0.1
 
        Servidor DHCP . . . . . . . . . . . : 192.168.0.1
 
        Servidores DNS. . . . . . . . . . . : 201.21.192.111
 
                                            201.21.192.116
 
                                            fec0:0:0:ffff::1%1
 
                                            fec0:0:0:ffff::2%1
 
                                            fec0:0:0:ffff::3%1
 
        Concessão obtida. . . . . . . . . . : terça-feira, 30 de julho de 2013 18:23:38
 
        Concessão expira. . . . . . . . . . : terça-feira, 30 de julho de 2013 19:23:38
 
 
 
Adaptador de túnel Teredo Tunneling Pseudo-Interface:
 
 
 
        Sufixo DNS específico de conexão  . : 
 
        Descrição . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
 
        Endereço físico . . . . . . . . . . : 00-00-FB-F6-44-DB-E5-86
 
        DHCP ativado. . . . . . . . . . . . : Não
 
        Endereço IP . . . . . . . . . . . . : 2001:0:9d38:953c:0:fbf6:44db:e586
 
        Endereço IP . . . . . . . . . . . . : fe80::ffff:ffff:fffd%5
 
        Gateway padrão. . . . . . . . . . . : ::
 
        NetBIOS por Tcpip . . . . . . . . . : Desativado
 
 
 
Adaptador de túnel Automatic Tunneling Pseudo-Interface:
 
 
 
        Sufixo DNS específico de conexão  . : 
 
        Descrição . . . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface
 
        Endereço físico . . . . . . . . . . : C0-A8-00-07
 
        DHCP ativado. . . . . . . . . . . . : Não
 
        Endereço IP . . . . . . . . . . . . : fe80::5efe:192.168.0.7%2
 
        Gateway padrão. . . . . . . . . . . : 
 
        Servidores DNS. . . . . . . . . . . : fec0:0:0:ffff::1%1
 
                                            fec0:0:0:ffff::2%1
 
                                            fec0:0:0:ffff::3%1
 
        NetBIOS por Tcpip . . . . . . . . . : Desativado
 
Servidor:  c915c06f.virtua.com.br
Address:  201.21.192.111
 
Nome =   google.com
Addresses:  74.125.234.224, 74.125.234.233, 74.125.234.232, 74.125.234.227
 74.125.234.226, 74.125.234.228, 74.125.234.231, 74.125.234.230, 74.125.234.225
 74.125.234.238, 74.125.234.229
 
 
 
Disparando contra google.com [74.125.234.228] com 32 bytes de dados:
 
 
 
Resposta de 74.125.234.228: bytes=32 tempo=140ms TTL=51
 
Resposta de 74.125.234.228: bytes=32 tempo=144ms TTL=51
 
 
 
Estat¡sticas do Ping para 74.125.234.228:
 
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de perda),
 
Aproximar um n£mero redondo de vezes em milissegundos:
 
    M¡nimo = 140ms, M ximo = 144ms, M‚dia = 142ms
 
Servidor:  c915c06f.virtua.com.br
Address:  201.21.192.111
 
Nome =   yahoo.com
Addresses:  206.190.36.45, 98.139.183.24, 98.138.253.109
 
 
 
Disparando contra yahoo.com [206.190.36.45] com 32 bytes de dados:
 
 
 
Resposta de 206.190.36.45: bytes=32 tempo=269ms TTL=47
 
Resposta de 206.190.36.45: bytes=32 tempo=259ms TTL=47
 
 
 
Estat¡sticas do Ping para 206.190.36.45:
 
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de perda),
 
Aproximar um n£mero redondo de vezes em milissegundos:
 
    M¡nimo = 259ms, M ximo = 269ms, M‚dia = 264ms
 
 
 
Disparando contra 127.0.0.1 com 32 bytes de dados:
 
 
 
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
 
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
 
 
 
Estat¡sticas do Ping para 127.0.0.1:
 
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de perda),
 
Aproximar um n£mero redondo de vezes em milissegundos:
 
    M¡nimo = 0ms, M ximo = 0ms, M‚dia = 0ms
 
===========================================================================
Lista de interfaces
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1d 60 03 d9 c5 ...... Realtek RTL8169/8110 Family Gigabit Ethernet NIC - Miniporta do agendador de pacotes
===========================================================================
===========================================================================
Rotas ativas:
Endere‡o de rede          M scara   Ender. gateway       Interface   Custo
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.7  10
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
      192.168.0.0    255.255.255.0      192.168.0.7     192.168.0.7  10
      192.168.0.7  255.255.255.255        127.0.0.1       127.0.0.1  10
    192.168.0.255  255.255.255.255      192.168.0.7     192.168.0.7  10
        224.0.0.0        240.0.0.0      192.168.0.7     192.168.0.7  10
  255.255.255.255  255.255.255.255      192.168.0.7     192.168.0.7  1
Gateway padrÆo:        192.168.0.1
===========================================================================
Rotas persistentes:
  Nenhuma
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\system32\pnrpnsp.dll [58880] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
 
Catalog5 05 C:\WINDOWS\system32\pnrpnsp.dll [58880] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
 
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 20 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 21 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 22 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/28/2013 01:39:46 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (07/27/2013 03:15:51 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 navsincrolite.exe, P2 1.13.214.0, P3 511d1680, P4 navsincrolite, P5 1.13.214.0, P6 511d1680, P7 6, P8 d1, P9 clr20r30, P10 clr20r31.
 
Error: (07/25/2013 02:55:50 PM) (Source: Application Hang) (User: )
Description: Aplicativo com falha DVD Shrink 3.2.exe, versão 3.2.0.15, módulo com falha hungapp, versão 0.0.0.0, endereço com falha 0x00000000.
 
Error: (07/25/2013 02:53:36 PM) (Source: Application Hang) (User: )
Description: Aplicativo com falha DVD Shrink 3.2.exe, versão 3.2.0.15, módulo com falha hungapp, versão 0.0.0.0, endereço com falha 0x00000000.
 
Error: (07/10/2013 00:20:18 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 navsincrolite.exe, P2 1.13.214.0, P3 511d1680, P4 navsincrolite, P5 1.13.214.0, P6 511d1680, P7 6, P8 d1, P9 clr20r30, P10 clr20r31.
 
Error: (07/08/2013 03:38:10 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 navsincrolite.exe, P2 1.13.214.0, P3 511d1680, P4 navsincrolite, P5 1.13.214.0, P6 511d1680, P7 6, P8 d1, P9 clr20r30, P10 clr20r31.
 
Error: (07/08/2013 03:35:56 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 navsincrolite.exe, P2 1.13.214.0, P3 511d1680, P4 navsincrolite, P5 1.13.214.0, P6 511d1680, P7 6, P8 d1, P9 clr20r30, P10 clr20r31.
 
Error: (07/08/2013 03:35:07 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 navsincrolite.exe, P2 1.13.214.0, P3 511d1680, P4 navsincrolite, P5 1.13.214.0, P6 511d1680, P7 6, P8 d1, P9 clr20r30, P10 clr20r31.
 
Error: (07/08/2013 03:34:30 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 navsincrolite.exe, P2 1.13.214.0, P3 511d1680, P4 navsincrolite, P5 1.13.214.0, P6 511d1680, P7 6, P8 d1, P9 clr20r30, P10 clr20r31.
 
Error: (07/03/2013 07:16:57 PM) (Source: MsiInstaller) (User: CASA)
Description: Produto: Ask Toolbar -- Erro 25001. Os aplicativos a seguir deverão estar fechados para continuar a desinstalação: 
 
Google Chrome
 
 
System errors:
=============
Error: (07/30/2013 05:53:41 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1
 
Error: (07/30/2013 05:47:41 PM) (Source: Service Control Manager) (User: )
Description: O serviço StarWind AE Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (07/30/2013 05:47:41 PM) (Source: Service Control Manager) (User: )
Description: O serviço Java Quick Starter foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (07/30/2013 05:47:41 PM) (Source: Service Control Manager) (User: )
Description: O serviço Protexis Licensing V2 foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (07/30/2013 05:47:41 PM) (Source: Service Control Manager) (User: )
Description: O serviço Machine Debug Manager foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (07/30/2013 05:47:41 PM) (Source: Service Control Manager) (User: )
Description: O serviço EPSON V5 Service4(04) foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (07/30/2013 05:47:41 PM) (Source: Service Control Manager) (User: )
Description: O serviço EPSON V3 Service4(04) foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (07/30/2013 05:47:40 PM) (Source: Service Control Manager) (User: )
Description: O serviço EpsonCustomerResearchParticipation foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (07/30/2013 05:47:40 PM) (Source: Service Control Manager) (User: )
Description: O serviço LexBce Server foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (07/30/2013 05:47:40 PM) (Source: Service Control Manager) (User: )
Description: O serviço Windows Defender foi finalizado inesperadamente. Isto aconteceu 1 vez(es). A seguinte ação corretiva será tomada em 15000 milissegundos: Reiniciar o serviço.
 
 
Microsoft Office Sessions:
=========================
 
=========================== Installed Programs ============================
 
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader XI (11.0.03) - Português (Version: 11.0.03)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
Advertising Center (Version: 0.0.0.2)
Any Video Converter 3.2.6
Arquivo do WinRAR
Assistente de Conexão do Windows Live (Version: 5.000.818.5)
Atualização de Segurança para o Windows Media Player (KB2834904)
Atualização de Segurança para Windows Internet Explorer 8 (KB2183461) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2360131) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2416400) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2482017) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2497640) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2510531) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2530548) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2544521) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2559049) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2586448) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2618444) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2647516) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2675157) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2699988) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2722913) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2744842) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2761465) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2792100) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2797052) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2799329) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2809289) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2817183) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2829530) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2838727) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2846071) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2847204) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB971961) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB972260) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB974455) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB976325) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB978207) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB981332) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB982381) (Version: 1)
Atualização de Segurança para Windows XP (KB2834886) (Version: 1)
Atualização de Segurança para Windows XP (KB2839229) (Version: 1)
Atualização de Segurança para Windows XP (KB2845187) (Version: 1)
Atualização de Segurança para Windows XP (KB2850851) (Version: 1)
Atualização de Segurança para Windows XP (KB923789)
Atualização para Windows Internet Explorer 8 (KB972636) (Version: 1)
Atualização para Windows Internet Explorer 8 (KB976662) (Version: 1)
Atualização para Windows Internet Explorer 8 (KB976749) (Version: 1)
Atualização para Windows Internet Explorer 8 (KB980182) (Version: 1)
aTube Catcher (Version: 2.9.1482)
Audacity 1.2.6
avast! Free Antivirus (Version: 8.0.1489.0)
AVI ReComp 1.5.3 (Version: 1.5.3)
AviSynth 2.5
BitTorrent (Version: 7.8.0.29626)
CCleaner (Version: 3.23)
CDBurnerXP (Version: 4.5.1.4003)
Centro de fotografias da Lexmark (Version: 1.05)
Commandos, Behind Enemy Lines (Version: 1.1)
ConvertXtoDVD 4.0.9.322 (Version: 4.0.9.322)
Corel Graphics - Windows Shell Extension (Version: 16.0.0.707)
Corel Graphics - Windows Shell Extension (Version: 16.0.707)
CorelDRAW Graphics Suite 12 (Version: 12.0.0.458)
CorelDRAW Graphics Suite X6 - BR (Version: 16.0)
CorelDRAW Graphics Suite X6 - Capture (Version: 16.0)
CorelDRAW Graphics Suite X6 - Common (Version: 16.0)
CorelDRAW Graphics Suite X6 - Connect (Version: 16.0)
CorelDRAW Graphics Suite X6 - Custom Data (Version: 16.0)
CorelDRAW Graphics Suite X6 - Draw (Version: 16.0)
CorelDRAW Graphics Suite X6 - Filters (Version: 16.0)
CorelDRAW Graphics Suite X6 - FontNav (Version: 16.0)
CorelDRAW Graphics Suite X6 - IPM (Version: 16.0)
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (Version: 16.0)
CorelDRAW Graphics Suite X6 - Photozoom Plugin (Version: 16.0)
CorelDRAW Graphics Suite X6 - Redist (Version: 16.0)
CorelDRAW Graphics Suite X6 - Setup Files (Version: 16.0)
CorelDRAW Graphics Suite X6 - VBA (Version: 16.0)
CorelDRAW Graphics Suite X6 - VideoBrowser (Version: 16.0)
CorelDRAW Graphics Suite X6 - VSTA (Version: 16.0)
CorelDRAW Graphics Suite X6 - Writing Tools (Version: 16.0)
CorelDRAW Graphics Suite X6 (Version: 16.0)
CorelDRAW Graphics Suite X6 (Version: 16.0.0.707)
Defraggler (Version: 2.13)
Desinstalar impressora EPSON TX133 TX135 Series
DolbyFiles (Version: 2.0)
DVD Shrink 3.2
Electronic Arts Game Updater
Epson Customer Research Participation (Version: 1.51.0000)
Epson Easy Photo Print 2 (Version: 2.2.4.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup (Version: 1.00.0000)
Epson Event Manager (Version: 2.40.0009)
EPSON Scan
Ferramenta de Carregamento do Windows Live (Version: 14.0.8014.1029)
FM Screen Capture Codec (Remove Only)
Free Mp3 Wma Converter V 2.2 (Version: 2.2.0.0)
Google Chrome (Version: 28.0.1500.72)
Google Earth Plug-in (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
HijackThis 1.99.1 (Version: 1.99.1)
ImagXpress (Version: 7.0.74.0)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
JMB36X Raid Configurer (Version: 1.00.0000)
Junk Mail filter update (Version: 14.0.8089.726)
K-Lite Codec Pack 4.8.0 (Standard) (Version: 4.8.0)
LameACM
Lexmark Photo Center (Version: 1.05)
LoiLoScope 2 (Version: 2.5.2.1)
Malwarebytes' Anti-Malware versão 1.51.2.1300 (Version: 1.51.2.1300)
Menu Templates - Starter Kit (Version: 9.0.4.0)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30730)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30730)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30730)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office FrontPage 2003 (Version: 11.0.8173.0)
Microsoft Office Professional Edição 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual Basic for Applications 7.1 (x86) (Version: 7.1.00.00)
Microsoft Visual Basic for Applications 7.1 (x86) English (Version: 7.1.0.0)
Microsoft Visual Basic for Applications 7.1 (x86) Portuguese (Brazil) (Version: 7.1.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (Version: 9.0.30729)
Microsoft XML Parser (Version: 8.70.1104.04)
Movie Templates - Starter Kit (Version: 9.0.4.0)
Mozilla Firefox 12.0 (x86 pt-BR) (Version: 12.0)
Mozilla Maintenance Service (Version: 17.0.7)
Mozilla Thunderbird 17.0.7 (x86 pt-BR) (Version: 17.0.7)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NavSincro Lite
Nero BurningROM (Version: 9.0.0.0)
Nero ControlCenter (Version: 0.0.0.1)
Nero ControlCenter (Version: 9.0.0.1)
Nero CoverDesigner (Version: 4.0.5.100)
Nero CoverDesigner Help (Version: 4.0.0.0)
Nero Express (Version: 9.0.0.0)
Nero Installer (Version: 4.4.9.0)
Nero Recode (Version: 3.53.0.0)
Nero Recode Help (Version: 3.53.0.0)
Nero ShowTime (Version: 4.99.0.0)
Nero Vision (Version: 0.0.0.1)
Nero Vision (Version: 6.0.6.100)
Nero WaveEditor (Version: 5.0.18.0)
Nero WaveEditor Help (Version: 5.0.15.0)
NeroBurningROM (Version: 9.0.9.100)
NeroExpress (Version: 9.0.9.100)
neroxml (Version: 1.0.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Pacote de Compatibilidade para o sistema Office 2007 (Version: 12.0.6612.1000)
PHOTOfunSTUDIO 8.0 LE (Version: 8.00.006)
Plasma Lobes
Platform (Version: 1.21)
REALTEK GbE & FE Ethernet PCI NIC Driver (Version: 1.02.0000)
Samsung USB Driver
SecurDisc Viewer
Segoe UI (Version: 14.0.4327.805)
Sony Ericsson Update Engine (Version: 2.13.8.201307151333)
Sony PC Companion 2.10.165 (Version: 2.10.165)
SoundMAX (Version: 3.0)
swMSM (Version: 12.0.0.1)
Unity Web Player (Version: 2.5.0f5_21627)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
VCRedistSetup (Version: 1.0.0)
VeryPDF PDF2Word v3.0
VIA Platform Device Manager (Version: 1.21)
VIA/S3G Display Driver 6.14.10.0071
VobSub 2.23 (Version: 2.23)
WebFldrs XP (Version: 9.50.7523)
Windows Defender (Version: 1.1.1593.21)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPcap 4.1.1 (Version: 4.1.0.1753)
Xvid 1.3.0 (Version: 1.3.0)
 
========================= Devices: ================================
 
Name: AWUS665O SCSI Controller
Description: AWUS665O SCSI Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: 
Service: aattu8mr
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 28%
Total physical RAM: 1790.42 MB
Available physical RAM: 1282.38 MB
Total Pagefile: 2658.2 MB
Available Pagefile: 2328.79 MB
Total Virtual: 2047.88 MB
Available Virtual: 1964.43 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:74.53 GB) (Free:5.7 GB) NTFS
 
========================= Users: ========================================
 
Contas de usu rio para \\CASA
 
Administrador            Convidado                HelpAssistant            
Lu e Tamara              SUPPORT_388945a0         
Comando conclu¡do com ˆxito.
 
========================= Minidump Files ==================================
 
No minidump file found
 
 
**** End of log ****
 
 
Depois de todos os problemas resolvidos como faço para excluir os programas que baixei? Só seleciono e jogo na lixeira ou dou Shift+Del?

"Quando Deus quer, não há quem não queira." Ayrton Senna

#14
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 25.278 posts

 

Depois de todos os problemas resolvidos como faço para excluir os programas que baixei? Só seleciono e jogo na lixeira ou dou Shift+Del?

 

Ao final informarei o procedimentos.

 

Faça o download do Windows Repair Portable.

http://www.tweaking....all_in_one.html

 

Escolha a opção: Portable (3.12 MB)

tweaking_download.gif - Direct Download


Instale o programa e execute-o.

Clique na aba Step 4 > Clique em Create para criar um ponto de restauração e em seguida em Backup para fazer backup do registro.
dFaOZ.png

Clique em Next em seguida Start.

Clique no botão 5wyy38.png para desmarcar todas as opções. Então marque:

Reset Registry Permissions
Reset File Permissions
Register System Files

Repair WMI
Repair Windows Firewall
Repair Internet Explorer

Remove Policies Set By Infections
Repair Icons
Repair Winsock & DNS Cache
Remove Temp Files
Repair Proxy Settings
Repair Windows Updates

Repair Volume Shadow Copy Service
Restore Important Windows Services
Set Windows Services To Default Startup
Repair MSI (Windows Installer)
Repair File Associations

Em seguida deixe marcado como está na imagem e dê o Start:

2hcjhvc.png

Aguarde e ao término o PC será reiniciado.

 

Desative temporariamente seu Antivírus 

  • Segure o botão Ctrl e clique neste link para abrir o ESET Online Scanner em uma nova janela.
  • Clique neste botão: j9Byf.png?1
  • Para navegadores alternativos: (Caso use o Internet Explorer, pule esta etapa)esetsmartinstaller_enu.png
    • Clique em esetsmartinstaller_enu.exe para baixar o ESET Smart Intaller. Salve-o em seu desktop.
    • Duplo clique no ícone em seu desktop.
  • Marque "YES, I accept the Terms of Use."
  • Clique em Start.
  • Aceite qualquer aviso de segurança de seu browser.
  • Em scan settings, marque "Scan Archives" e "Remove found threats"
  • Clique em Advanced settings e marque o seguinte:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ele vai atualizar por conta própria, e escanear o computador. Tenha paciência, o processo pode demorar horas.
  • Quando o scan terminar, clique em List Threats
  • Copie e cole o conteúdo em sua próxima resposta. Obs: Se nada for encontrado, nenhum log será gerado.
  • Clique em Back.
  • Clique em Finish.

Poste também um novo log do MiniToolBox


Editado por CarlosTurco, 30 julho 2013 - 18:26.


#15
Luck Anão

Luck Anão

    Membro Avançado

  • Membro
  • PipPipPip
  • 210 posts

POstando os logs:

 

C:\Documents and Settings\Lu e Tamara\Meus documentos\Meus Downloads\avc-free.exe Win32/OpenCandy application cleaned by deleting - quarantined
C:\WINDOWS\Driver_Cache Win32/Spy.Banbra.OGP trojan cleaned by deleting - quarantined
 
 
 
 
MiniToolBox by Farbar  Version: 13-07-2013
Ran by Lu e Tamara (administrator) on 31-07-2013 at 00:27:53
Running from "C:\Documents and Settings\Lu e Tamara\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Configuração de IP do Windows
 
 
 
Liberação do cache do DNS Resolver bem-sucedida.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Realtek RTL8169/8110 Family Gigabit Ethernet NIC = Conexão local (Connected)
 
 
# ---------------------------------- 
# Configuração de Interface IP                  
# ---------------------------------- 
pushd interface ip
 
 
# Configuração de interface IP para "Conexão local"
 
set address name="Conexão local" source=dhcp 
set dns name="Conexão local" source=dhcp register=PRIMARY
set wins name="Conexão local" source=dhcp
 
 
popd
# Final da configuração de interface IP
 
 
 
 
Configuração de IP do Windows
 
 
 
        Nome do host . . . . . . . . . . . : CASA
 
        Sufixo DNS primário. . . . . . . . : 
 
        Tipo de nó . . . . . . . . . . . . : desconhecido
 
        Roteamento de IP ativado . . . . . : não
 
        Proxy WINS ativado . . . . . . . . : não
 
 
 
Adaptador Ethernet Conexão local:
 
 
 
        Sufixo DNS específico de conexão  . : 
 
        Descrição . . . . . . . . . . . . . : Realtek RTL8169/8110 Family Gigabit Ethernet NIC
 
        Endereço físico . . . . . . . . . . : 00-1D-60-03-D9-C5
 
        DHCP ativado. . . . . . . . . . . . : Sim
 
        Configuração automática ativada . . : Sim
 
        Endereço IP . . . . . . . . . . . . : 192.168.0.7
 
        Máscara de sub-rede . . . . . . . . : 255.255.255.0
 
        Endereço IP . . . . . . . . . . . . : fe80::21d:60ff:fe03:d9c5%4
 
        Gateway padrão. . . . . . . . . . . : 192.168.0.1
 
        Servidor DHCP . . . . . . . . . . . : 192.168.0.1
 
        Servidores DNS. . . . . . . . . . . : 201.21.192.111
 
                                            201.21.192.116
 
                                            fec0:0:0:ffff::1%1
 
                                            fec0:0:0:ffff::2%1
 
                                            fec0:0:0:ffff::3%1
 
        Concessão obtida. . . . . . . . . . : quarta-feira, 31 de julho de 2013 00:13:20
 
        Concessão expira. . . . . . . . . . : quarta-feira, 31 de julho de 2013 01:13:20
 
 
 
Adaptador de túnel Teredo Tunneling Pseudo-Interface:
 
 
 
        Sufixo DNS específico de conexão  . : 
 
        Descrição . . . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
 
        Endereço físico . . . . . . . . . . : 00-00-FB-F8-44-DB-E5-86
 
        DHCP ativado. . . . . . . . . . . . : Não
 
        Endereço IP . . . . . . . . . . . . : 2001:0:4137:9e76:0:fbf8:44db:e586
 
        Endereço IP . . . . . . . . . . . . : fe80::ffff:ffff:fffd%5
 
        Gateway padrão. . . . . . . . . . . : ::
 
        NetBIOS por Tcpip . . . . . . . . . : Desativado
 
 
 
Adaptador de túnel Automatic Tunneling Pseudo-Interface:
 
 
 
        Sufixo DNS específico de conexão  . : 
 
        Descrição . . . . . . . . . . . . . : Automatic Tunneling Pseudo-Interface
 
        Endereço físico . . . . . . . . . . : C0-A8-00-07
 
        DHCP ativado. . . . . . . . . . . . : Não
 
        Endereço IP . . . . . . . . . . . . : fe80::5efe:192.168.0.7%2
 
        Gateway padrão. . . . . . . . . . . : 
 
        Servidores DNS. . . . . . . . . . . : fec0:0:0:ffff::1%1
 
                                            fec0:0:0:ffff::2%1
 
                                            fec0:0:0:ffff::3%1
 
        NetBIOS por Tcpip . . . . . . . . . : Desativado
 
Servidor:  c915c06f.virtua.com.br
Address:  201.21.192.111
 
Nome =   google.com
Addresses:  74.125.234.230, 74.125.234.238, 74.125.234.225, 74.125.234.233
 74.125.234.231, 74.125.234.228, 74.125.234.224, 74.125.234.229, 74.125.234.232
 74.125.234.226, 74.125.234.227
 
 
 
Disparando contra google.com [74.125.234.224] com 32 bytes de dados:
 
 
 
Resposta de 74.125.234.224: bytes=32 tempo=140ms TTL=51
 
Resposta de 74.125.234.224: bytes=32 tempo=139ms TTL=51
 
 
 
Estat¡sticas do Ping para 74.125.234.224:
 
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de perda),
 
Aproximar um n£mero redondo de vezes em milissegundos:
 
    M¡nimo = 139ms, M ximo = 140ms, M‚dia = 139ms
 
Servidor:  c915c06f.virtua.com.br
Address:  201.21.192.111
 
Nome =   yahoo.com
Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24
 
 
 
Disparando contra yahoo.com [206.190.36.45] com 32 bytes de dados:
 
 
 
Resposta de 206.190.36.45: bytes=32 tempo=320ms TTL=47
 
Resposta de 206.190.36.45: bytes=32 tempo=279ms TTL=47
 
 
 
Estat¡sticas do Ping para 206.190.36.45:
 
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de perda),
 
Aproximar um n£mero redondo de vezes em milissegundos:
 
    M¡nimo = 279ms, M ximo = 320ms, M‚dia = 299ms
 
 
 
Disparando contra 127.0.0.1 com 32 bytes de dados:
 
 
 
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
 
Resposta de 127.0.0.1: bytes=32 tempo<1ms TTL=128
 
 
 
Estat¡sticas do Ping para 127.0.0.1:
 
    Pacotes: Enviados = 2, Recebidos = 2, Perdidos = 0 (0% de perda),
 
Aproximar um n£mero redondo de vezes em milissegundos:
 
    M¡nimo = 0ms, M ximo = 0ms, M‚dia = 0ms
 
===========================================================================
Lista de interfaces
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 1d 60 03 d9 c5 ...... Realtek RTL8169/8110 Family Gigabit Ethernet NIC
===========================================================================
===========================================================================
Rotas ativas:
Endere‡o de rede          M scara   Ender. gateway       Interface   Custo
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.7  10
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
      192.168.0.0    255.255.255.0      192.168.0.7     192.168.0.7  10
      192.168.0.7  255.255.255.255        127.0.0.1       127.0.0.1  10
    192.168.0.255  255.255.255.255      192.168.0.7     192.168.0.7  10
        224.0.0.0        240.0.0.0      192.168.0.7     192.168.0.7  10
  255.255.255.255  255.255.255.255      192.168.0.7     192.168.0.7  1
Gateway padrÆo:        192.168.0.1
===========================================================================
Rotas persistentes:
  Nenhuma
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\system32\pnrpnsp.dll [58880] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
 
Catalog5 05 C:\WINDOWS\system32\pnrpnsp.dll [58880] (Microsoft Corporation)
ATTENTION: The LibraryPath should be "%SystemRoot%\system32\pnrpnsp.dll"
 
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 20 C:\WINDOWS\system32\mswsock.dll [247808] (Microsoft Corporation)
Catalog9 21 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 22 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/30/2013 09:06:43 PM) (Source: VSS) (User: )
Description: Erro do serviço de cópias de sombra de volume: não é possível instalar o componente C:\Documents and Settings\Lu e Tamara\Desktop\Tweaking.com - Windows Repair\SWPRV.DLL no aplicativo COM+ 'MS Software Shadow Copy Provider' [0x80110401].
 
Error: (07/30/2013 08:53:49 PM) (Source: WinMgmt) (User: )
Description: Falha ao carregar C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\MOF\SERVICEMODEL.MOF MOF durante a recuperação do arquivo de repositório.
 
Error: (07/30/2013 08:53:48 PM) (Source: WinMgmt) (User: )
Description: Falha ao carregar C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS COMMUNICATION FOUNDATION\SERVICEMODEL.MOF MOF durante a recuperação do arquivo de repositório.
 
Error: (07/30/2013 08:53:47 PM) (Source: WinMgmt) (User: )
Description: Falha ao carregar C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\CLR.MOF MOF durante a recuperação do arquivo de repositório.
 
Error: (07/30/2013 08:53:47 PM) (Source: WinMgmt) (User: )
Description: Falha ao carregar C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\ASPNET.MOF MOF durante a recuperação do arquivo de repositório.
 
Error: (07/30/2013 08:50:39 PM) (Source: WinMgmt) (User: )
Description: Falha ao carregar C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V4.0.30319\MOF\SERVICEMODEL.MOF MOF durante a recuperação do arquivo de repositório.
 
Error: (07/30/2013 08:50:38 PM) (Source: WinMgmt) (User: )
Description: Falha ao carregar C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.0\WINDOWS COMMUNICATION FOUNDATION\SERVICEMODEL.MOF MOF durante a recuperação do arquivo de repositório.
 
Error: (07/30/2013 08:50:37 PM) (Source: WinMgmt) (User: )
Description: Falha ao carregar C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\CLR.MOF MOF durante a recuperação do arquivo de repositório.
 
Error: (07/30/2013 08:50:37 PM) (Source: WinMgmt) (User: )
Description: Falha ao carregar C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\ASPNET.MOF MOF durante a recuperação do arquivo de repositório.
 
Error: (07/28/2013 01:39:46 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
 
System errors:
=============
Error: (07/30/2013 09:14:19 PM) (Source: DCOM) (User: AUTORIDADE NT)
Description: As configurações de permissão Específico do aplicativo não concedem permissão Local Inicialização para o aplicativo COM Server com CLSID 
{D851F103-8C90-4321-AFF0-58BA5BD421C2}
 ao usuário AUTORIDADE NT\SYSTEM SID (S-1-5-18).  Esta permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
 
Error: (07/30/2013 09:14:19 PM) (Source: DCOM) (User: AUTORIDADE NT)
Description: As configurações de permissão Específico do aplicativo não concedem permissão Local Inicialização para o aplicativo COM Server com CLSID 
{D851F103-8C90-4321-AFF0-58BA5BD421C2}
 ao usuário AUTORIDADE NT\SYSTEM SID (S-1-5-18).  Esta permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
 
Error: (07/30/2013 09:14:19 PM) (Source: DCOM) (User: AUTORIDADE NT)
Description: As configurações de permissão Específico do aplicativo não concedem permissão Local Inicialização para o aplicativo COM Server com CLSID 
{D851F103-8C90-4321-AFF0-58BA5BD421C2}
 ao usuário AUTORIDADE NT\SYSTEM SID (S-1-5-18).  Esta permissão de segurança pode ser modificada com a ferramenta administrativa Serviços de Componentes.
 
Error: (07/30/2013 09:13:38 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1
 
Error: (07/30/2013 05:53:41 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1
 
Error: (07/30/2013 05:47:41 PM) (Source: Service Control Manager) (User: )
Description: O serviço StarWind AE Service foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (07/30/2013 05:47:41 PM) (Source: Service Control Manager) (User: )
Description: O serviço Java Quick Starter foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (07/30/2013 05:47:41 PM) (Source: Service Control Manager) (User: )
Description: O serviço Protexis Licensing V2 foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (07/30/2013 05:47:41 PM) (Source: Service Control Manager) (User: )
Description: O serviço Machine Debug Manager foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
Error: (07/30/2013 05:47:41 PM) (Source: Service Control Manager) (User: )
Description: O serviço EPSON V5 Service4(04) foi encerrado inesperadamente.  Isso aconteceu 1 vez(es).
 
 
Microsoft Office Sessions:
=========================
 
=========================== Installed Programs ============================
 
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.8.800.94)
Adobe Photoshop 7.0 (Version: 7.0)
Adobe Reader XI (11.0.03) - Português (Version: 11.0.03)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
Advertising Center (Version: 0.0.0.2)
Any Video Converter 3.2.6
Arquivo do WinRAR
Assistente de Conexão do Windows Live (Version: 5.000.818.5)
Atualização de Segurança para o Windows Media Player (KB2834904)
Atualização de Segurança para Windows Internet Explorer 8 (KB2183461) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2360131) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2416400) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2482017) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2497640) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2510531) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2530548) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2544521) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2559049) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2586448) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2618444) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2647516) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2675157) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2699988) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2722913) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2744842) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2761465) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2792100) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2797052) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2799329) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2809289) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2817183) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2829530) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2838727) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2846071) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB2847204) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB971961) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB972260) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB974455) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB976325) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB978207) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB981332) (Version: 1)
Atualização de Segurança para Windows Internet Explorer 8 (KB982381) (Version: 1)
Atualização de Segurança para Windows XP (KB2834886) (Version: 1)
Atualização de Segurança para Windows XP (KB2839229) (Version: 1)
Atualização de Segurança para Windows XP (KB2845187) (Version: 1)
Atualização de Segurança para Windows XP (KB2850851) (Version: 1)
Atualização de Segurança para Windows XP (KB923789)
Atualização para Windows Internet Explorer 8 (KB972636) (Version: 1)
Atualização para Windows Internet Explorer 8 (KB976662) (Version: 1)
Atualização para Windows Internet Explorer 8 (KB976749) (Version: 1)
Atualização para Windows Internet Explorer 8 (KB980182) (Version: 1)
aTube Catcher (Version: 2.9.1482)
Audacity 1.2.6
avast! Free Antivirus (Version: 8.0.1489.0)
AVI ReComp 1.5.3 (Version: 1.5.3)
AviSynth 2.5
BitTorrent (Version: 7.8.0.29626)
CCleaner (Version: 3.23)
CDBurnerXP (Version: 4.5.1.4003)
Centro de fotografias da Lexmark (Version: 1.05)
Commandos, Behind Enemy Lines (Version: 1.1)
ConvertXtoDVD 4.0.9.322 (Version: 4.0.9.322)
Corel Graphics - Windows Shell Extension (Version: 16.0.0.707)
Corel Graphics - Windows Shell Extension (Version: 16.0.707)
CorelDRAW Graphics Suite 12 (Version: 12.0.0.458)
CorelDRAW Graphics Suite X6 - BR (Version: 16.0)
CorelDRAW Graphics Suite X6 - Capture (Version: 16.0)
CorelDRAW Graphics Suite X6 - Common (Version: 16.0)
CorelDRAW Graphics Suite X6 - Connect (Version: 16.0)
CorelDRAW Graphics Suite X6 - Custom Data (Version: 16.0)
CorelDRAW Graphics Suite X6 - Draw (Version: 16.0)
CorelDRAW Graphics Suite X6 - Filters (Version: 16.0)
CorelDRAW Graphics Suite X6 - FontNav (Version: 16.0)
CorelDRAW Graphics Suite X6 - IPM (Version: 16.0)
CorelDRAW Graphics Suite X6 - PHOTO-PAINT (Version: 16.0)
CorelDRAW Graphics Suite X6 - Photozoom Plugin (Version: 16.0)
CorelDRAW Graphics Suite X6 - Redist (Version: 16.0)
CorelDRAW Graphics Suite X6 - Setup Files (Version: 16.0)
CorelDRAW Graphics Suite X6 - VBA (Version: 16.0)
CorelDRAW Graphics Suite X6 - VideoBrowser (Version: 16.0)
CorelDRAW Graphics Suite X6 - VSTA (Version: 16.0)
CorelDRAW Graphics Suite X6 - Writing Tools (Version: 16.0)
CorelDRAW Graphics Suite X6 (Version: 16.0)
CorelDRAW Graphics Suite X6 (Version: 16.0.0.707)
Defraggler (Version: 2.13)
Desinstalar impressora EPSON TX133 TX135 Series
DolbyFiles (Version: 2.0)
DVD Shrink 3.2
Electronic Arts Game Updater
Epson Customer Research Participation (Version: 1.51.0000)
Epson Easy Photo Print 2 (Version: 2.2.4.0)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (Version: 1.00.0000)
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery
Epson Easy Photo Print Plug-in for Windows Live Photo Gallery Setup (Version: 1.00.0000)
Epson Event Manager (Version: 2.40.0009)
EPSON Scan
ESET Online Scanner v3
Ferramenta de Carregamento do Windows Live (Version: 14.0.8014.1029)
FM Screen Capture Codec (Remove Only)
Free Mp3 Wma Converter V 2.2 (Version: 2.2.0.0)
Google Chrome (Version: 28.0.1500.72)
Google Earth Plug-in (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.153)
HijackThis 1.99.1 (Version: 1.99.1)
ImagXpress (Version: 7.0.74.0)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
JMB36X Raid Configurer (Version: 1.00.0000)
Junk Mail filter update (Version: 14.0.8089.726)
K-Lite Codec Pack 4.8.0 (Standard) (Version: 4.8.0)
LameACM
Lexmark Photo Center (Version: 1.05)
LoiLoScope 2 (Version: 2.5.2.1)
Malwarebytes' Anti-Malware versão 1.51.2.1300 (Version: 1.51.2.1300)
Menu Templates - Starter Kit (Version: 9.0.4.0)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30730)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30730)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30730)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office FrontPage 2003 (Version: 11.0.8173.0)
Microsoft Office Professional Edição 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual Basic for Applications 7.1 (x86) (Version: 7.1.00.00)
Microsoft Visual Basic for Applications 7.1 (x86) English (Version: 7.1.0.0)
Microsoft Visual Basic for Applications 7.1 (x86) Portuguese (Brazil) (Version: 7.1.0.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (Version: 9.0.30729)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (Version: 9.0.30729)
Microsoft XML Parser (Version: 8.70.1104.04)
Movie Templates - Starter Kit (Version: 9.0.4.0)
Mozilla Firefox 12.0 (x86 pt-BR) (Version: 12.0)
Mozilla Maintenance Service (Version: 17.0.7)
Mozilla Thunderbird 17.0.7 (x86 pt-BR) (Version: 17.0.7)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NavSincro Lite
Nero BurningROM (Version: 9.0.0.0)
Nero ControlCenter (Version: 0.0.0.1)
Nero ControlCenter (Version: 9.0.0.1)
Nero CoverDesigner (Version: 4.0.5.100)
Nero CoverDesigner Help (Version: 4.0.0.0)
Nero Express (Version: 9.0.0.0)
Nero Installer (Version: 4.4.9.0)
Nero Recode (Version: 3.53.0.0)
Nero Recode Help (Version: 3.53.0.0)
Nero ShowTime (Version: 4.99.0.0)
Nero Vision (Version: 0.0.0.1)
Nero Vision (Version: 6.0.6.100)
Nero WaveEditor (Version: 5.0.18.0)
Nero WaveEditor Help (Version: 5.0.15.0)
NeroBurningROM (Version: 9.0.9.100)
NeroExpress (Version: 9.0.9.100)
neroxml (Version: 1.0.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Pacote de Compatibilidade para o sistema Office 2007 (Version: 12.0.6612.1000)
PHOTOfunSTUDIO 8.0 LE (Version: 8.00.006)
Plasma Lobes
Platform (Version: 1.21)
REALTEK GbE & FE Ethernet PCI NIC Driver (Version: 1.02.0000)
Samsung USB Driver
SecurDisc Viewer
Segoe UI (Version: 14.0.4327.805)
Sony Ericsson Update Engine (Version: 2.13.8.201307151333)
Sony PC Companion 2.10.165 (Version: 2.10.165)
SoundMAX (Version: 3.0)
swMSM (Version: 12.0.0.1)
Unity Web Player (Version: 2.5.0f5_21627)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
VCRedistSetup (Version: 1.0.0)
VeryPDF PDF2Word v3.0
VIA Platform Device Manager (Version: 1.21)
VIA/S3G Display Driver 6.14.10.0071
VobSub 2.23 (Version: 2.23)
WebFldrs XP (Version: 9.50.7523)
Windows Defender (Version: 1.1.1593.21)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPcap 4.1.1 (Version: 4.1.0.1753)
Xvid 1.3.0 (Version: 1.3.0)
 
========================= Devices: ================================
 
Name: AWUS665O SCSI Controller
Description: AWUS665O SCSI Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: 
Service: admwxipu
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 36%
Total physical RAM: 1790.42 MB
Available physical RAM: 1134.43 MB
Total Pagefile: 2658.2 MB
Available Pagefile: 2260.64 MB
Total Virtual: 2047.88 MB
Available Virtual: 1966.21 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:74.53 GB) (Free:6.15 GB) NTFS
 
========================= Users: ========================================
 
Contas de usu rio para \\CASA
 
Administrador            Convidado                HelpAssistant            
Lu e Tamara              SUPPORT_388945a0         
Comando conclu¡do com ˆxito.
 
========================= Minidump Files ==================================
 
No minidump file found
 
 
**** End of log ****
 

"Quando Deus quer, não há quem não queira." Ayrton Senna

#16
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 25.278 posts

Ok,

 

Desative temporiariamente seu AntiVirus  

  • Segure o botão Ctrl e clique neste link para abrir o ESET Online Scanner em uma nova janela.
  • Clique neste botão: j9Byf.png?1
  • Para navegadores alternativos: (Caso use o Internet Explorer, pule esta etapa)esetsmartinstaller_enu.png
    • Clique em esetsmartinstaller_enu.exe para baixar o ESET Smart Intaller. Salve-o em seu desktop.
    • Duplo clique no ícone em seu desktop.
  • Marque "YES, I accept the Terms of Use."
  • Clique em Start.
  • Aceite qualquer aviso de segurança de seu browser.
  • Em scan settings, marque "Scan Archives" e "Remove found threats"
  • Clique em Advanced settings e marque o seguinte:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ele vai atualizar por conta própria, e escanear o computador. Tenha paciência, o processo pode demorar horas.
  • Quando o scan terminar, clique em List Threats
  • Copie e cole o conteúdo em sua próxima resposta. Obs: Se nada for encontrado, nenhum log será gerado.
  • Clique em Back.
  • Clique em Finish.

Poste também um novo log do HijackThis.



#17
Luck Anão

Luck Anão

    Membro Avançado

  • Membro
  • PipPipPip
  • 210 posts

Não gerou nenhum log no outro programa.

 

Postando log do HiJack

 

Logfile of HijackThis v1.99.1
Scan saved at 18:21:55, on 31/7/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\ARQUIV~1\GbPlugin\GbpSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Arquivos de programas\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50ST7.EXE
C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50RP7.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Arquivos de programas\Java\jre7\bin\jqs.exe
C:\WINDOWS\system32\S3trayp.exe
C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe
C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe
C:\Arquivos de programas\Epson Software\Event Manager\EEventManager.exe
C:\WINDOWS\system32\svchost.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Arquivos de programas\Windows Defender\MpCmdRun.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Hijack This\HijackThis.exe
 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Arquivos de programas\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Arquivos de programas\Epson Software\Easy Photo Print\EPTBL.dll
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Arquivos de programas\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [avast] "C:\Arquivos de programas\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [EEventManager] "C:\Arquivos de programas\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Lu e Tamara\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [EPSON TX133 TX135 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHJB.EXE /FU "C:\WINDOWS\TEMP\E_S7B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [NavSincroLiteDetector] C:\Documents and Settings\Lu e Tamara\Dados de aplicativos\NavCity\NavSincro Lite\NavSincroLite.exe /tray
O4 - HKCU\..\Run: [DIMBaixando a sua atualização...1338924290338] "c:\Arquivos de programas\Corel\CorelDRAW Graphics Suite X6\Draw\DIM.exe" "c:\documents and settings\all users\dados de aplicativos\corel\downloads\540240626_310002\1338924290338\dim_params.xml" -Launch=3 -uibase="c:\documents and settings\all users\dados de aplicativos\corel\messages\540240626_310002\br\messagecache1\workflow"
O4 - Global Startup: PHOTOfunSTUDIO 8.0 LE.lnk = C:\Arquivos de programas\Arquivos comuns\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll/cmsidewiki.html
O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsof...ss/allinone.asp
O15 - Trusted Zone: http://www.bancobrasil.com.br
O15 - Trusted Zone: http://www.bb.com.br
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} (GbpDistObj Class) - https://www14.bancob...gin/GbpDist.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - c:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll
O20 - Winlogon Notify:  GbPluginBb - C:\Arquivos de programas\GbPlugin\gbieh.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Arquivos de programas\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: EpsonCustomerResearchParticipation - SEIKO EPSON CORPORATION - C:\Arquivos de programas\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50ST7.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Arquivos de programas\Arquivos comuns\EPSON\EPW!3 SSRP\E_S50RP7.EXE
O23 - Service: Gbp Service (GbpSv) -   - C:\ARQUIV~1\GbPlugin\GbpSv.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe" /medsvc (file missing)
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Arquivos de programas\Java\jre7\bin\jqs.exe" -service -config "C:\Arquivos de programas\Java\jre7\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: KMService - Unknown owner - C:\WINDOWS\system32\srvany.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
O23 - Service: Sony PC Companion - Avanquest Software - C:\Arquivos de programas\Sony\Sony PC Companion\PCCService.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Arquivos de programas\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

"Quando Deus quer, não há quem não queira." Ayrton Senna

#18
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 25.278 posts

Ok,

 

O problema continua?



#19
Luck Anão

Luck Anão

    Membro Avançado

  • Membro
  • PipPipPip
  • 210 posts

CarlosTurco

 

Não aconteceu mais.

 

Até um outro problema que tinha de não aparecer o ícone de desconexão das portas USB foi resolvido.

 

Tem mais alguma coisa para ser feita???

 

Como remover os programas?


"Quando Deus quer, não há quem não queira." Ayrton Senna

#20
CarlosTurco

CarlosTurco

    Assistente

  • Assistente
  • 25.278 posts

Bom dia.

 


Tem mais alguma coisa para ser feita???

 

Como remover os programas?

 

O OTL está descrito no procedimento final. O Malwarebytes desinstale pelo painel de controle, os outros apenas delete os executáveis.

 

 

Para finalizar:

  • Execute o OTL.exe

    Clique no botão Botao_Limpeza_OTL.png.
  • iconjava.png Atualize o Java. Versões antigas têm vunerabilidades que alguns malwares podem usar para infectar seu sistema.
    • Faça download da última versão do Java SE 7u25.
    • Clique em JRE Download
    • Marque a caixa Accept License Agreement..
    • Clique no link para download Windows x86 Offline 30.25 MB jre-7u25-windows-i586.exe e salve no seu desktop.
    • Feche qualquer programa que esteja executando, especialmente navegadores.
    • Vá em Iniciar > Painel de Controle duplo clique em Adicionar ou Remover Programas e remova todas as versões antigas do Java.
      Exemplos de versões antigas
      Java 2 Runtime Environment, SE v1.4.2
      J2SE Runtime Environment 5.0
      J2SE Runtime Environment 5.0 Update 6
    • Selecione qualquer item com nome Java Runtime Environment (JRE ou J2SE).
    • Clique no botão Remover ou Alterar/Remover.
    • Repita quantas vezes for necessária para remover cada versão do Java.
    • Reincie seu computador uma vez que todas as versões do Java tenham sido removidas.
    • Agora vá no seu desktop, clique duas vezes em jre-7u25-windows-i586.exe para instalar a mais nova versão.
    • ATENÇÃO: Desmarque a caixa de instalação da ASK Toolbar.
  • iconadobe.png  Atualize o Adobe Reader. Versões antigas têm vulnerabilidades que são exploradas por malwares.

    Clique aqui e instale a mais nova versão.
  • iconflash.png Mantenha o Flash Player atualizado. Versões antigas também têm vulnerabilidades que são exploradas por malwares. Clique aqui e instale a mais nova versão.
  • worm.pngWorms USB (vírus de pendrive) podem infectar qualquer tipo de dispositivo de armazenamento removível (pendrives, mp3, mp4, celulares, cartões de memória, câmeras fotográficas). Este tipo de malware explora um recurso nativo do Windows chamado Autorun, ou Autoplay (é aquele assistente que aparece quando você insere um cd ou pendrive, perguntando com qual programa você deseja abri-lo). O Autoplay precisa de um arquivo chamado autorun.inf para funcionar.

    Mantenha um cópia limpa e protegida do arquivo autorun.inf em todos os dispositivos removíveis e em todas as unidades do sistema. Deste modo, se acaso você plugar o seu pendrive em algum pc infectado, o malware não vai conseguir sobreescrever o arquivo pré-existente. Mas ainda assim ele poderá copiar seus executáveis maliciosos para o pendrive, tais como .EXE, .SCR, .CMD, .PIF, .BAT, .COM.
    Se você plugar este pendrive em uma máquina limpa e executar algum desses arquivos maliciosos, esse sistema será infectado da mesma forma. Portanto, tenha cuidado e use o bom senso.

    Para criar um arquivo autorun.inf protegido no Windows XP:

    Faça o download do Flash_Disinfector.exe e salve na sua área de trabalho.
    • Conecte todos os dispositivos de armazenamento removível nas portas USBs. Salve o que achar necessário, EXCETO arquivos executáveis, depois formate as mídias, indo em Meu Computador e clicando com o direito sobre a unidade da mídia, escolhendo a opção "Formatar"
    • Execute o Flash_Disinfector.exe.
    • Vá seguindo os prompts que poderão aparecer.
    • Espere até que o programa conclua a busca e depois saia do programa.
    Para Windows Vista e 7: Panda USB Vaccine
  • TFC_icon.pngPara manutenção de sistema, remoção de arquivos temporários e inválidos, baixe TFC, by OldTimer.

    Feche TODOS os programas e execute o TFC. Clique no botão Start e aguarde. Sua área de trabalho irá desaparecer, não se preocupe, isso faz parte do processo.

    Tenha paciência, conforme a quantidade de dados a serem excluídos, o processo pode demorar mais de 2 minutos.

    Quando terminar, você será solicitado a reiniciar seu computador. REINICIE.

    Caso não lhe seja solicitado, reinicie manualmente.
  • iconwu.pngVisite o Windows Update regularmente e verifique por atualizações.
    Novas brechas de segurança são descobertas com freqüência. Muitos malwares exploram essas brechas, infectando sistemas sem depender de nenhuma ação do usuário. A Microsoft corrige essas brechas através das atualizações.
    Por isso é fundamental manter o seu sistema atualizado.
  • Desative e ative novamente a Restauração do Sistema.
  • Aprenda alguns cuidados e dicas para manter seu computador limpo. Leia o artigo Proteja seu pc:
    http://linhadefensiv...proteja-seu-pc/
  • Se não há mais nenhum problema relacionado a malwares, clique no botão denunld.png e peça para fecharem seu tópico.

Se você tiver alguma dúvida relacionada a informática e tecnologia, sinta-se à vontade para postar em qualquer área do forum Linha Defensiva.

Abraço. :legal: