janelas que se abrem sozinhas.

classic Clássica list Lista threaded Em Árvore
Travado 19 mensagens Opções
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

janelas que se abrem sozinhas.

Diana
Olá!
Encontrei no forum um assunto relacionado as janelas que se abrem sozinhas.
Meu pc abre janelas de propagandas, de jogos  e outras com se fossem pop-ups ( mesmo as pop-ups desligadas), mas agora tb abrem guias novas, e quando acesso um site como americanas, ele coloca janelas por cima de alguns itens, que te levam a outros sites.
Como sou crua no assunto preciso de ajuda.
Obrigada
Diana
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Diana
Segue arquivo otl


OTL logfile created on: 25/7/2013 16:04:12 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Financeir\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
 
1013,42 Mb Total Physical Memory | 218,39 Mb Available Physical Memory | 21,55% Memory free
2,40 Gb Paging File | 1,22 Gb Available in Paging File | 50,77% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 109,84 Gb Free Space | 73,70% Space Free | Partition Type: NTFS
Drive Z: | 19,07 Gb Total Space | 12,08 Gb Free Space | 63,33% Space Free | Partition Type: NTFS
 
Computer Name: FINANCEIRO | User Name: Financeir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 360 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/07/25 15:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL.exe
PRC - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe
PRC - [2013/07/15 11:23:42 | 000,409,640 | ---- | M] (GAS Tecnologia) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe
PRC - [2013/04/09 05:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
PRC - [2012/09/22 08:56:30 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe
PRC - [2009/07/24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/28 06:14:00 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2008/04/13 23:20:58 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/17 13:17:08 | 000,163,840 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetcrss1.exe
PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/05/16 08:44:40 | 013,136,776 | ---- | M] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll
MOD - [2013/04/09 05:57:07 | 000,390,096 | ---- | M] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 05:57:05 | 004,050,896 | ---- | M] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 05:56:13 | 001,606,096 | ---- | M] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2011/03/02 12:40:52 | 000,140,288 | ---- | M] () -- C:\Arquivos de programas\WinRAR\RarExt.dll
MOD - [2009/11/05 08:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2008/04/13 23:20:33 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [On_Demand | Stopped] -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe -- (dealplylivem)
SRV - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [Auto | Stopped] -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe -- (dealplylive)
SRV - [2013/07/15 11:23:42 | 000,409,640 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\Arquivos de programas\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2012/09/22 08:56:30 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/07/24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2013/07/25 15:49:32 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (NdisrdMP)
DRV - [2013/07/25 15:49:32 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (Ndisrd)
DRV - [2013/07/01 08:37:46 | 000,046,904 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\gbpkm.sys -- (GbpKm)
DRV - [2011/01/14 04:06:40 | 000,277,352 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010/11/02 08:36:26 | 006,188,648 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009/11/17 20:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/17 20:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/12/13 11:26:38 | 000,102,400 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/04/13 15:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2007/10/25 13:50:26 | 000,062,848 | ---- | M] (ASICEN) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AsicenUSBDTVBDA_DM011.sys -- (AsicenUSBDTV_DM011)
DRV - [2006/12/01 13:48:22 | 000,020,992 | ---- | M] (ASICEN) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AS11Loader.sys -- (AS11Loader)
DRV - [2004/06/28 10:06:26 | 000,061,840 | ---- | M] (Gemplus) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTwinUSB.sys -- (GTwinUSB)
DRV - [2003/12/05 06:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/10/16 10:44:04 | 000,082,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cyg_ser.sys -- (cyg_ser)
DRV - [2003/10/16 10:43:20 | 000,051,040 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cyg_bus.sys -- (cyg_bus)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
IE - HKLM\..\SearchScopes,DefaultScope = {FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://br.msn.com/
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ [binary data]
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes,DefaultScope = {FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{B3FD69ED-2469-4493-9F02-38212A7C3E72}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSNIE8&pc=MSNIE8&src=IE-SearchBox
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}: "URL" = http://www.google.pt/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_pt-BR
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Arquivos de programas\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3: C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9: C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Arquivos de programas\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Arquivos de programas\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.135\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.135\npGoogleUpdate3.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Dados de aplicativos\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/05/07 15:29:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Arquivos de programas\Web Assistant\Firefox [2012/06/04 15:39:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\lyrix@lyrixeeker.co: C:\Arquivos de programas\LyriXeeker\125.xpi [2013/07/23 17:25:42 | 000,007,064 | ---- | M] ()
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\npbrowserext.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Arquivos de programas\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Update\1.3.21.53\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Arquivos de programas\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Bejeweled = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Radio Do Brasil = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh\1.0.56_0\
CHR - Extension: Play Parole = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dfigpchbljbamamhkecemhceioapljbn\1.0_0\
CHR - Extension: Web Assistant = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\
CHR - Extension: Fruit Ninja = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\eofdejdahdbbmnibkpgbfknnpbhpbcad\1.6_0\
CHR - Extension: Voicenote - fala em texto. = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfmldhibfm\2.4.22_0\
CHR - Extension: Bubble Shooter-HD = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.2.0_0\
CHR - Extension: Pursuit of Hat = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\jepniedfbdhmplhbjffedeomcaopopob\1.1_0\
CHR - Extension: Hatsune Miku = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\kigfdicgjnpjkhbnngdfgjfffmdaonfg\2_0\
CHR - Extension: Super Stacker 2 = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\klemmckdcnieolllgjgbniaeehggmano\3.0_0\
CHR - Extension: Crackle Brazil = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\lflobbippdgfecmbdgjdejahlimggpef\1.0.0_0\
CHR - Extension: Poppit = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Editor de HQs = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mhfajnocemhaofoiejdekipegedfeeni\1.4_0\
CHR - Extension: DealPly  Shopping = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.5.0.0_0\
CHR - Extension: Mahjong Solitaire = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\neojceinbonpjjcokpokpeobkhcpiloc\1.0.0.2_0\
CHR - Extension: Gomoku = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nhhdgipkbgjblbgjlbakfffjbffpdblo\1.0.11_0\
CHR - Extension: LyricXeeker = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\odnofacmifkjndflfmmplhckcbfjckhj\1.125_0\
CHR - Extension: Psykopaint = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\
CHR - Extension: Psykopaint = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\.bak
 
O1 HOSTS File: ([2012/12/05 13:59:59 | 000,000,774 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (ssh2 Class) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll (Scopus Tecnologia Ltda)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Arquivos de programas\Web Assistant\Extension32.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {DF89BC70-AC87-4A31-ACD5-7417E2CF1209} - No CLSID value found.
O3 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [CertificateRegistration] C:\WINDOWS\System32\aetcrss1.exe (A.E.T. Europe B.V.)
O4 - HKLM..\Run: [gemstrmw] C:\WINDOWS\System32\gemstrmw.exe (Gemplus)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-21-527237240-562591055-839522115-1003..\Run: [SpybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [SymInstallStub] C:\WINDOWS\System32\Adobe\Shockwave 11\SymInstallStub.exe (Symantec Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www14] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www2] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancoreal.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancosantander.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancosantander.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bb.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([imagem] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([internetbanking] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([internetbanking] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([bankline] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([guardiao] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([www2] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([wwws] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([wwws] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santander.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santander.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santanderempresarial.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santanderempresarial.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws2] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws2] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernetibe.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernetibe.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: secureweb.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: secureweb.com.br ([www] https in Sites confiáveis)
O16 - DPF: {2DEF4530-8CE6-41C9-84B6-A54536C90213} http://cob.bancovw.com.br/viewer9/activeXViewer/activexviewer.cab (Crystal Report Viewer Control 9)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1304768064948 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1307534482359 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} https://imagem.caixa.gov.br/cab/GBPDIST2K.CAB (GbpDistObj Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39F8FD3D-2667-4A1F-94A7-26E219669948}: NameServer = 192.168.1.254
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-527237240-562591055-839522115-1003 Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginAbn: DllName - (C:\Arquivos de programas\GbPlugin\gbiehAbn.dll) - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Arquivos de programas\GbPlugin\gbieh.dll) - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\Arquivos de programas\GbPlugin\gbiehCef.dll) - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\Arquivos de programas\GbPlugin\gbiehUni.dll) - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O22 - SharedTaskScheduler: {A3717295-941D-416F-9384-ED1736729F1C} - scpLIB - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O24 - Desktop WallPaper: C:\Documents and Settings\Financeir\Meus documentos\Minhas imagens\mhb.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Financeir\Meus documentos\Minhas imagens\mhb.bmp
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/03/08 12:19:42 | 000,000,021 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/08/22 17:35:08 | 000,000,021 | ---- | M] () - Z:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2b07deea-95e4-11e1-92c0-001fd0fef641}\Shell - "" = AutoRun
O33 - MountPoints2\{2b07deea-95e4-11e1-92c0-001fd0fef641}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{64998505-7fac-11e0-983c-001fd0fef641}\Shell - "" = AutoRun
O33 - MountPoints2\{64998505-7fac-11e0-983c-001fd0fef641}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{64998507-7fac-11e0-983c-001fd0fef641}\Shell - "" = AutoRun
O33 - MountPoints2\{64998507-7fac-11e0-983c-001fd0fef641}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b65734b8-f8d9-11e0-91f7-001fd0fef641}\Shell - "" = AutoRun
O33 - MountPoints2\{b65734b8-f8d9-11e0-91f7-001fd0fef641}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 360 Days ==========[/color]
 
[2013/07/25 15:54:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL.exe
[2013/07/25 11:23:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Financeir\Recent
[2013/07/23 17:25:42 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\LyriXeeker
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DealPlyLive
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\DealPlyLive
[2013/07/23 17:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Dealply
[2013/07/23 17:25:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\DealPly
[2013/07/23 17:25:05 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\DealPly
[2013/05/24 13:15:48 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxCoIn_v5218.dll
[2013/05/24 12:23:40 | 000,024,576 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\gemstrmw.exe
[2013/05/24 12:23:21 | 000,061,840 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\drivers\GTwinUSB.sys
[2013/05/24 12:23:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Gemplus
[2013/05/24 12:09:41 | 000,000,000 | ---D | C] -- C:\database
[2013/05/22 09:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Lucano
[2013/05/21 08:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\Escaneamentos
[2013/05/04 10:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\cielo extratos
[2013/04/26 15:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Cao
[2013/04/15 09:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\trix.therebels.tonybennett.duets2.2012
[2013/03/05 09:56:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\GAS Tecnologia
[2013/01/28 14:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\CATALOGOS
[2013/01/28 14:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Atalhos para produtos em vidro temperado
[2013/01/18 11:55:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2013/01/18 11:51:16 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/01/18 11:07:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2013/01/16 13:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\IDM
[2012/11/07 15:44:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\TeamViewer
[2012/11/06 02:04:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\MSXML 4.0
[2012/11/06 02:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Silverlight
[2012/11/01 15:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\PopCap Games
[2012/10/27 08:23:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCap Games
[2012/10/25 15:01:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/10/13 14:42:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Newsoft
[2012/10/13 14:36:21 | 000,020,992 | ---- | C] (ASICEN) -- C:\WINDOWS\System32\drivers\AS11Loader.sys
[2012/10/13 14:36:11 | 000,062,848 | ---- | C] (ASICEN) -- C:\WINDOWS\System32\drivers\AsicenUSBDTVBDA_DM011.sys
[2012/10/13 14:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\InstallShield
[2012/10/13 14:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\NewSoft
[2012/10/13 14:35:36 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\NewSoft
[2012/10/13 14:35:32 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\NewSoft
[2012/09/28 11:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\FORMULARIO MHB
[2012/09/25 16:00:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\Max Impressão
[2012/09/25 16:00:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Maxprint
[2012/09/22 08:57:00 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Java
[2012/09/22 08:56:53 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/09/22 08:56:39 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/09/21 14:10:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Sun
[2012/09/20 17:26:45 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012/09/20 13:25:49 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Silverlight
[2012/09/20 08:42:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\HP PrecisionScan LTX
[2012/09/20 08:41:55 | 000,350,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltkrn70n.dll
[2012/09/20 08:41:55 | 000,118,784 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpsjvset.dll
[2012/09/20 08:41:55 | 000,111,104 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpng70n.dll
[2012/09/20 08:41:55 | 000,093,184 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lftif70n.dll
[2012/09/20 08:41:55 | 000,055,296 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltfil70n.DLL
[2012/09/20 08:41:55 | 000,035,328 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffpx70n.dll
[2012/09/20 08:41:55 | 000,032,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfgif70n.dll
[2012/09/20 08:41:55 | 000,032,768 | ---- | C] (Hewlett-Packard, GHC) -- C:\WINDOWS\System32\hpgreg32.dll
[2012/09/20 08:41:55 | 000,032,768 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpsj32.dll
[2012/09/20 08:41:55 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcx70n.dll
[2012/09/20 08:41:54 | 000,667,648 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\ipeistor12.dll
[2012/09/20 08:41:54 | 000,331,776 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\ipebase12.dll
[2012/09/20 08:41:54 | 000,224,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LFCMP70n.DLL
[2012/09/20 08:41:54 | 000,077,824 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\ipeapi12.dll
[2012/09/20 08:41:54 | 000,055,808 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffax70n.dll
[2012/09/19 17:18:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\EurekaLog
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Oi
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Oi
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Lightcomm
[2012/09/17 12:51:41 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Oi
[2012/09/08 16:54:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\CyberLink
[2012/09/08 16:54:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\CyberLink
[2012/08/20 17:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCapY
[2012/08/20 11:04:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\PopCap Games
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 360 Days ==========[/color]
 
[2013/07/25 15:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL.exe
[2013/07/25 15:49:32 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) -- C:\WINDOWS\System32\drivers\GbpNdisrd.sys
[2013/07/25 15:43:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/25 11:04:29 | 000,001,997 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Norton Product Installer.lnk
[2013/07/25 11:04:10 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/07/25 10:03:57 | 000,000,642 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Product InstallerIdle.job
[2013/07/25 10:03:57 | 000,000,634 | ---- | M] () -- C:\WINDOWS\tasks\Norton Product Installer.job
[2013/07/25 09:05:18 | 000,209,696 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/24 15:41:38 | 000,001,080 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG
[2013/07/23 17:25:15 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2013/07/23 17:25:03 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\LyricXeeker Update.job
[2013/07/11 14:21:01 | 000,000,020 | ---- | M] () -- C:\WINDOWS\hppsapp.INI
[2013/07/01 08:58:00 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/07/01 08:37:46 | 000,046,904 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\System32\drivers\gbpkm.sys
[2013/06/08 09:16:14 | 000,000,192 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\HP LaserJet P1005.lnk
[2013/06/04 07:31:31 | 000,010,266 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndisrd.cat
[2013/06/04 07:31:31 | 000,003,641 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndisrd.inf
[2013/06/04 07:31:31 | 000,001,814 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndisrd_m.inf
[2013/06/04 07:31:31 | 000,001,402 | ---- | M] () -- C:\WINDOWS\System32\drivers\gas.cer
[2013/05/16 13:08:13 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1006Core1ce524f91476a96.job
[2013/05/07 12:49:21 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1003Core1ce4b3a709f5680.job
[2013/04/11 07:45:58 | 000,002,444 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Google Chrome.lnk
[2013/04/10 10:15:31 | 000,006,779 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\carta.pdf
[2013/04/09 13:09:42 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/06 10:51:38 | 000,036,924 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Itau.pdf
[2013/04/04 11:14:11 | 000,000,421 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2013/04/04 09:27:50 | 000,117,287 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\Portalex 2.jpg
[2013/04/04 09:26:12 | 000,462,353 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\portalex.png
[2013/04/03 11:16:41 | 000,056,410 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\pagam.pdf
[2013/04/02 10:20:24 | 000,208,406 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Temperminas.pdf
[2013/04/01 12:27:44 | 000,531,165 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\cielo.pdf
[2013/03/26 07:49:11 | 000,536,692 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat
[2013/03/26 07:49:11 | 000,501,962 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/03/26 07:49:11 | 000,097,690 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat
[2013/03/26 07:49:11 | 000,087,398 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/03/12 08:28:02 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio4.bmp
[2013/03/07 17:32:01 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio3.bmp
[2013/03/07 17:31:15 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio2.bmp
[2013/03/07 17:30:23 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio1.bmp
[2013/03/07 17:28:55 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio.bmp
[2013/02/05 13:19:32 | 000,104,107 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\orc2.jpg
[2013/02/05 13:14:33 | 000,138,445 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\orc1.jpg
[2013/01/29 09:34:28 | 000,013,467 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\caixa hoje.pdf
[2012/12/16 09:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2012/12/16 09:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2012/12/07 13:39:05 | 000,111,595 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\PortaGenilson.pdf
[2012/12/05 13:59:59 | 000,000,774 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/11/23 07:44:31 | 000,458,136 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\tela tablet.pdf
[2012/11/12 08:07:05 | 000,078,583 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\santander.pdf
[2012/11/12 07:07:41 | 000,129,828 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\156797.pdf
[2012/11/10 14:30:10 | 000,053,699 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\EXTRATO DIGISAT ATE JULHO 2012.pdf
[2012/11/09 14:09:52 | 011,934,054 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\CompEndeço.bmp
[2012/11/07 16:17:58 | 000,084,852 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\Relatório.pdf
[2012/11/03 13:11:43 | 000,000,025 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2012/10/27 06:57:41 | 002,105,132 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\COMPROVANTE.pdf
[2012/10/13 14:35:55 | 000,001,705 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Presto! PVR.lnk
[2012/09/26 15:26:33 | 000,050,120 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL SETEMBRO.pdf
[2012/09/26 15:25:46 | 000,051,354 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL AGOSTO.pdf
[2012/09/26 15:18:39 | 000,050,298 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JULHO.pdf
[2012/09/26 15:12:33 | 000,050,311 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JUNHO.pdf
[2012/09/26 14:56:30 | 000,050,804 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL MAIO.pdf
[2012/09/25 16:00:13 | 000,000,907 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Max Impressão.lnk
[2012/09/22 08:56:31 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/09/22 08:56:30 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/09/22 08:56:30 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/09/22 08:56:30 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/09/22 08:56:30 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/09/22 08:56:29 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012/09/22 08:56:29 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012/09/22 08:37:30 | 000,002,206 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Emissor de Nota Fiscal Eletrônica (NF-e) 2.0.lnk
[2012/09/21 15:31:17 | 000,019,462 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil jul.pdf
[2012/09/21 15:30:27 | 000,020,737 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil ago.pdf
[2012/09/21 15:29:45 | 000,019,180 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil set.pdf
[2012/09/20 08:42:00 | 000,001,015 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\HP PrecisionScan LTX.lnk
[2012/09/03 19:32:40 | 000,010,265 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil.pdf
[2012/08/24 16:46:04 | 000,000,622 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Atalho para ESQ.BAT.lnk
[2012/08/07 15:57:47 | 000,000,003 | ---- | M] () -- C:\WINDOWS\System32\keyboard1.idx
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/07/25 11:04:29 | 000,002,003 | ---- | C] () -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\Norton Product Installer.lnk
[2013/07/25 11:04:29 | 000,001,997 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Norton Product Installer.lnk
[2013/07/23 17:25:15 | 000,000,912 | ---- | C] () -- C:\WINDOWS\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2013/07/23 17:25:03 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\LyricXeeker Update.job
[2013/06/08 09:16:14 | 000,000,192 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\HP LaserJet P1005.lnk
[2013/05/24 13:15:48 | 001,674,683 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2013/05/24 13:15:48 | 000,001,023 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2013/05/16 13:08:13 | 000,001,120 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1006Core1ce524f91476a96.job
[2013/05/07 12:49:21 | 000,001,132 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1003Core1ce4b3a709f5680.job
[2013/04/22 12:44:47 | 000,010,266 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndisrd.cat
[2013/04/22 12:44:47 | 000,003,641 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndisrd.inf
[2013/04/22 12:44:47 | 000,001,814 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndisrd_m.inf
[2013/04/22 12:44:47 | 000,001,402 | ---- | C] () -- C:\WINDOWS\System32\drivers\gas.cer
[2013/04/10 11:25:00 | 000,006,779 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\carta.pdf
[2013/04/06 10:51:32 | 000,036,924 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Itau.pdf
[2013/04/04 09:27:50 | 000,117,287 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Portalex 2.jpg
[2013/04/04 09:26:09 | 000,462,353 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\portalex.png
[2013/04/03 11:16:40 | 000,056,410 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\pagam.pdf
[2013/04/02 10:20:21 | 000,208,406 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Temperminas.pdf
[2013/04/01 12:27:38 | 000,531,165 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\cielo.pdf
[2013/03/12 08:28:02 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio4.bmp
[2013/03/07 17:32:01 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio3.bmp
[2013/03/07 17:31:15 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio2.bmp
[2013/03/07 17:30:23 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio1.bmp
[2013/03/07 17:28:54 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio.bmp
[2013/02/07 11:51:24 | 000,000,481 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Notepad  IMPRESSO.lnk
[2013/02/05 13:19:03 | 000,104,107 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\orc2.jpg
[2013/02/05 13:14:04 | 000,138,445 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\orc1.jpg
[2013/01/29 09:34:27 | 000,013,467 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\caixa hoje.pdf
[2013/01/18 11:09:40 | 000,000,642 | -H-- | C] () -- C:\WINDOWS\tasks\Norton Product InstallerIdle.job
[2013/01/18 11:09:40 | 000,000,634 | ---- | C] () -- C:\WINDOWS\tasks\Norton Product Installer.job
[2012/12/07 13:40:38 | 000,111,595 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\PortaGenilson.pdf
[2012/11/23 07:44:29 | 000,458,136 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\tela tablet.pdf
[2012/11/12 08:17:48 | 000,129,828 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\156797.pdf
[2012/11/12 08:17:39 | 000,078,583 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\santander.pdf
[2012/11/10 14:35:24 | 000,051,354 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL AGOSTO.pdf
[2012/11/10 14:35:24 | 000,050,298 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JULHO.pdf
[2012/11/10 14:35:24 | 000,050,120 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL SETEMBRO.pdf
[2012/11/10 14:35:24 | 000,020,737 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil ago.pdf
[2012/11/10 14:35:24 | 000,019,462 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil jul.pdf
[2012/11/10 14:35:24 | 000,019,180 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil set.pdf
[2012/11/10 14:35:24 | 000,010,265 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil.pdf
[2012/11/10 14:35:23 | 000,050,804 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL MAIO.pdf
[2012/11/10 14:35:23 | 000,050,311 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JUNHO.pdf
[2012/11/10 14:30:07 | 000,053,699 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\EXTRATO DIGISAT ATE JULHO 2012.pdf
[2012/11/09 14:09:51 | 011,934,054 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\CompEndeço.bmp
[2012/11/09 14:07:20 | 000,025,823 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\comprovante_insc_KeD.pdf
[2012/11/07 16:17:57 | 000,084,852 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Relatório.pdf
[2012/11/05 08:48:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/11/05 08:48:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/10/27 08:32:43 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2012/10/27 06:57:37 | 002,105,132 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\COMPROVANTE.pdf
[2012/10/13 14:38:36 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\PsisRndr.ax
[2012/10/13 14:38:36 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/10/13 14:38:35 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2012/10/13 14:38:35 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/10/13 14:38:35 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\MSDvbNP.ax
[2012/10/13 14:38:35 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/10/13 14:35:55 | 000,001,705 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Presto! PVR.lnk
[2012/09/25 16:00:13 | 000,000,907 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Max Impressão.lnk
[2012/09/20 09:09:29 | 000,001,015 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\HP PrecisionScan LTX.lnk
[2012/09/20 08:41:55 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2012/09/20 08:41:54 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2012/08/24 16:44:30 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Atalho para ESQ.BAT.lnk
[2012/02/13 20:02:07 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\keyfile3.drm
[2011/08/31 17:25:28 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2011/08/23 13:17:17 | 000,000,020 | ---- | C] () -- C:\WINDOWS\hppsapp.INI
[2011/05/09 13:06:35 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/08 09:19:04 | 000,040,960 | ---- | C] () -- C:\Arquivos de programas\Uninstall_CDS.exe
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2011/08/31 17:24:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 23:20:40 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:53:26 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 23:20:41 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/09/19 13:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Big Fish Games
[2013/07/23 17:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
[2013/03/06 13:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GAS Tecnologia
[2013/07/25 10:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin
[2011/05/09 09:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IM
[2011/05/09 09:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IncrediMail
[2012/09/17 13:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Lightcomm
[2012/09/17 12:51:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Oi
[2012/10/27 08:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCap Games
[2012/08/20 17:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCapY
[2012/07/02 12:15:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\3M
[2013/07/23 17:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Dealply
[2012/09/19 17:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\EurekaLog
[2011/05/07 11:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Foxit
[2011/05/08 08:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Foxit Software
[2013/01/18 11:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\IDM
[2011/05/08 08:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Mikrotik
[2012/11/07 15:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\TeamViewer
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 514 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:70216A94_Uni.gbp
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:70216A94_Cef.gbp
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:70216A94_Bb.gbp
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:70216A94_Abn.gbp

< End of report >
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Diana
E o Extra


OTL Extras logfile created on: 25/7/2013 16:04:12 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Financeir\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
 
1013,42 Mb Total Physical Memory | 218,39 Mb Available Physical Memory | 21,55% Memory free
2,40 Gb Paging File | 1,22 Gb Available in Paging File | 50,77% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 109,84 Gb Free Space | 73,70% Space Free | Partition Type: NTFS
Drive Z: | 19,07 Gb Total Space | 12,08 Gb Free Space | 63,33% Space Free | Partition Type: NTFS
 
Computer Name: FINANCEIRO | User Name: Financeir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 360 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Arquivos de programas\Java\jre6\bin\javaw.exe" = C:\Arquivos de programas\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\Financeir\Meus documentos\winbox.exe" = C:\Documents and Settings\Financeir\Meus documentos\winbox.exe:*:Enabled:winbox -- ()
"E:\Arquivos de programas\IncrediMail\Bin\IncMail.exe" = E:\Arquivos de programas\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail
"C:\Arquivos de programas\Google\Google Earth\client\googleearth.exe" = C:\Arquivos de programas\Google\Google Earth\client\googleearth.exe:*:Disabled:Google Earth -- (Google)
"C:\Arquivos de programas\Intelbras\Programador Modulare I e Corp\ProgramadorMC.exe" = C:\Arquivos de programas\Intelbras\Programador Modulare I e Corp\ProgramadorMC.exe:*:Enabled:ProgramadorMC -- ()
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1438B41C-658C-35B7-9253-780F2E0A0B8E}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ptb
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{20A15757-4AE4-3C82-9711-863C84AFE6AA}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{32603085-C839-4226-A1FD-BF8FAE0185CB}" = IncrediMail
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.441
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F31F3B5-C1FF-3708-8611-869DE39C0CB6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PTB
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{6347401C-C260-4B30-9816-8F5A1419CC49}" = SafeSign
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6FBA74BD-149F-4521-B921-FFCC84876864}" = Assistente de Instalação Certisign
"{85E0BA25-A5DE-4499-82C2-B4CE4F513E80}" = Cliente do Windows Rights Management com Service Pack 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110416-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edição 2003
"{90120000-0020-0416-0000-0000000FF1CE}" = Pacote de Compatibilidade para o sistema Office 2007
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9856CFCC-6805-4567-8142-A68CF5B25F4C}" = MySQL Connector/ODBC 3.51
"{98ADF875-648F-3E73-8F3B-010C2464C948}" = Microsoft .NET Framework 4 Extended PTB Language Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{B1FA73D8-AB79-3A2E-81AC-DBBAC155B2FE}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PTB
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BC0DCD27-345B-4013-A6E0-67EC92DF32C8}" = Presto! PVR
"{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{E29D8938-2E48-498C-832D-9663DCABD55F}" = Visual Basic for Applications (R) Core - Portuguese (Brazil)
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Compatibilidade com Versões Anteriores do Cliente do Windows Rights Management SP2
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}" = CorelDRAW Graphics Suite X5 - BR
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"BDE" = BDE
"CCleaner" = CCleaner
"CutePDF Writer Installation" = CutePDF Writer 2.8
"DealPly" = DealPly (remove only)
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Gemplus Smart Card Reader Tools" = Gemplus Smart Card Reader Tools
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"HP PrecisionScan LTX" = HP PrecisionScan LTX
"HP-LaserJet 1020 series" = LaserJet 1020 series
"ie8" = Windows Internet Explorer 8
"IncrediMail" = IncrediMail 2.0
"lyrix@lyrixeeker.co" = LyricXeeker
"Max Impressão" = Max Impressão 1.0
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - ptb" = Pacote de Idiomas do Microsoft .NET Framework 3.5 SP1 - PTB
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil)
"MiPony" = MiPony 1.5.0
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NVIDIA Drivers" = NVIDIA Drivers
"OrderReminder HP LaserJet 1020" = OrderReminder HP LaserJet 1020
"Plants vs. Zombies" = Plants vs. Zombies
"Programador Modulare I, Conecta, Corp 6000 e Corp 8000_is1" = Programador versão 2.53 para PABX Modulare I, Conecta, Corp 600
"programmeroi_is1" = Oi Velox
"PSN" = Post-it® Software Notes Lite
"VIVO INTERNET" = VIVO INTERNET
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dealply" = Dealply
"Emissor de Nota Fiscal Eletrônica (NF-e) 2.0" = Emissor de Nota Fiscal Eletrônica (NF-e) 2.0
"Google Chrome" = Google Chrome
"optimizer_chrome" = Widevine Media Optimizer Chrome 6.0.0
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 25/2/2013 12:09:48 | Computer Name = FINANCEIRO | Source = MsiInstaller | ID = 10005
Description = Produto: Java 7 Update 15 -- Erro interno 2755. 1624, C:\Documents
 and Settings\Financeir\Dados de aplicativos\Sun\Java\jre1.7.0_15\jre1.7.0_15-c.msi
 
Error - 26/3/2013 06:46:57 | Computer Name = FINANCEIRO | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
 
Error - 26/3/2013 07:22:57 | Computer Name = FINANCEIRO | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
 
Error - 28/3/2013 11:38:20 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha digisat.exe, versão 1.0.2.3, módulo com falha
 gbieh.dll, versão 4.0.0.44, endereço com falha 0x000aa796.
 
Error - 7/5/2013 15:43:38 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha , versão 0.0.0.0, endereço com falha 0x00000000.
 
Error - 11/5/2013 10:05:49 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha spider.exe, versão 5.1.2600.5512, módulo com
falha unknown, versão 0.0.0.0, endereço com falha 0xf90d5e65.
 
Error - 24/5/2013 11:39:38 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha kernel32.dll, versão 5.1.2600.6293, endereço com falha 0x000658c0.
 
Error - 24/5/2013 11:48:27 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha kernel32.dll, versão 5.1.2600.6293, endereço com falha 0x000658c0.
 
Error - 13/6/2013 12:42:21 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha hpipcopy.exe, versão 3.2.0.0, módulo com falha
 hpipcopy.exe, versão 3.2.0.0, endereço com falha 0x000171e6.
 
[ System Events ]
Error - 25/7/2013 09:02:59 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 25/7/2013 09:03:48 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 25/7/2013 09:22:56 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10005
Description = Erro "%1058" no DCOM na tentativa de iniciar o serviço wuauserv com
 argumentos ""  para iniciar o servidor:  {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error - 25/7/2013 09:23:06 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10005
Description = Erro "%1058" no DCOM na tentativa de iniciar o serviço wuauserv com
 argumentos ""  para iniciar o servidor:  {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error - 25/7/2013 09:23:06 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10005
Description = Erro "%1058" no DCOM na tentativa de iniciar o serviço wuauserv com
 argumentos ""  para iniciar o servidor:  {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error - 25/7/2013 09:23:27 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10005
Description = Erro "%1058" no DCOM na tentativa de iniciar o serviço wuauserv com
 argumentos ""  para iniciar o servidor:  {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error - 25/7/2013 10:03:47 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 25/7/2013 10:19:13 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 25/7/2013 10:20:06 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 25/7/2013 14:43:22 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
 
< End of report >
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Marcelo
Administrador
Em resposta à esta mensagem postada por Diana
Boa tarde, Diana!

Como nos outros casos, essas janelas podem estar sendo provocadas pelos adwares ou trojans (ambas infecções presentes em sua máquina).

1. Baixe o AdwCleaner e salve no desktop.
2. Dê um duplo clique no programa e clique em Delete e OK.
3. Se pedir para reiniciar o PC, reinicie-o.

Ele vai criar um relatório em seu desktop.

Poste aqui para mim.

Veja se as janelas irão cessar.
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Diana
Olá, bom dia.
Desculpe-me a demora em retornar.

Fiz o solicitado e gerou o seguinte relatorio:


 AdwCleaner v2.306 - Relatório criado em 05/08/2013 às 11:07:49
# Atualizado em 19/07/2013 por Xplode
# Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)
# Usuário : Financeir - FINANCEIRO
# Modo de Boot : Normal
# Executado de : C:\Documents and Settings\Financeir\Desktop\adwcleaner.exe
# Opção [Verificar]


***** [Serviços] *****


***** [Arquivos/Pastas] *****

Arquivo Encontrado : C:\WINDOWS\tasks\Plus-HD-2.3-chromeinstaller.job
Pasta Encontrado : C:\Arquivos de programas\DealPly
Pasta Encontrado : C:\Arquivos de programas\DealPlyLive
Pasta Encontrado : C:\Arquivos de programas\Plus-HD-2.3
Pasta Encontrado : C:\Arquivos de programas\Web Assistant
Pasta Encontrado : C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
Pasta Encontrado : C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\APN
Pasta Encontrado : C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DealPlyLive
Pasta Encontrado : C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Pasta Encontrado : C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf
Pasta Encontrado : C:\Documents and Settings\Financeir\Dados de aplicativos\DealPly
Pasta Encontrado : C:\Documents and Settings\Financeir\Menu Iniciar\Programas\DealPly

***** [Registro] *****

Chave Encontrada : HKCU\Software\Crossrider
Chave Encontrada : HKCU\Software\DealPly
Chave Encontrada : HKCU\Software\IM
Chave Encontrada : HKCU\Software\ImInstaller
Chave Encontrada : HKCU\Software\InstallCore
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Encontrada : HKCU\Software\Softonic
Chave Encontrada : HKCU\Software\Web Assistant
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Chave Encontrada : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Chave Encontrada : HKLM\Software\Conduit
Chave Encontrada : HKLM\Software\DealPly
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Chave Encontrada : HKLM\Software\Iminent
Chave Encontrada : HKLM\Software\ImInstaller
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Encontrada : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Chave Encontrada : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Chave Encontrada : HKLM\Software\Web Assistant
Chave Encontrada : HKU\S-1-5-21-527237240-562591055-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Encontrada : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Navegadores] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registro está limpo.

-\\ Google Chrome v28.0.1500.95

Arquivo : C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Preferences

[OK] Arquivo está limpo.

*************************

AdwCleaner[R1].txt - [9695 octets] - [05/08/2013 11:07:49]

########## EOF - C:\AdwCleaner[R1].txt - [9755 octets] ##########



Em 26 de julho de 2013 12:55, Marcelo [via Fórum Tech Suporte] <[hidden email]> escreveu:
Boa tarde, Diana!

Como nos outros casos, essas janelas podem estar sendo provocadas pelos adwares ou trojans (ambas infecções presentes em sua máquina).

1. Baixe o AdwCleaner e salve no desktop.
2. Execute-o como administradora e clique em Delete e OK.
3. Se pedir para reiniciar o PC, reinicie-o.

Ele vai criar um relatório em seu desktop.

Poste aqui para mim.

Veja se as janelas irão cessar.


Se você responder a este email, a sua mensagem será adicionada à discussão abaixo:
http://forum-tech-suporte.19081.x6.nabble.com/janelas-que-se-abrem-sozinhas-tp4983702p4983715.html
Para remover sua inscrição de janelas que se abrem sozinhas., clique aqui.
NAML

Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Marcelo
Administrador
Olá,

O problema ainda ocorre?
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Diana
Olá!

Ainda ocorre sim.
Agora abre guias no Chrome, e em varios sites ( inclusive no google), janelas com gids animados de propagandas.

Diana


Em 6 de agosto de 2013 02:19, Marcelo [via Fórum Tech Suporte] <[hidden email]> escreveu:
Olá,

O problema ainda ocorre?


Se você responder a este email, a sua mensagem será adicionada à discussão abaixo:
http://forum-tech-suporte.19081.x6.nabble.com/janelas-que-se-abrem-sozinhas-tp4983702p4983767.html
Para remover sua inscrição de janelas que se abrem sozinhas., clique aqui.
NAML

Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Diana
por favor de uma olhada no print da pagina:

Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Marcelo
Administrador
Olá, Diana

Não há print na página.

Por favor, faça um novo log do OTL e poste aqui.
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Diana
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Diana
Em resposta à esta mensagem postada por Marcelo
o relatorio otl

OTL logfile created on: 8/8/2013 08:58:57 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Financeir\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
 
1013,42 Mb Total Physical Memory | 745,09 Mb Available Physical Memory | 73,52% Memory free
2,40 Gb Paging File | 1,87 Gb Available in Paging File | 78,25% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 109,04 Gb Free Space | 73,16% Space Free | Partition Type: NTFS
 
Computer Name: FINANCEIRO | User Name: Financeir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
[color=#E56717]========== Processes (All) ==========[/color]
 
PRC - [2013/08/05 13:14:26 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\FacebookUpdate.exe
PRC - [2013/08/01 21:13:06 | 000,051,992 | ---- | M] (cake bake) -- C:\Arquivos de programas\Web Cake\WebCakeDesktop.Updater.exe
PRC - [2013/07/25 15:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL.exe
PRC - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe
PRC - [2013/07/15 11:23:42 | 000,409,640 | ---- | M] (GAS Tecnologia) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe
PRC - [2012/09/22 08:56:30 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe
PRC - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe
PRC - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
PRC - [2010/11/02 08:36:02 | 019,580,520 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2010/08/17 10:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010/01/13 11:46:36 | 000,166,912 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2010/01/13 11:46:14 | 000,135,680 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2010/01/13 11:46:02 | 000,243,712 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2009/07/24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
PRC - [2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/28 06:14:00 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2008/04/13 23:21:23 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [RPCSS]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [NETWORKSERVICE]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [NETSVCS]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [LOCALSERVICE]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [LOCALSERVICE]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [IMGSVC]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [DCOMLAUNCH]
PRC - [2008/04/13 23:21:19 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008/04/13 23:21:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scardsvr.exe
PRC - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008/04/13 23:20:58 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/13 23:20:54 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008/04/13 23:20:53 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008/04/13 23:20:46 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007/10/17 13:17:08 | 000,163,840 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetcrss1.exe
PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
 
 
[color=#E56717]========== Modules (All) ==========[/color]
 
MOD - [2013/08/05 13:14:26 | 000,686,960 | ---- | M] (Facebook Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\1.2.205.0\goopdate.dll
MOD - [2013/08/05 13:14:26 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\FacebookUpdate.exe
MOD - [2013/08/01 21:13:06 | 000,051,992 | ---- | M] (cake bake) -- C:\Arquivos de programas\Web Cake\WebCakeDesktop.Updater.exe
MOD - [2013/07/30 07:47:08 | 000,853,896 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\goopdate.dll
MOD - [2013/07/25 15:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL.exe
MOD - [2013/07/23 17:25:11 | 000,818,208 | ---- | M] (DealPly Technologies Ltd) -- C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\goopdate.dll
MOD - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe
MOD - [2013/07/15 11:23:42 | 000,409,640 | ---- | M] (GAS Tecnologia) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe
MOD - [2013/07/15 11:23:20 | 001,410,088 | ---- | M] (Banco do Brasil) -- C:\Arquivos de programas\GbPlugin\gbieh.dll
MOD - [2013/06/28 16:33:54 | 001,529,976 | ---- | M] (Banco Real) -- C:\Arquivos de programas\GbPlugin\gbiehabn.dll
MOD - [2013/06/10 14:36:28 | 001,396,792 | ---- | M] (Banco Itaú Unibanco) -- C:\Arquivos de programas\GbPlugin\gbiehuni.dll
MOD - [2013/01/10 02:24:19 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dll
MOD - [2013/01/10 02:24:10 | 000,141,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\5f287bf8e66e3b9bfc5562ad7e3c7857\System.Configuration.Install.ni.dll
MOD - [2013/01/10 02:18:50 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013/01/10 02:18:38 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2012/12/26 12:03:38 | 001,652,584 | ---- | M] (Caixa Economica Federal) -- C:\Arquivos de programas\GbPlugin\gbiehcef.dll
MOD - [2012/11/01 16:42:30 | 011,111,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
MOD - [2012/11/01 09:12:29 | 002,000,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2012/11/01 09:12:29 | 001,212,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2012/11/01 09:12:29 | 000,916,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2012/11/01 09:12:29 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\jsproxy.dll
MOD - [2012/10/09 17:27:00 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
MOD - [2012/10/03 05:44:30 | 000,364,640 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MOD - [2012/10/03 01:57:56 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2012/09/22 08:56:30 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Java\jre7\bin\msvcr100.dll
MOD - [2012/09/22 08:56:30 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe
MOD - [2012/08/31 04:40:10 | 005,915,744 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2012/08/24 10:53:14 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2012/07/06 10:58:41 | 000,337,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2012/07/06 10:58:41 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2012/06/08 11:25:19 | 008,492,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2012/06/04 01:32:08 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2012/06/01 13:49:14 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2012/05/14 06:22:35 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2012/02/29 11:09:51 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2012/02/09 12:43:21 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
MOD - [2012/01/28 12:20:49 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2011/11/16 11:21:43 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2011/11/01 13:07:09 | 001,288,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2011/10/14 11:47:16 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2011/09/26 10:41:20 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2011/06/02 17:15:35 | 000,798,872 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\1.3.21.57\goopdate.dll
MOD - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe
MOD - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
MOD - [2011/03/03 03:54:38 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2011/02/08 10:33:34 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2010/12/22 09:34:17 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2010/12/20 14:32:04 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2010/12/20 14:25:43 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2010/12/09 12:15:17 | 000,734,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2010/11/19 09:03:24 | 000,415,056 | ---- | M] (Scopus Tecnologia Ltda.) -- C:\Arquivos de programas\Scpad\scpMIB.dll
MOD - [2010/11/09 11:52:35 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2010/11/02 08:36:02 | 019,580,520 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
MOD - [2010/08/27 02:53:36 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2010/08/23 13:12:00 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2010/08/23 13:11:58 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/08/17 10:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2010/08/16 05:44:59 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010/03/18 16:47:22 | 000,030,040 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
MOD - [2010/03/18 16:47:22 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\aspnet_counters.dll
MOD - [2010/03/18 13:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr100_clr0400.dll
MOD - [2010/03/18 13:16:28 | 000,413,008 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2010/03/18 13:16:28 | 000,129,880 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
MOD - [2010/03/18 13:16:28 | 000,121,688 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
MOD - [2010/03/18 10:09:00 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll
MOD - [2010/03/18 10:09:00 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll
MOD - [2010/01/26 21:50:50 | 000,212,328 | ---- | M] (Corel Corporation) -- c:\Arquivos de programas\Arquivos comuns\Corel\Shared\Shell Extension\ShellXP.dll
MOD - [2010/01/26 21:50:48 | 000,619,880 | ---- | M] (Corel Corporation) -- c:\Arquivos de programas\Arquivos comuns\Corel\Shared\Shell Extension\FileInfoProvider.dll
MOD - [2010/01/13 11:48:58 | 000,289,280 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxrptb.lrc
MOD - [2010/01/13 11:46:36 | 000,166,912 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
MOD - [2010/01/13 11:46:14 | 000,135,680 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
MOD - [2010/01/13 11:46:04 | 000,051,712 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.dll
MOD - [2010/01/13 11:46:02 | 000,243,712 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
MOD - [2010/01/13 11:45:38 | 000,093,696 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll
MOD - [2010/01/13 11:45:32 | 000,205,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxdev.dll
MOD - [2009/12/08 06:24:25 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009/11/05 08:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2009/10/13 07:34:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2009/10/12 10:39:20 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2009/10/12 10:39:19 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2009/09/11 11:19:14 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2009/09/04 18:04:39 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2009/07/27 20:17:42 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2009/07/24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
MOD - [2009/07/17 16:03:29 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2009/07/17 13:17:04 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2009/07/10 11:52:50 | 000,202,032 | ---- | M] (Scopus Tecnologia Ltda) -- C:\Arquivos de programas\Scpad\scpLIB.dll
MOD - [2009/06/25 05:27:14 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009/06/25 05:27:14 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2009/06/10 03:15:45 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2009/03/08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2009/03/06 11:20:30 | 000,286,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2009/02/09 07:53:26 | 000,683,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009/02/09 07:53:26 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2009/02/09 07:53:26 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2009/02/09 07:53:25 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
MOD - [2009/01/26 15:30:58 | 001,287,000 | ---- | M] (Safer Networking Limited) -- C:\Arquivos de programas\Spybot - Search & Destroy\advcheck.dll
MOD - [2009/01/07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2008/10/23 09:37:45 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008/07/29 12:10:46 | 000,265,720 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\msdbg2.dll
MOD - [2008/07/29 12:10:46 | 000,136,184 | ---- | M] (Microsoft Corporation) -- c:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\csm.dll
MOD - [2008/07/26 00:58:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\pt-BR\ShFusRes.dll
MOD - [2008/07/25 10:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
MOD - [2008/07/25 10:17:02 | 000,027,136 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
MOD - [2008/07/25 10:17:00 | 000,118,784 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
MOD - [2008/07/25 10:17:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
MOD - [2008/07/25 10:16:58 | 000,018,936 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
MOD - [2008/07/25 10:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
MOD - [2008/07/07 17:28:46 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2008/07/06 09:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
MOD - [2008/06/24 13:43:36 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2008/06/20 13:03:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2008/06/12 11:22:42 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2008/06/12 11:22:42 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2008/06/12 11:22:42 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2008/05/19 05:33:20 | 004,445,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2008/04/28 06:14:02 | 001,251,840 | ---- | M] (Hewlett-Packard ) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006U.DLL
MOD - [2008/04/28 06:14:02 | 000,293,888 | ---- | M] (Hewlett-Packard ) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\HP1006S.DLL
MOD - [2008/04/28 06:14:02 | 000,284,160 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\HP1006LM.DLL
MOD - [2008/04/28 06:14:02 | 000,225,280 | ---- | M] (Hewlett-Packard ) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006C.DLL
MOD - [2008/04/28 06:14:02 | 000,082,944 | ---- | M] (Hewlett-Packard ) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006L.DLL
MOD - [2008/04/28 06:14:00 | 000,039,424 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MT.DLL
MOD - [2008/04/28 06:14:00 | 000,006,144 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MP.DLL
MOD - [2008/04/13 23:21:27 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2008/04/13 23:21:27 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2008/04/13 23:21:27 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008/04/13 23:21:27 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2008/04/13 23:21:27 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2008/04/13 23:21:27 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2008/04/13 23:21:27 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2008/04/13 23:21:27 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2008/04/13 23:21:23 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2008/04/13 23:21:19 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2008/04/13 23:20:58 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2008/04/13 23:20:54 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2008/04/13 23:20:46 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2008/04/13 23:20:46 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2008/04/13 23:20:44 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008/04/13 23:20:44 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008/04/13 23:20:44 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008/04/13 23:20:44 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2008/04/13 23:20:44 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008/04/13 23:20:43 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2008/04/13 23:20:43 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Media Player\wmpband.dll
MOD - [2008/04/13 23:20:43 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2008/04/13 23:20:43 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2008/04/13 23:20:42 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll
MOD - [2008/04/13 23:20:42 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008/04/13 23:20:42 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2008/04/13 23:20:42 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2008/04/13 23:20:42 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/13 23:20:42 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2008/04/13 23:20:42 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2008/04/13 23:20:41 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2008/04/13 23:20:41 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2008/04/13 23:20:41 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2008/04/13 23:20:41 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2008/04/13 23:20:41 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2008/04/13 23:20:40 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2008/04/13 23:20:40 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008/04/13 23:20:40 | 000,714,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2008/04/13 23:20:40 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008/04/13 23:20:40 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2008/04/13 23:20:40 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2008/04/13 23:20:40 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2008/04/13 23:20:40 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2008/04/13 23:20:40 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2008/04/13 23:20:40 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008/04/13 23:20:40 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2008/04/13 23:20:40 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2008/04/13 23:20:40 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2008/04/13 23:20:40 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2008/04/13 23:20:40 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2008/04/13 23:20:40 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2008/04/13 23:20:40 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2008/04/13 23:20:40 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2008/04/13 23:20:40 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdmat.dll
MOD - [2008/04/13 23:20:40 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2008/04/13 23:20:40 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008/04/13 23:20:40 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2008/04/13 23:20:40 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2008/04/13 23:20:40 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2008/04/13 23:20:40 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2008/04/13 23:20:40 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vdmdbg.dll
MOD - [2008/04/13 23:20:40 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shfolder.dll
MOD - [2008/04/13 23:20:40 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008/04/13 23:20:40 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2008/04/13 23:20:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2008/04/13 23:20:40 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2008/04/13 23:20:40 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2008/04/13 23:20:40 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2008/04/13 23:20:39 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2008/04/13 23:20:39 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008/04/13 23:20:39 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2008/04/13 23:20:39 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2008/04/13 23:20:38 | 000,673,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2008/04/13 23:20:38 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2008/04/13 23:20:38 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2008/04/13 23:20:38 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasqec.dll
MOD - [2008/04/13 23:20:38 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2008/04/13 23:20:38 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2008/04/13 23:20:38 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2008/04/13 23:20:37 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll
MOD - [2008/04/13 23:20:37 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2008/04/13 23:20:37 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2008/04/13 23:20:37 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2008/04/13 23:20:37 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008/04/13 23:20:37 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2008/04/13 23:20:37 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008/04/13 23:20:37 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qutil.dll
MOD - [2008/04/13 23:20:37 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2008/04/13 23:20:37 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2008/04/13 23:20:37 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2008/04/13 23:20:37 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2008/04/13 23:20:37 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2008/04/13 23:20:37 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2008/04/13 23:20:37 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2008/04/13 23:20:37 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2008/04/13 23:20:37 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2008/04/13 23:20:37 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008/04/13 23:20:37 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2008/04/13 23:20:37 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2008/04/13 23:20:37 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2008/04/13 23:20:37 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2008/04/13 23:20:37 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2008/04/13 23:20:36 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2008/04/13 23:20:36 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2008/04/13 23:20:36 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2008/04/13 23:20:34 | 000,629,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2008/04/13 23:20:34 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008/04/13 23:20:34 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2008/04/13 23:20:34 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008/04/13 23:20:34 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstask.dll
MOD - [2008/04/13 23:20:34 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2008/04/13 23:20:34 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2008/04/13 23:20:34 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2008/04/13 23:20:34 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2008/04/13 23:20:34 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2008/04/13 23:20:34 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2008/04/13 23:20:34 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2008/04/13 23:20:34 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2008/04/13 23:20:33 | 001,000,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2008/04/13 23:20:32 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008/04/13 23:20:32 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\modemui.dll
MOD - [2008/04/13 23:20:32 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2008/04/13 23:20:32 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008/04/13 23:20:32 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2008/04/13 23:20:31 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2008/04/13 23:20:31 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2008/04/13 23:20:30 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2008/04/13 23:20:30 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ksuser.dll
MOD - [2008/04/13 23:20:28 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2008/04/13 23:20:28 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2008/04/13 23:20:28 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2008/04/13 23:20:28 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008/04/13 23:20:28 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008/04/13 23:20:28 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2008/04/13 23:20:28 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2008/04/13 23:20:27 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2008/04/13 23:20:26 | 001,092,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2008/04/13 23:20:26 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
MOD - [2008/04/13 23:20:26 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2008/04/13 23:20:26 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008/04/13 23:20:26 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2008/04/13 23:20:26 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2008/04/13 23:20:26 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2008/04/13 23:20:26 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eapolqec.dll
MOD - [2008/04/13 23:20:26 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2008/04/13 23:20:25 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2008/04/13 23:20:25 | 000,023,552 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2008/04/13 23:20:25 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll
MOD - [2008/04/13 23:20:25 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
MOD - [2008/04/13 23:20:24 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2008/04/13 23:20:24 | 001,025,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2008/04/13 23:20:24 | 000,821,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008/04/13 23:20:24 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2008/04/13 23:20:24 | 000,528,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2008/04/13 23:20:24 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008/04/13 23:20:24 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2008/04/13 23:20:24 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008/04/13 23:20:24 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2008/04/13 23:20:24 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2008/04/13 23:20:24 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2008/04/13 23:20:24 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2008/04/13 23:20:24 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2008/04/13 23:20:24 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2008/04/13 23:20:24 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2008/04/13 23:20:24 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2008/04/13 23:20:24 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2008/04/13 23:20:24 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2008/04/13 23:20:24 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2008/04/13 23:20:24 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2008/04/13 23:20:24 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2008/04/13 23:20:24 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2008/04/13 23:20:24 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2008/04/13 23:20:23 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
MOD - [2008/04/13 23:20:23 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2008/04/13 23:20:23 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2008/04/13 23:20:23 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008/04/13 23:20:23 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2008/04/13 23:20:22 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acadproc.dll
MOD - [2008/04/13 23:19:55 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2008/04/13 23:19:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/13 23:18:53 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2008/04/13 23:18:31 | 000,545,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hhctrl.ocx
MOD - [2008/04/13 23:18:05 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2008/04/13 19:20:42 | 000,995,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008/04/13 15:35:38 | 002,945,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2008/04/13 14:37:57 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2008/04/13 14:37:57 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2008/04/13 13:23:31 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2007/10/24 12:56:42 | 000,737,280 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetpkss1.dll
MOD - [2007/10/18 13:06:18 | 000,077,824 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetsprov.dll
MOD - [2007/10/17 15:28:24 | 000,023,552 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aettask.dll
MOD - [2007/10/17 13:17:08 | 000,163,840 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetcrss1.exe
MOD - [2007/08/29 16:06:10 | 000,106,496 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZSPOOL.DLL
MOD - [2007/07/13 18:39:24 | 000,057,344 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\ZIMFPRNT.DLL
MOD - [2007/07/13 18:39:24 | 000,053,248 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZTAG.DLL
MOD - [2007/07/13 18:39:22 | 000,061,440 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZIMF.DLL
MOD - [2007/07/13 18:39:00 | 000,135,168 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\WINDOWS\system32\CP1215LM.DLL
MOD - [2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
MOD - [2007/04/09 13:23:54 | 000,028,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mdimon.dll
MOD - [2007/03/28 09:54:29 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2006/03/02 09:00:00 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui2.dll
MOD - [2006/03/02 09:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netmsg.dll
MOD - [2006/03/02 09:00:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiavusd.dll
MOD - [2006/03/02 09:00:00 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mui\0016\hhctrlui.dll
MOD - [2006/03/02 09:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2006/03/02 09:00:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprui.dll
MOD - [2006/03/02 09:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2006/03/02 09:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2006/03/02 09:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2006/03/02 09:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasctrs.dll
MOD - [2006/03/02 09:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2006/03/02 09:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2006/03/02 09:00:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2006/03/02 09:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2005/03/18 10:18:56 | 000,086,016 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZLhp1020.dll
MOD - [2005/03/18 10:18:56 | 000,049,152 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\IMFPRINT.DLL
MOD - [2005/03/18 10:18:56 | 000,028,672 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\zlm.dll
MOD - [2005/03/18 10:18:56 | 000,028,672 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\IMF32.DLL
MOD - [2005/03/18 10:18:56 | 000,024,576 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZTAG32.DLL
MOD - [2004/08/04 01:45:28 | 001,483,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\shdocvw.dll
MOD - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
MOD - [2003/06/11 15:21:38 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\1046\MDMUI.DLL
MOD - [2003/03/18 20:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll
MOD - [2003/02/21 04:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll
MOD - [2003/02/21 04:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
 
 
[color=#E56717]========== Services (All) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/08/01 21:13:06 | 000,051,992 | ---- | M] (cake bake) [Auto | Running] -- C:\Arquivos de programas\Web Cake\WebCakeDesktop.Updater.exe -- (WebCakeUpdater)
SRV - [2013/07/25 09:40:44 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Arquivos de programas\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [On_Demand | Stopped] -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe -- (dealplylivem)
SRV - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [Auto | Stopped] -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe -- (dealplylive)
SRV - [2013/07/15 11:23:42 | 000,409,640 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\Arquivos de programas\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2012/09/22 08:56:30 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/06 10:58:41 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2011/05/07 15:29:08 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe -- (gupdatem)
SRV - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe -- (gupdate)
SRV - [2010/08/27 02:53:36 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2010/08/17 10:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009/07/27 20:17:42 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2009/07/27 20:17:42 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/07/27 20:17:42 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2009/07/24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/06/10 03:15:45 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
SRV - [2009/04/20 14:19:39 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2009/02/09 07:53:26 | 000,683,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2009/02/09 07:53:26 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2009/02/09 07:53:26 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
SRV - [2008/07/29 20:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/07/29 18:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/25 10:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/07 17:28:46 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008/06/20 13:03:40 | 000,247,808 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2008/05/19 00:57:42 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 23:21:24 | 000,126,464 | ---- | M] (Microsoft Corporation) [Boot | Stopped] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2008/04/13 23:21:22 | 000,292,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 23:21:21 | 000,073,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2008/04/13 23:21:21 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS)
SRV - [2008/04/13 23:21:18 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008/04/13 23:21:17 | 000,142,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2008/04/13 23:21:17 | 000,099,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2008/04/13 23:21:11 | 000,113,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/13 23:21:11 | 000,113,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/13 23:21:09 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2008/04/13 23:21:07 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 23:21:04 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator)
SRV - [2008/04/13 23:21:02 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/13 23:20:56 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 23:20:55 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 23:20:55 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2008/04/13 23:20:51 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008/04/13 23:20:51 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
SRV - [2008/04/13 23:20:46 | 000,483,840 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008/04/13 23:20:46 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2008/04/13 23:20:46 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/13 23:20:45 | 000,006,656 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 23:20:44 | 000,080,896 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2008/04/13 23:20:43 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/13 23:20:42 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/13 23:20:41 | 000,176,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2008/04/13 23:20:41 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2008/04/13 23:20:41 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/13 23:20:40 | 000,296,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/13 23:20:40 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 23:20:40 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 23:20:40 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2008/04/13 23:20:40 | 000,171,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 23:20:40 | 000,090,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2008/04/13 23:20:40 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008/04/13 23:20:40 | 000,039,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008/04/13 23:20:40 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 23:20:38 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2008/04/13 23:20:38 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2008/04/13 23:20:37 | 000,437,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 23:20:37 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2008/04/13 23:20:37 | 000,292,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent)
SRV - [2008/04/13 23:20:37 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 23:20:37 | 000,038,400 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/13 23:20:34 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/04/13 23:20:34 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN)
SRV - [2008/04/13 23:20:34 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/13 23:20:32 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/13 23:20:30 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc)
SRV - [2008/04/13 23:20:30 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 23:20:28 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/13 23:20:26 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2008/04/13 23:20:26 | 000,023,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008/04/13 23:20:25 | 000,133,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/13 23:20:25 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 23:20:24 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/04/13 23:20:24 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 23:20:24 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/13 23:20:23 | 000,172,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
SRV - [2008/04/13 23:20:23 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2007/06/28 13:43:00 | 000,155,716 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2006/03/02 09:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)
SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
[color=#E56717]========== Driver Services (All) ==========[/color]
 
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ViaIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (perc2)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (mraid35x)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (i2omp)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (hpn)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (dac960nt)
DRV - File not found [Kernel | Disabled | Unknown] --  -- (dac2w2k)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (CmdIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (cd20xrnt)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Atdisk)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (AliIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Abiosdsk)
DRV - [2013/08/08 07:28:57 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (NdisrdMP)
DRV - [2013/08/08 07:28:57 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (Ndisrd)
DRV - [2013/07/01 08:37:46 | 000,046,904 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\gbpkm.sys -- (GbpKm)
DRV - [2012/07/04 11:05:20 | 000,139,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2011/08/17 10:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\afd.sys -- (AFD)
DRV - [2011/07/15 10:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2011/07/08 11:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2011/04/21 10:37:43 | 000,105,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2011/02/17 10:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2011/01/14 04:06:40 | 000,277,352 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010/11/02 12:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2010/11/02 08:36:26 | 006,188,648 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2010/01/13 12:18:36 | 001,730,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2009/11/17 20:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/17 20:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/10/20 13:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/06/24 08:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2008/12/13 11:26:38 | 000,102,400 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/06/20 08:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/04/13 23:21:49 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/13 23:21:49 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/13 23:21:48 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/13 23:02:36 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)
DRV - [2008/04/13 23:02:31 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 23:02:29 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008/04/13 23:02:24 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008/04/13 22:59:07 | 000,153,984 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/13 22:59:00 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 22:58:35 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 22:58:03 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/04/13 22:57:13 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/04/13 22:55:20 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2008/04/13 22:55:19 | 000,053,504 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 22:53:17 | 000,058,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/13 22:53:00 | 000,053,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 22:52:42 | 000,044,672 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/13 22:50:10 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 22:50:05 | 000,188,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008/04/13 22:50:05 | 000,030,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/13 16:28:39 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 16:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/13 16:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 16:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/13 16:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008/04/13 16:19:43 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008/04/13 16:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/13 16:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 16:15:55 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 16:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 16:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 16:14:21 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 15:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 15:57:27 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 15:57:21 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 15:57:15 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/13 15:57:07 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 15:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/13 15:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/13 15:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 15:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 15:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/13 15:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008/04/13 15:51:25 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 15:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/13 15:46:26 | 000,085,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NABTSFEC.sys -- (NABTSFEC)
DRV - [2008/04/13 15:46:24 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC)
DRV - [2008/04/13 15:46:24 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CCDECODE.sys -- (CCDECODE)
DRV - [2008/04/13 15:46:24 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SLIP.sys -- (SLIP)
DRV - [2008/04/13 15:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StreamIP.sys -- (streamip)
DRV - [2008/04/13 15:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/04/13 15:46:22 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NdisIP.sys -- (NdisIP)
DRV - [2008/04/13 15:46:20 | 000,121,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbvideo.sys -- (usbvideo)
DRV - [2008/04/13 15:45:40 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/04/13 15:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2008/04/13 15:45:37 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/13 15:45:35 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/13 15:45:35 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/04/13 15:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/04/13 15:45:27 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (hidusb)
DRV - [2008/04/13 15:45:13 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 15:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio)
DRV - [2008/04/13 15:45:09 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/13 15:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/13 15:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/13 15:45:01 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic)
DRV - [2008/04/13 15:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 15:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/13 15:40:49 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 15:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 15:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008/04/13 15:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 15:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008/04/13 15:40:25 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/13 15:40:25 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 15:40:12 | 000,015,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum)
DRV - [2008/04/13 15:39:53 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/13 15:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 15:39:51 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 15:39:50 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE)
DRV - [2008/04/13 15:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 15:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/13 15:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 15:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 15:32:59 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2008/04/13 15:32:51 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 15:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 15:32:39 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/13 15:32:39 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/13 15:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 13:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008/04/13 13:39:16 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008/04/13 13:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/10/25 13:50:26 | 000,062,848 | ---- | M] (ASICEN) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AsicenUSBDTVBDA_DM011.sys -- (AsicenUSBDTV_DM011)
DRV - [2007/06/28 13:43:00 | 006,807,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/12/01 13:48:22 | 000,020,992 | ---- | M] (ASICEN) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AS11Loader.sys -- (AS11Loader)
DRV - [2006/03/02 09:00:00 | 000,125,824 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2006/03/02 09:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2006/03/02 09:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2006/03/02 09:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2006/03/02 09:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2006/03/02 09:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2006/03/02 09:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2006/03/02 09:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2006/03/02 09:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2006/03/02 09:00:00 | 000,011,904 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2006/03/02 09:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2006/03/02 09:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2006/03/02 09:00:00 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2006/03/02 09:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2006/03/02 09:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2006/03/02 09:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2006/03/02 09:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2006/03/02 09:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2006/03/02 09:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2006/03/02 09:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)
DRV - [2004/06/28 10:06:26 | 000,061,840 | ---- | M] (Gemplus) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTwinUSB.sys -- (GTwinUSB)
DRV - [2003/12/05 06:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/10/16 10:44:04 | 000,082,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cyg_ser.sys -- (cyg_ser)
DRV - [2003/10/16 10:43:20 | 000,051,040 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cyg_bus.sys -- (cyg_bus)
DRV - [2001/09/05 23:17:14 | 000,003,456 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2001/08/17 18:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
 
 
[color=#E56717]========== Standard Registry (All) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = <a href="http://search.live.com/results.aspx?q={searchTerms}&amp;src={referrer:source">http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}: "URL" = <a href="http://www.google.com/search?q={searchTerms}&amp;rls=com.microsoft:{language}:{referrer:source?}&amp;ie={inputEncoding}&amp;oe={outputEncoding}&amp;sourceid=ie7">http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://br.msn.com/
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ [binary data]
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes,DefaultScope = {FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;src=IE-SearchBox&amp;FORM=IE8SRC">http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;FORM=IE8SRC">http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{B3FD69ED-2469-4493-9F02-38212A7C3E72}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;form=MSNIE8&amp;pc=MSNIE8&amp;src=IE-SearchBox">http://www.bing.com/search?q={searchTerms}&form=MSNIE8&pc=MSNIE8&src=IE-SearchBox
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}: "URL" = <a href="http://www.google.pt/search?q={searchTerms}&amp;rls=com.microsoft:{language}:{referrer:source?}&amp;ie={inputEncoding}&amp;oe={outputEncoding}&amp;sourceid=ie7&amp;rlz=1I7GGHP_pt-BR">http://www.google.pt/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_pt-BR
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Arquivos de programas\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3: C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9: C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Arquivos de programas\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Arquivos de programas\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Dados de aplicativos\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/05/07 15:29:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2012/11/06 02:25:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Arquivos de programas\Web Assistant\Firefox [2012/06/04 15:39:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[hidden email]: C:\Arquivos de programas\LyriXeeker\125.xpi [2013/07/23 17:25:42 | 000,007,064 | ---- | M] ()
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\npbrowserext.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Arquivos de programas\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Update\1.3.21.53\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Arquivos de programas\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Bejeweled = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Radio Do Brasil = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh\1.0.56_0\
CHR - Extension: Play Parole = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dfigpchbljbamamhkecemhceioapljbn\1.0_0\
CHR - Extension: Web Assistant = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\
CHR - Extension: Fruit Ninja = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\eofdejdahdbbmnibkpgbfknnpbhpbcad\1.6_0\
CHR - Extension: Web Cake = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0\
CHR - Extension: Voicenote - fala em texto. = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfmldhibfm\2.4.22_0\
CHR - Extension: Bubble Shooter-HD = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.2.0_0\
CHR - Extension: Pursuit of Hat = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\jepniedfbdhmplhbjffedeomcaopopob\1.1_0\
CHR - Extension: Hatsune Miku = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\kigfdicgjnpjkhbnngdfgjfffmdaonfg\2_0\
CHR - Extension: Super Stacker 2 = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\klemmckdcnieolllgjgbniaeehggmano\3.0_0\
CHR - Extension: Crackle Brazil = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\lflobbippdgfecmbdgjdejahlimggpef\1.0.0_0\
CHR - Extension: Poppit = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Editor de HQs = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mhfajnocemhaofoiejdekipegedfeeni\1.4_0\
CHR - Extension: DealPly  Shopping = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.5.0.0_0\
CHR - Extension: Mahjong Solitaire = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\neojceinbonpjjcokpokpeobkhcpiloc\1.0.0.2_0\
CHR - Extension: Gomoku = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nhhdgipkbgjblbgjlbakfffjbffpdblo\1.0.11_0\
CHR - Extension: LyricXeeker = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\odnofacmifkjndflfmmplhckcbfjckhj\1.125_0\
CHR - Extension: Psykopaint = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\
CHR - Extension: Psykopaint = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\.bak
 
O1 HOSTS File: ([2012/12/05 13:59:59 | 000,000,774 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (ssh2 Class) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll (Scopus Tecnologia Ltda)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Arquivos de programas\Web Assistant\Extension32.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {DF89BC70-AC87-4A31-ACD5-7417E2CF1209} - No CLSID value found.
O3 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\Toolbar\ShellBrowser: (E&ndereço) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [CertificateRegistration] C:\WINDOWS\System32\aetcrss1.exe (A.E.T. Europe B.V.)
O4 - HKLM..\Run: [gemstrmw] C:\WINDOWS\System32\gemstrmw.exe (Gemplus)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-527237240-562591055-839522115-1003..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-527237240-562591055-839522115-1003..\Run: [Facebook Update] C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-527237240-562591055-839522115-1003..\Run: [Google Update] C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-527237240-562591055-839522115-1003..\Run: [SpybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [SymInstallStub] C:\WINDOWS\System32\Adobe\Shockwave 11\SymInstallStub.exe (Symantec Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de programas\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www14] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www2] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancoreal.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancosantander.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancosantander.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bb.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([imagem] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([internetbanking] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([internetbanking] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([bankline] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([guardiao] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([www2] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([wwws] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([wwws] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santander.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santander.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santanderempresarial.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santanderempresarial.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws2] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws2] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernetibe.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernetibe.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: secureweb.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: secureweb.com.br ([www] https in Sites confiáveis)
O16 - DPF: {2DEF4530-8CE6-41C9-84B6-A54536C90213} http://cob.bancovw.com.br/viewer9/activeXViewer/activexviewer.cab (Crystal Report Viewer Control 9)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1304768064948 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1307534482359 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} https://imagem.caixa.gov.br/cab/GBPDIST2K.CAB (GbpDistObj Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39F8FD3D-2667-4A1F-94A7-26E219669948}: NameServer = 192.168.1.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - HKU\S-1-5-21-527237240-562591055-839522115-1003 Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginAbn: DllName - (C:\Arquivos de programas\GbPlugin\gbiehAbn.dll) - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Arquivos de programas\GbPlugin\gbieh.dll) - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\Arquivos de programas\GbPlugin\gbiehCef.dll) - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\Arquivos de programas\GbPlugin\gbiehUni.dll) - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Pré-carregador Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Daemon de cache de categorias de componente - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {A3717295-941D-416F-9384-ED1736729F1C} - scpLIB - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O24 - Desktop WallPaper: C:\Documents and Settings\Financeir\Meus documentos\Minhas imagens\mhb.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Financeir\Meus documentos\Minhas imagens\mhb.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/03/08 12:19:42 | 000,000,021 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2b07deea-95e4-11e1-92c0-001fd0fef641}\Shell - "" = AutoRun
O33 - MountPoints2\{2b07deea-95e4-11e1-92c0-001fd0fef641}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{64998505-7fac-11e0-983c-001fd0fef641}\Shell - "" = AutoRun
O33 - MountPoints2\{64998505-7fac-11e0-983c-001fd0fef641}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{64998507-7fac-11e0-983c-001fd0fef641}\Shell - "" = AutoRun
O33 - MountPoints2\{64998507-7fac-11e0-983c-001fd0fef641}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b65734b8-f8d9-11e0-91f7-001fd0fef641}\Shell - "" = AutoRun
O33 - MountPoints2\{b65734b8-f8d9-11e0-91f7-001fd0fef641}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 360 Days ==========[/color]
 
[2013/08/07 14:48:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Skype
[2013/08/07 14:48:04 | 000,000,000 | R--D | C] -- C:\Arquivos de programas\Skype
[2013/08/07 14:48:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Skype
[2013/08/07 14:48:04 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Skype
[2013/08/07 14:47:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Skype
[2013/08/07 09:52:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Web Cake
[2013/08/07 09:52:29 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Web Cake
[2013/08/07 09:51:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer
[2013/08/05 12:44:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook
[2013/08/05 11:36:49 | 002,349,096 | ---- | C] (Banco do Brasil SA) -- C:\Documents and Settings\Financeir\Meus documentos\DiagnosticoBB.exe
[2013/08/02 08:07:08 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Plus-HD-2.3
[2013/07/25 15:54:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL.exe
[2013/07/25 11:23:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Financeir\Recent
[2013/07/23 17:25:42 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\LyriXeeker
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DealPlyLive
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\DealPlyLive
[2013/07/23 17:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Dealply
[2013/07/23 17:25:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\DealPly
[2013/07/23 17:25:05 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\DealPly
[2013/07/23 17:21:42 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2013/07/23 17:21:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2013/07/23 17:21:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2013/05/24 13:15:48 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxCoIn_v5218.dll
[2013/05/24 12:23:40 | 000,024,576 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\gemstrmw.exe
[2013/05/24 12:23:21 | 000,061,840 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\drivers\GTwinUSB.sys
[2013/05/24 12:23:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Gemplus
[2013/05/24 12:09:41 | 000,000,000 | ---D | C] -- C:\database
[2013/05/22 09:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Lucano
[2013/05/21 08:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\Escaneamentos
[2013/05/04 10:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\cielo extratos
[2013/04/26 15:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Cao
[2013/04/15 09:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\trix.therebels.tonybennett.duets2.2012
[2013/03/05 09:56:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\GAS Tecnologia
[2013/01/28 14:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\CATALOGOS
[2013/01/28 14:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Atalhos para produtos em vidro temperado
[2013/01/18 11:55:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2013/01/18 11:51:16 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/01/18 11:07:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2013/01/16 13:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\IDM
[2012/11/07 15:44:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\TeamViewer
[2012/11/06 02:04:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\MSXML 4.0
[2012/11/06 02:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Silverlight
[2012/11/05 09:15:11 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012/11/01 23:04:06 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2012/11/01 15:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\PopCap Games
[2012/10/27 08:23:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCap Games
[2012/10/25 15:01:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/10/13 14:42:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Newsoft
[2012/10/13 14:39:09 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2012/10/13 14:39:07 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MPE.sys
[2012/10/13 14:39:07 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2012/10/13 14:39:04 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2012/10/13 14:39:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2012/10/13 14:39:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2012/10/13 14:39:02 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2012/10/13 14:38:59 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2012/10/13 14:38:56 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2012/10/13 14:38:54 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2012/10/13 14:38:51 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2012/10/13 14:38:36 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2012/10/13 14:38:36 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2012/10/13 14:38:35 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2012/10/13 14:38:35 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2012/10/13 14:38:35 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2012/10/13 14:38:35 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2012/10/13 14:38:35 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2012/10/13 14:38:35 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2012/10/13 14:38:35 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\BdaSup.sys
[2012/10/13 14:38:35 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2012/10/13 14:38:34 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2012/10/13 14:38:34 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\BdaPlgIn.ax
[2012/10/13 14:36:21 | 000,020,992 | ---- | C] (ASICEN) -- C:\WINDOWS\System32\drivers\AS11Loader.sys
[2012/10/13 14:36:11 | 000,062,848 | ---- | C] (ASICEN) -- C:\WINDOWS\System32\drivers\AsicenUSBDTVBDA_DM011.sys
[2012/10/13 14:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\InstallShield
[2012/10/13 14:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\NewSoft
[2012/10/13 14:35:36 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\NewSoft
[2012/10/13 14:35:32 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\NewSoft
[2012/10/02 15:04:32 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\synceng.dll
[2012/09/28 11:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\FORMULARIO MHB
[2012/09/25 16:00:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\Max Impressão
[2012/09/25 16:00:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Maxprint
[2012/09/22 08:57:00 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Java
[2012/09/22 08:56:53 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/09/22 08:56:39 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/09/21 14:10:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Sun
[2012/09/20 17:26:45 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012/09/20 13:25:49 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Silverlight
[2012/09/20 08:42:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\HP PrecisionScan LTX
[2012/09/20 08:41:55 | 000,350,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltkrn70n.dll
[2012/09/20 08:41:55 | 000,118,784 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpsjvset.dll
[2012/09/20 08:41:55 | 000,111,104 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpng70n.dll
[2012/09/20 08:41:55 | 000,093,184 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lftif70n.dll
[2012/09/20 08:41:55 | 000,055,296 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltfil70n.DLL
[2012/09/20 08:41:55 | 000,035,328 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffpx70n.dll
[2012/09/20 08:41:55 | 000,032,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfgif70n.dll
[2012/09/20 08:41:55 | 000,032,768 | ---- | C] (Hewlett-Packard, GHC) -- C:\WINDOWS\System32\hpgreg32.dll
[2012/09/20 08:41:55 | 000,032,768 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpsj32.dll
[2012/09/20 08:41:55 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcx70n.dll
[2012/09/20 08:41:54 | 000,667,648 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\ipeistor12.dll
[2012/09/20 08:41:54 | 000,331,776 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\ipebase12.dll
[2012/09/20 08:41:54 | 000,224,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LFCMP70n.DLL
[2012/09/20 08:41:54 | 000,077,824 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\ipeapi12.dll
[2012/09/20 08:41:54 | 000,055,808 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffax70n.dll
[2012/09/19 17:18:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\EurekaLog
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Oi
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Oi
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Lightcomm
[2012/09/17 12:51:41 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Oi
[2012/09/08 16:54:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\CyberLink
[2012/09/08 16:54:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\CyberLink
[2012/08/20 17:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCapY
[2012/08/20 11:04:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\PopCap Games
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Arquivos de programas\*.tmp files -> C:\Arquivos de programas\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Financeir\*.tmp files -> C:\Documents and Settings\Financeir\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 360 Days ==========[/color]
 
[2013/08/08 08:50:40 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/08/08 07:29:01 | 000,000,634 | ---- | M] () -- C:\WINDOWS\tasks\Norton Product Installer.job
[2013/08/08 07:28:57 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) -- C:\WINDOWS\System32\drivers\GbpNdisrd.sys
[2013/08/08 07:27:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/08/07 17:10:01 | 000,002,315 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/08/07 07:40:07 | 000,001,080 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG
[2013/08/05 13:14:44 | 000,001,012 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1003Core1ce91f6e5ec6902.job
[2013/08/05 11:36:49 | 002,349,096 | ---- | M] (Banco do Brasil SA) -- C:\Documents and Settings\Financeir\Meus documentos\DiagnosticoBB.exe
[2013/08/05 10:56:42 | 000,666,633 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\adwcleaner.exe
[2013/08/05 07:31:34 | 000,001,997 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Norton Product Installer.lnk
[2013/08/04 18:13:48 | 000,000,642 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Product InstallerIdle.job
[2013/08/04 10:20:23 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/08/02 08:07:10 | 000,001,924 | ---- | M] () -- C:\WINDOWS\tasks\Plus-HD-2.3-chromeinstaller.job
[2013/08/01 19:11:45 | 000,002,444 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Google Chrome.lnk
[2013/07/30 07:47:18 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1003Core1ce8d12293a3846.job
[2013/07/25 15:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL.exe
[2013/07/25 09:05:18 | 000,209,696 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/23 17:25:15 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2013/07/23 17:25:03 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\LyricXeeker Update.job
[2013/07/11 14:21:01 | 000,000,020 | ---- | M] () -- C:\WINDOWS\hppsapp.INI
[2013/07/01 08:37:46 | 000,046,904 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\System32\drivers\gbpkm.sys
[2013/06/08 09:16:14 | 000,000,192 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\HP LaserJet P1005.lnk
[2013/05/16 13:08:13 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1006Core1ce524f91476a96.job
[2013/05/07 12:49:21 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1003Core1ce4b3a709f5680.job
[2013/04/10 10:15:31 | 000,006,779 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\carta.pdf
[2013/04/09 13:09:42 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/06 10:51:38 | 000,036,924 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Itau.pdf
[2013/04/04 11:14:11 | 000,000,421 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2013/04/04 09:27:50 | 000,117,287 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\Portalex 2.jpg
[2013/04/04 09:26:12 | 000,462,353 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\portalex.png
[2013/04/03 11:16:41 | 000,056,410 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\pagam.pdf
[2013/04/02 10:20:24 | 000,208,406 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Temperminas.pdf
[2013/04/01 12:27:44 | 000,531,165 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\cielo.pdf
[2013/03/26 07:49:11 | 000,536,692 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat
[2013/03/26 07:49:11 | 000,501,962 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/03/26 07:49:11 | 000,097,690 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat
[2013/03/26 07:49:11 | 000,087,398 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/03/12 08:28:02 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio4.bmp
[2013/03/07 17:32:01 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio3.bmp
[2013/03/07 17:31:15 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio2.bmp
[2013/03/07 17:30:23 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio1.bmp
[2013/03/07 17:28:55 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio.bmp
[2013/02/05 13:19:32 | 000,104,107 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\orc2.jpg
[2013/02/05 13:14:33 | 000,138,445 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\orc1.jpg
[2013/01/29 09:34:28 | 000,013,467 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\caixa hoje.pdf
[2013/01/06 02:33:53 | 006,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2012/12/16 09:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2012/12/16 09:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2012/12/07 13:39:05 | 000,111,595 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\PortaGenilson.pdf
[2012/12/05 13:59:59 | 000,000,774 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/11/23 07:44:31 | 000,458,136 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\tela tablet.pdf
[2012/11/13 08:55:14 | 001,866,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2012/11/13 08:55:14 | 001,866,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2012/11/12 08:07:05 | 000,078,583 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\santander.pdf
[2012/11/12 07:07:41 | 000,129,828 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\156797.pdf
[2012/11/10 14:30:10 | 000,053,699 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\EXTRATO DIGISAT ATE JULHO 2012.pdf
[2012/11/09 14:09:52 | 011,934,054 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\CompEndeço.bmp
[2012/11/07 16:17:58 | 000,084,852 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\Relatório.pdf
[2012/11/05 23:00:50 | 001,371,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2012/11/03 13:11:43 | 000,000,025 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2012/11/01 23:04:06 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll
[2012/11/01 23:04:06 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2012/11/01 16:42:30 | 011,111,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2012/11/01 09:12:29 | 002,000,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2012/11/01 09:12:29 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2012/11/01 09:12:29 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2012/11/01 09:12:29 | 001,212,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2012/11/01 09:12:29 | 000,916,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2012/11/01 09:12:29 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012/11/01 09:12:29 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2012/11/01 09:12:29 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2012/11/01 09:12:29 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2012/11/01 09:12:29 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2012/11/01 09:12:29 | 000,521,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012/11/01 09:12:29 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2012/11/01 09:12:29 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2012/11/01 09:12:29 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2012/11/01 09:12:29 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2012/11/01 09:12:29 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2012/11/01 09:12:29 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2012/11/01 09:12:29 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2012/11/01 09:12:29 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2012/11/01 09:12:29 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2012/11/01 09:12:29 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2012/11/01 09:12:29 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2012/11/01 09:12:29 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2012/11/01 09:12:29 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2012/11/01 09:12:29 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2012/10/31 21:35:49 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2012/10/31 21:35:49 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2012/10/31 21:35:48 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2012/10/27 06:57:41 | 002,105,132 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\COMPROVANTE.pdf
[2012/10/13 14:35:55 | 000,001,705 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Presto! PVR.lnk
[2012/10/03 01:57:56 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2012/10/02 15:04:32 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\synceng.dll
[2012/10/02 15:04:32 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\synceng.dll
[2012/09/26 15:26:33 | 000,050,120 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL SETEMBRO.pdf
[2012/09/26 15:25:46 | 000,051,354 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL AGOSTO.pdf
[2012/09/26 15:18:39 | 000,050,298 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JULHO.pdf
[2012/09/26 15:12:33 | 000,050,311 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JUNHO.pdf
[2012/09/26 14:56:30 | 000,050,804 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL MAIO.pdf
[2012/09/25 16:00:13 | 000,000,907 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Max Impressão.lnk
[2012/09/22 08:56:31 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/09/22 08:56:30 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/09/22 08:56:30 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/09/22 08:56:30 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/09/22 08:56:30 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/09/22 08:56:29 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012/09/22 08:56:29 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012/09/22 08:37:30 | 000,002,206 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Emissor de Nota Fiscal Eletrônica (NF-e) 2.0.lnk
[2012/09/21 15:31:17 | 000,019,462 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil jul.pdf
[2012/09/21 15:30:27 | 000,020,737 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil ago.pdf
[2012/09/21 15:29:45 | 000,019,180 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil set.pdf
[2012/09/20 08:42:00 | 000,001,015 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\HP PrecisionScan LTX.lnk
[2012/09/03 19:32:40 | 000,010,265 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil.pdf
[2012/08/24 16:46:04 | 000,000,622 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Atalho para ESQ.BAT.lnk
[2012/08/24 10:53:14 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll
[2012/08/23 03:27:14 | 002,073,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2012/08/23 03:27:13 | 002,197,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2012/08/23 03:27:12 | 002,152,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2012/08/23 03:27:12 | 002,152,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2012/08/23 03:27:11 | 002,031,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2012/08/23 03:27:11 | 002,031,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Arquivos de programas\*.tmp files -> C:\Arquivos de programas\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Financeir\*.tmp files -> C:\Documents and Settings\Financeir\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/08/07 14:48:04 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/08/05 13:14:44 | 000,001,012 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1003Core1ce91f6e5ec6902.job
[2013/08/05 10:56:29 | 000,666,633 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\adwcleaner.exe
[2013/08/05 07:31:34 | 000,002,003 | ---- | C] () -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\Norton Product Installer.lnk
[2013/08/05 07:31:34 | 000,001,997 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Norton Product Installer.lnk
[2013/08/02 08:07:10 | 000,001,924 | ---- | C] () -- C:\WINDOWS\tasks\Plus-HD-2.3-chromeinstaller.job
[2013/07/30 07:47:18 | 000,001,132 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1003Core1ce8d12293a3846.job
[2013/07/23 17:25:15 | 000,000,912 | ---- | C] () -- C:\WINDOWS\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2013/07/23 17:25:03 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\LyricXeeker Update.job
[2013/06/08 09:16:14 | 000,000,192 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\HP LaserJet P1005.lnk
[2013/05/24 13:15:48 | 001,674,683 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2013/05/24 13:15:48 | 000,001,023 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2013/05/16 13:08:13 | 000,001,120 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1006Core1ce524f91476a96.job
[2013/05/07 12:49:21 | 000,001,132 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1003Core1ce4b3a709f5680.job
[2013/04/10 11:25:00 | 000,006,779 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\carta.pdf
[2013/04/06 10:51:32 | 000,036,924 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Itau.pdf
[2013/04/04 09:27:50 | 000,117,287 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Portalex 2.jpg
[2013/04/04 09:26:09 | 000,462,353 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\portalex.png
[2013/04/03 11:16:40 | 000,056,410 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\pagam.pdf
[2013/04/02 10:20:21 | 000,208,406 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Temperminas.pdf
[2013/04/01 12:27:38 | 000,531,165 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\cielo.pdf
[2013/03/12 08:28:02 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio4.bmp
[2013/03/07 17:32:01 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio3.bmp
[2013/03/07 17:31:15 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio2.bmp
[2013/03/07 17:30:23 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio1.bmp
[2013/03/07 17:28:54 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio.bmp
[2013/02/07 11:51:24 | 000,000,481 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Notepad  IMPRESSO.lnk
[2013/02/05 13:19:03 | 000,104,107 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\orc2.jpg
[2013/02/05 13:14:04 | 000,138,445 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\orc1.jpg
[2013/01/29 09:34:27 | 000,013,467 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\caixa hoje.pdf
[2013/01/18 11:09:40 | 000,000,642 | -H-- | C] () -- C:\WINDOWS\tasks\Norton Product InstallerIdle.job
[2013/01/18 11:09:40 | 000,000,634 | ---- | C] () -- C:\WINDOWS\tasks\Norton Product Installer.job
[2012/12/07 13:40:38 | 000,111,595 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\PortaGenilson.pdf
[2012/11/23 07:44:29 | 000,458,136 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\tela tablet.pdf
[2012/11/12 08:17:48 | 000,129,828 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\156797.pdf
[2012/11/12 08:17:39 | 000,078,583 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\santander.pdf
[2012/11/10 14:35:24 | 000,051,354 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL AGOSTO.pdf
[2012/11/10 14:35:24 | 000,050,298 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JULHO.pdf
[2012/11/10 14:35:24 | 000,050,120 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL SETEMBRO.pdf
[2012/11/10 14:35:24 | 000,020,737 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil ago.pdf
[2012/11/10 14:35:24 | 000,019,462 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil jul.pdf
[2012/11/10 14:35:24 | 000,019,180 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil set.pdf
[2012/11/10 14:35:24 | 000,010,265 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil.pdf
[2012/11/10 14:35:23 | 000,050,804 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL MAIO.pdf
[2012/11/10 14:35:23 | 000,050,311 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JUNHO.pdf
[2012/11/10 14:30:07 | 000,053,699 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\EXTRATO DIGISAT ATE JULHO 2012.pdf
[2012/11/09 14:09:51 | 011,934,054 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\CompEndeço.bmp
[2012/11/09 14:07:20 | 000,025,823 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\comprovante_insc_KeD.pdf
[2012/11/07 16:17:57 | 000,084,852 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Relatório.pdf
[2012/11/05 08:48:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/11/05 08:48:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/10/27 08:32:43 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2012/10/27 06:57:37 | 002,105,132 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\COMPROVANTE.pdf
[2012/10/13 14:38:36 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\PsisRndr.ax
[2012/10/13 14:38:36 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/10/13 14:38:35 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2012/10/13 14:38:35 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/10/13 14:38:35 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\MSDvbNP.ax
[2012/10/13 14:38:35 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/10/13 14:35:55 | 000,001,705 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Presto! PVR.lnk
[2012/09/25 16:00:13 | 000,000,907 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Max Impressão.lnk
[2012/09/20 09:09:29 | 000,001,015 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\HP PrecisionScan LTX.lnk
[2012/09/20 08:41:55 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2012/09/20 08:41:54 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2012/08/24 16:44:30 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Atalho para ESQ.BAT.lnk
[2012/02/13 20:02:07 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\keyfile3.drm
[2011/08/31 17:25:28 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2011/08/23 13:17:17 | 000,000,020 | ---- | C] () -- C:\WINDOWS\hppsapp.INI
[2011/05/09 13:06:35 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/08 09:19:04 | 000,040,960 | ---- | C] () -- C:\Arquivos de programas\Uninstall_CDS.exe
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2011/08/31 17:24:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 23:20:40 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:53:26 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 23:20:41 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/09/19 13:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Big Fish Games
[2013/07/23 17:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
[2013/03/06 13:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GAS Tecnologia
[2013/08/06 07:54:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin
[2011/05/09 09:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IM
[2011/05/09 09:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IncrediMail
[2012/09/17 13:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Lightcomm
[2012/09/17 12:51:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Oi
[2012/10/27 08:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCap Games
[2012/08/20 17:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCapY
[2013/08/07 09:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer
[2012/07/02 12:15:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\3M
[2013/07/23 17:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Dealply
[2012/09/19 17:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\EurekaLog
[2011/05/07 11:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Foxit
[2011/05/08 08:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Foxit Software
[2013/01/18 11:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\IDM
[2011/05/08 08:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Mikrotik
[2012/11/07 15:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\TeamViewer
[2013/08/07 16:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Web Cake
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 514 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:70216A94_Uni.gbp
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:70216A94_Cef.gbp
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:70216A94_Bb.gbp
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:70216A94_Abn.gbp

< End of report >



Em 7 de agosto de 2013 15:42, Marcelo [via Fórum Tech Suporte] <[hidden email]> escreveu:
Olá, Diana

Não há print na página.

Por favor, faça um novo log do OTL e poste aqui.


Se você responder a este email, a sua mensagem será adicionada à discussão abaixo:
http://forum-tech-suporte.19081.x6.nabble.com/janelas-que-se-abrem-sozinhas-tp4983702p4983780.html
Para remover sua inscrição de janelas que se abrem sozinhas., clique aqui.
NAML

Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Diana
Em resposta à esta mensagem postada por Marcelo
o relatorio extras

OTL Extras logfile created on: 8/8/2013 08:58:57 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Financeir\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
 
1013,42 Mb Total Physical Memory | 745,09 Mb Available Physical Memory | 73,52% Memory free
2,40 Gb Paging File | 1,87 Gb Available in Paging File | 78,25% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 109,04 Gb Free Space | 73,16% Space Free | Partition Type: NTFS
 
Computer Name: FINANCEIRO | User Name: Financeir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
[color=#E56717]========== Extra Registry (All) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Arquivos de programas\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Arquivos de programas\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Arquivos de programas\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Arquivos de programas\Java\jre6\bin\javaw.exe" = C:\Arquivos de programas\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\Financeir\Meus documentos\winbox.exe" = C:\Documents and Settings\Financeir\Meus documentos\winbox.exe:*:Enabled:winbox -- ()
"E:\Arquivos de programas\IncrediMail\Bin\IncMail.exe" = E:\Arquivos de programas\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail
"C:\Arquivos de programas\Google\Google Earth\client\googleearth.exe" = C:\Arquivos de programas\Google\Google Earth\client\googleearth.exe:*:Disabled:Google Earth -- (Google)
"C:\Arquivos de programas\Intelbras\Programador Modulare I e Corp\ProgramadorMC.exe" = C:\Arquivos de programas\Intelbras\Programador Modulare I e Corp\ProgramadorMC.exe:*:Enabled:ProgramadorMC -- ()
"C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin
"C:\Arquivos de programas\Skype\Phone\Skype.exe" = C:\Arquivos de programas\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1438B41C-658C-35B7-9253-780F2E0A0B8E}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ptb
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{20A15757-4AE4-3C82-9711-863C84AFE6AA}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{32603085-C839-4226-A1FD-BF8FAE0185CB}" = IncrediMail
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.441
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F31F3B5-C1FF-3708-8611-869DE39C0CB6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PTB
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{6347401C-C260-4B30-9816-8F5A1419CC49}" = SafeSign
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6FBA74BD-149F-4521-B921-FFCC84876864}" = Assistente de Instalação Certisign
"{85E0BA25-A5DE-4499-82C2-B4CE4F513E80}" = Cliente do Windows Rights Management com Service Pack 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110416-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edição 2003
"{90120000-0020-0416-0000-0000000FF1CE}" = Pacote de Compatibilidade para o sistema Office 2007
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9856CFCC-6805-4567-8142-A68CF5B25F4C}" = MySQL Connector/ODBC 3.51
"{98ADF875-648F-3E73-8F3B-010C2464C948}" = Microsoft .NET Framework 4 Extended PTB Language Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{B1FA73D8-AB79-3A2E-81AC-DBBAC155B2FE}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PTB
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BC0DCD27-345B-4013-A6E0-67EC92DF32C8}" = Presto! PVR
"{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}" = Web Cake 3.00
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{E29D8938-2E48-498C-832D-9663DCABD55F}" = Visual Basic for Applications (R) Core - Portuguese (Brazil)
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Compatibilidade com Versões Anteriores do Cliente do Windows Rights Management SP2
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}" = CorelDRAW Graphics Suite X5 - BR
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"BDE" = BDE
"CCleaner" = CCleaner
"CutePDF Writer Installation" = CutePDF Writer 2.8
"DealPly" = DealPly (remove only)
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Gemplus Smart Card Reader Tools" = Gemplus Smart Card Reader Tools
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"HP PrecisionScan LTX" = HP PrecisionScan LTX
"HP-LaserJet 1020 series" = LaserJet 1020 series
"ie8" = Windows Internet Explorer 8
"IncrediMail" = IncrediMail 2.0
"[hidden email]" = LyricXeeker
"Max Impressão" = Max Impressão 1.0
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - ptb" = Pacote de Idiomas do Microsoft .NET Framework 3.5 SP1 - PTB
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil)
"MiPony" = MiPony 1.5.0
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NVIDIA Drivers" = NVIDIA Drivers
"OrderReminder HP LaserJet 1020" = OrderReminder HP LaserJet 1020
"Plants vs. Zombies" = Plants vs. Zombies
"Plus-HD-2.3" = Plus-HD-2.3
"Programador Modulare I, Conecta, Corp 6000 e Corp 8000_is1" = Programador versão 2.53 para PABX Modulare I, Conecta, Corp 600
"programmeroi_is1" = Oi Velox
"PSN" = Post-it® Software Notes Lite
"VIVO INTERNET" = VIVO INTERNET
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dealply" = Dealply
"Emissor de Nota Fiscal Eletrônica (NF-e) 2.0" = Emissor de Nota Fiscal Eletrônica (NF-e) 2.0
"Google Chrome" = Google Chrome
"optimizer_chrome" = Widevine Media Optimizer Chrome 6.0.0
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 26/3/2013 06:46:57 | Computer Name = FINANCEIRO | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
 
Error - 26/3/2013 07:22:57 | Computer Name = FINANCEIRO | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
 
Error - 28/3/2013 11:38:20 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha digisat.exe, versão 1.0.2.3, módulo com falha
 gbieh.dll, versão 4.0.0.44, endereço com falha 0x000aa796.
 
Error - 7/5/2013 15:43:38 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha , versão 0.0.0.0, endereço com falha 0x00000000.
 
Error - 11/5/2013 10:05:49 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha spider.exe, versão 5.1.2600.5512, módulo com 
falha unknown, versão 0.0.0.0, endereço com falha 0xf90d5e65.
 
Error - 24/5/2013 11:39:38 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha kernel32.dll, versão 5.1.2600.6293, endereço com falha 0x000658c0.
 
Error - 24/5/2013 11:48:27 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha kernel32.dll, versão 5.1.2600.6293, endereço com falha 0x000658c0.
 
Error - 13/6/2013 12:42:21 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha hpipcopy.exe, versão 3.2.0.0, módulo com falha
 hpipcopy.exe, versão 3.2.0.0, endereço com falha 0x000171e6.
 
[ System Events ]
Error - 5/8/2013 09:45:11 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 5/8/2013 16:55:00 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 6/8/2013 06:53:50 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 6/8/2013 06:54:09 | Computer Name = FINANCEIRO | Source = Service Control Manager | ID = 7022
Description = Serviço Gbp Service suspenso ao iniciar.
 
Error - 7/8/2013 06:32:36 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 7/8/2013 08:52:20 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10005
Description = Erro "%1058" no DCOM na tentativa de iniciar o serviço wuauserv com
 argumentos ""  para iniciar o servidor:  {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error - 7/8/2013 09:47:08 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 7/8/2013 10:47:07 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 8/8/2013 06:28:03 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 8/8/2013 06:28:25 | Computer Name = FINANCEIRO | Source = Print | ID = 19
Description = Falha ao compartilhar impressora: + 1722; impressora HP LaserJet P1005,
 nome de compartilhamento HPLaserJ.2.
 
 
< End of report >



Em 7 de agosto de 2013 15:42, Marcelo [via Fórum Tech Suporte] <[hidden email]> escreveu:
Olá, Diana

Não há print na página.

Por favor, faça um novo log do OTL e poste aqui.


Se você responder a este email, a sua mensagem será adicionada à discussão abaixo:
http://forum-tech-suporte.19081.x6.nabble.com/janelas-que-se-abrem-sozinhas-tp4983702p4983780.html
Para remover sua inscrição de janelas que se abrem sozinhas., clique aqui.
NAML

Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Marcelo
Administrador
Em resposta à esta mensagem postada por Diana
Diana,

Vamos resolver isso.

Peço que vá me mantendo informado após realizar cada procedimento, porque assim facilita para mim.

1) Abra o OTL.
2) Na área azul inferior chamada "Exames Personalizados/Correções" cole todo o texto dessa página aqui.
3) Clique no botão vermelho Consertar. Se for solicitada o reinicio da máquina, reinicie.
4) Após reiniciar, ele vai gerar um log do resultado. Poste este log em sua resposta.

Depois disso...

1) Baixe o ComboFix e salve no desktop.
2) Dê um duplo clique no arquivo e efetue o scan seguindo esse guia oficial.
3) Ao término, um log será aberto. O mesmo estará presente em C:\ComboFix.txt.

Poste ambos os logs em sua próxima resposta.
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Diana
Olá.

Desculpe a demora, muito serviço Para pouca Diana.

Segue arquivo de log:

All processes killed
Error: Unable to interpret <: OTL> in the current context!
Error: Unable to interpret <SRV - [2013/08/01 21:13:06 | 000051992 | ---- | M] (cake bake) [Auto | duração] - C: \ Arquivos de Programas \ Web bolo \ WebCakeDesktop.Updater.exe - - (WebCakeUpdater)Auto | duração] - C: \ Arquivos de Programas \ Web bolo \ WebCakeDesktop.Updater.exe - (WebCakeUpdater)> in the current context!
Error: Unable to interpret <SRV - [2013/07/23 17:25:11 | 000148000 | ---- | M] (DealPly Technologies Ltd) [On_Demand | Stopped] - C: \ Arquivos de Programas \ DealPlyLive \ Update \ DealPlyLive.exe - - (dealplylivem)> in the current context!
Error: Unable to interpret <SRV - [2013/07/23 17:25:11 | 000148000 | ---- | M] (DealPly Technologies Ltd) [Auto | Stopped] - C: \ Arquivos de Programas \ DealPlyLive \ Update \ DealPlyLive.exe - - (dealplylive)> in the current context!
Error: Unable to interpret <IE - HKLM \ Internet Explorer \ Main, extensões fora da página = cerca de \ SOFTWARE \ Microsoft: NoAdd-onsInternet Explorer \ Main, extensões fora da página = about: NoAdd-ons> in the current context!
Error: Unable to interpret <IE - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Segurança Risco página = sobre: ​​SecurityRiskRisco de Segurança Página = sobre: ​​SecurityRisk> in the current context!
Error: Unable to interpret <IE - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal> in the current context!
Error: Unable to interpret <FF - HKLM \ Software \ MozillaPlugins \ @ tools.dpliveupdate.com / DealPlyLive Atualização; version = 3: C: \ Arquivos de Programas \ DealPlyLive \ Update \ 1.3.23.0 \ npGoogleUpdate3.dll (DealPly Technologies Ltd)> in the current context!
Error: Unable to interpret <FF - HKLM \ Software \ MozillaPlugins \ @ tools.dpliveupdate.com / DealPlyLive Atualização; version = 9: C: \ Arquivos de Programas \ DealPlyLive \ Update \ 1.3.23.0 \ npGoogleUpdate3.dll (DealPly Technologies Ltd)> in the current context!
Error: Unable to interpret <FF - HKCU \ Software \ MozillaPlugins \ @ Limited.com Skype / Facebook Vídeo Chamada Plugin: C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook \ Video \ Skype \ npFacebookVideoCalling.dll File not foundVídeo Chamada Plugin: C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook \ Video \ Skype \ npFacebookVideoCalling.dll File not found> in the current context!
Error: Unable to interpret <FF - HKEY_CURRENT_USER \ Software \ Mozilla \ Firefox \ Extensions \ \ [e-mail oculto]: C: \ Arquivos de Programas \ LyriXeeker \ 125.xpi [2013/07/23 17:25:42 | 000007064 | ---- | M ] ()Firefox \ Extensions \ \ [e-mail oculto]: C: \ Arquivos de Programas \ LyriXeeker \ 125.xpi [2013/07/23 17:25:42 | 000007064 | ---- | M] ()> in the current context!
Error: Unable to interpret <CHR - homepage: http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal> in the current context!
Error: Unable to interpret <CHR - plugin: Injovo Plugin Extensão (Ativado) = C: \ Documents and Settings \ Financeir \ Configura \ u00E7 \ u00F5es locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ dlnembnfbcpjnepmfjmngjenhhajpdfd \ 2.0.0.441_0 \ npbrowserext . dll> in the current context!
Error: Unable to interpret <CHR - Extensão: Web Assistant = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ dlnembnfbcpjnepmfjmngjenhhajpdfd \ 2.0.0.441_0 \> in the current context!
Error: Unable to interpret <CHR - Extensão: Bolo Web = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ fjoijdanhaiflhibkljeklcghcmmfffh \ 1.0.3_0 \> in the current context!
Error: Unable to interpret <CHR - Extensão: Bubble Shooter-HD = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ hpakbhbnhkbghdcejiiangcefallmaln \ 2.2.0_0 \> in the current context!
Error: Unable to interpret <CHR - Extensão: DealPly Shopping = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ mphpbdjcljebbcnfopfngmfdackbbdgf \ 3.5.0.0_0 \> in the current context!
Error: Unable to interpret <CHR - Extensão: LyricXeeker = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ odnofacmifkjndflfmmplhckcbfjckhj \ 1.125_0 \> in the current context!
Error: Unable to interpret <O2 - BHO: (Assistente Web) - {336D0C35-8A85-403A-B9D2-65C292C39087} - C: \ Arquivos de Programas \ Web Assistant \ Extension32.dll ()> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {DF89BC70-AC87-4a31-ACD5-7417E2CF1209} - No CLSID valor encontrado.> in the current context!
Error: Unable to interpret <O4 - HKU \ S-1-5-21-527237240-562591055-839522115-1003 .. \ Run: [Facebook Update] C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook \ Update \ FacebookUpdate. exe (Facebook Inc.)> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {2b07deea-95e4-11e1-espécies 92C0 Florestas-001fd0fef641} \ Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {2b07deea-95e4-11e1-espécies 92C0 Florestas-001fd0fef641} \ Shell \ \ command AutoRun - "" = E: \ AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {64998505-7fac-11e0-983c-001fd0fef641} \ Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {64998505-7fac-11e0-983c-001fd0fef641} \ Shell \ \ command AutoRun - "" = F: \ AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {64998507-7fac-11e0-983c-001fd0fef641} \ Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {64998507-7fac-11e0-983c-001fd0fef641} \ Shell \ \ command AutoRun - "" = F: \ AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {b65734b8-f8d9-11e0-91f7-001fd0fef641} \ Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {b65734b8-f8d9-11e0-91f7-001fd0fef641} \ Shell \ \ command AutoRun - "" = E: \ AutoRun.exe> in the current context!
Error: Unable to interpret <[2013/08/07 09:52:29 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Dados de aplicativos \ Web bolo> in the current context!
Error: Unable to interpret <[2013/08/07 09:52:29 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ Web bolo> in the current context!
Error: Unable to interpret <[2013/08/07 09:51:49 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ All Users \ Dados de aplicativos \ Tarma Installer> in the current context!
Error: Unable to interpret <[2013/08/05 00:44:32 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook> in the current context!
Error: Unable to interpret <[2013/08/05 11:36:49 | 002349096 | ---- | C] (Banco do Brasil SA) - C: \ Documents and Settings \ Financeir \ MEUS Documentos \ DiagnosticoBB.exe> in the current context!
Error: Unable to interpret <[2013/08/02 08:07:08 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ Plus HD-2.3> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:42 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ LyriXeeker> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:11 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ DealPlyLive> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:11 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ All Users \ Dados de aplicativos \ DealPlyLive> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:11 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ DealPlyLive> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:09 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Dados de aplicativos \ DealPly> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:05 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Menu Iniciar \ Programas \ DealPly> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:05 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ DealPly> in the current context!
Error: Unable to interpret <[2013/08/05 13:14:44 | 000001012 | ---- | M] () -> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:15 | 000000912 | ---- | M] () - C: \ WINDOWS \ tasks \ DealPlyLiveUpdateTaskMachineCore.job> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:03 | 000000404 | ---- | M] () - C: \ WINDOWS \ tasks \ LyricXeeker Update.job> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:11 | 000,000,000 | --- D | M] - C: \ Documents and Settings \ All Users \ Dados de aplicativos \ DealPlyLive> in the current context!
Error: Unable to interpret <[2013/08/07 09:52:29 | 000,000,000 | --- D | M] - C: \ Documents and Settings \ All Users \ Dados de aplicativos \ Tarma Installer> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:09 | 000,000,000 | --- D | M] - C: \ Documents and Settings \ Financeir \ Dados de aplicativos \ DealPly> in the current context!
Error: Unable to interpret <[2013/08/07 16:16:10 | 000,000,000 | --- D | M] - C: \ Documents and Settings \ Financeir \ Dados de aplicativos \ Web bolo> in the current context!
Error: Unable to interpret <: Arquivos> in the current context!
Error: Unable to interpret <C: \ Arquivos de Programas \ DealPlyLive> in the current context!
Error: Unable to interpret <C: \ Arquivos de Programas \ Web bolo> in the current context!
Error: Unable to interpret <C: \ Arquivos de Programas \ LyriXeeker> in the current context!
Error: Unable to interpret <C: \ Arquivos de Programas \ Web Assistant> in the current context!
Error: Unable to interpret <: Reg> in the current context!
Error: Unable to interpret <C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook \ Video \ Skype \ FacebookVideoCalling.exe "= -> in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uninstall]> in the current context!
Error: Unable to interpret <"{336D0C35-8A85-403A-B9D2-65C292C39087} _is1" = -> in the current context!
Error: Unable to interpret <"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = -> in the current context!
Error: Unable to interpret <"{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}" = -> in the current context!
Error: Unable to interpret <"DealPly" = -> in the current context!
Error: Unable to interpret <"Plus-HD 2.3" = -> in the current context!
Error: Unable to interpret <"DealPly" = -> in the current context!
Error: Unable to interpret <: Comandos> in the current context!
Error: Unable to interpret <[Pureza]> in the current context!
Error: Unable to interpret <[Emptyflash]> in the current context!
Error: Unable to interpret <[Emptytemp]> in the current context!
 
OTL by OldTimer - Version 3.2.69.0 log created on 08122013_132716

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Diana
Em resposta à esta mensagem postada por Marcelo
segue arquivo Combifix:

All processes killed
Error: Unable to interpret <: OTL> in the current context!
Error: Unable to interpret <SRV - [2013/08/01 21:13:06 | 000051992 | ---- | M] (cake bake) [Auto | duração] - C: \ Arquivos de Programas \ Web bolo \ WebCakeDesktop.Updater.exe - - (WebCakeUpdater)Auto | duração] - C: \ Arquivos de Programas \ Web bolo \ WebCakeDesktop.Updater.exe - (WebCakeUpdater)> in the current context!
Error: Unable to interpret <SRV - [2013/07/23 17:25:11 | 000148000 | ---- | M] (DealPly Technologies Ltd) [On_Demand | Stopped] - C: \ Arquivos de Programas \ DealPlyLive \ Update \ DealPlyLive.exe - - (dealplylivem)> in the current context!
Error: Unable to interpret <SRV - [2013/07/23 17:25:11 | 000148000 | ---- | M] (DealPly Technologies Ltd) [Auto | Stopped] - C: \ Arquivos de Programas \ DealPlyLive \ Update \ DealPlyLive.exe - - (dealplylive)> in the current context!
Error: Unable to interpret <IE - HKLM \ Internet Explorer \ Main, extensões fora da página = cerca de \ SOFTWARE \ Microsoft: NoAdd-onsInternet Explorer \ Main, extensões fora da página = about: NoAdd-ons> in the current context!
Error: Unable to interpret <IE - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Segurança Risco página = sobre: ​​SecurityRiskRisco de Segurança Página = sobre: ​​SecurityRisk> in the current context!
Error: Unable to interpret <IE - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal> in the current context!
Error: Unable to interpret <FF - HKLM \ Software \ MozillaPlugins \ @ tools.dpliveupdate.com / DealPlyLive Atualização; version = 3: C: \ Arquivos de Programas \ DealPlyLive \ Update \ 1.3.23.0 \ npGoogleUpdate3.dll (DealPly Technologies Ltd)> in the current context!
Error: Unable to interpret <FF - HKLM \ Software \ MozillaPlugins \ @ tools.dpliveupdate.com / DealPlyLive Atualização; version = 9: C: \ Arquivos de Programas \ DealPlyLive \ Update \ 1.3.23.0 \ npGoogleUpdate3.dll (DealPly Technologies Ltd)> in the current context!
Error: Unable to interpret <FF - HKCU \ Software \ MozillaPlugins \ @ Limited.com Skype / Facebook Vídeo Chamada Plugin: C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook \ Video \ Skype \ npFacebookVideoCalling.dll File not foundVídeo Chamada Plugin: C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook \ Video \ Skype \ npFacebookVideoCalling.dll File not found> in the current context!
Error: Unable to interpret <FF - HKEY_CURRENT_USER \ Software \ Mozilla \ Firefox \ Extensions \ \ [e-mail oculto]: C: \ Arquivos de Programas \ LyriXeeker \ 125.xpi [2013/07/23 17:25:42 | 000007064 | ---- | M ] ()Firefox \ Extensions \ \ [e-mail oculto]: C: \ Arquivos de Programas \ LyriXeeker \ 125.xpi [2013/07/23 17:25:42 | 000007064 | ---- | M] ()> in the current context!
Error: Unable to interpret <CHR - homepage: http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal> in the current context!
Error: Unable to interpret <CHR - plugin: Injovo Plugin Extensão (Ativado) = C: \ Documents and Settings \ Financeir \ Configura \ u00E7 \ u00F5es locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ dlnembnfbcpjnepmfjmngjenhhajpdfd \ 2.0.0.441_0 \ npbrowserext . dll> in the current context!
Error: Unable to interpret <CHR - Extensão: Web Assistant = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ dlnembnfbcpjnepmfjmngjenhhajpdfd \ 2.0.0.441_0 \> in the current context!
Error: Unable to interpret <CHR - Extensão: Bolo Web = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ fjoijdanhaiflhibkljeklcghcmmfffh \ 1.0.3_0 \> in the current context!
Error: Unable to interpret <CHR - Extensão: Bubble Shooter-HD = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ hpakbhbnhkbghdcejiiangcefallmaln \ 2.2.0_0 \> in the current context!
Error: Unable to interpret <CHR - Extensão: DealPly Shopping = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ mphpbdjcljebbcnfopfngmfdackbbdgf \ 3.5.0.0_0 \> in the current context!
Error: Unable to interpret <CHR - Extensão: LyricXeeker = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ odnofacmifkjndflfmmplhckcbfjckhj \ 1.125_0 \> in the current context!
Error: Unable to interpret <O2 - BHO: (Assistente Web) - {336D0C35-8A85-403A-B9D2-65C292C39087} - C: \ Arquivos de Programas \ Web Assistant \ Extension32.dll ()> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {DF89BC70-AC87-4a31-ACD5-7417E2CF1209} - No CLSID valor encontrado.> in the current context!
Error: Unable to interpret <O4 - HKU \ S-1-5-21-527237240-562591055-839522115-1003 .. \ Run: [Facebook Update] C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook \ Update \ FacebookUpdate. exe (Facebook Inc.)> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {2b07deea-95e4-11e1-espécies 92C0 Florestas-001fd0fef641} \ Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {2b07deea-95e4-11e1-espécies 92C0 Florestas-001fd0fef641} \ Shell \ \ command AutoRun - "" = E: \ AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {64998505-7fac-11e0-983c-001fd0fef641} \ Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {64998505-7fac-11e0-983c-001fd0fef641} \ Shell \ \ command AutoRun - "" = F: \ AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {64998507-7fac-11e0-983c-001fd0fef641} \ Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {64998507-7fac-11e0-983c-001fd0fef641} \ Shell \ \ command AutoRun - "" = F: \ AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {b65734b8-f8d9-11e0-91f7-001fd0fef641} \ Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {b65734b8-f8d9-11e0-91f7-001fd0fef641} \ Shell \ \ command AutoRun - "" = E: \ AutoRun.exe> in the current context!
Error: Unable to interpret <[2013/08/07 09:52:29 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Dados de aplicativos \ Web bolo> in the current context!
Error: Unable to interpret <[2013/08/07 09:52:29 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ Web bolo> in the current context!
Error: Unable to interpret <[2013/08/07 09:51:49 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ All Users \ Dados de aplicativos \ Tarma Installer> in the current context!
Error: Unable to interpret <[2013/08/05 00:44:32 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook> in the current context!
Error: Unable to interpret <[2013/08/05 11:36:49 | 002349096 | ---- | C] (Banco do Brasil SA) - C: \ Documents and Settings \ Financeir \ MEUS Documentos \ DiagnosticoBB.exe> in the current context!
Error: Unable to interpret <[2013/08/02 08:07:08 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ Plus HD-2.3> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:42 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ LyriXeeker> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:11 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ DealPlyLive> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:11 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ All Users \ Dados de aplicativos \ DealPlyLive> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:11 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ DealPlyLive> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:09 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Dados de aplicativos \ DealPly> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:05 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Menu Iniciar \ Programas \ DealPly> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:05 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ DealPly> in the current context!
Error: Unable to interpret <[2013/08/05 13:14:44 | 000001012 | ---- | M] () -> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:15 | 000000912 | ---- | M] () - C: \ WINDOWS \ tasks \ DealPlyLiveUpdateTaskMachineCore.job> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:03 | 000000404 | ---- | M] () - C: \ WINDOWS \ tasks \ LyricXeeker Update.job> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:11 | 000,000,000 | --- D | M] - C: \ Documents and Settings \ All Users \ Dados de aplicativos \ DealPlyLive> in the current context!
Error: Unable to interpret <[2013/08/07 09:52:29 | 000,000,000 | --- D | M] - C: \ Documents and Settings \ All Users \ Dados de aplicativos \ Tarma Installer> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:09 | 000,000,000 | --- D | M] - C: \ Documents and Settings \ Financeir \ Dados de aplicativos \ DealPly> in the current context!
Error: Unable to interpret <[2013/08/07 16:16:10 | 000,000,000 | --- D | M] - C: \ Documents and Settings \ Financeir \ Dados de aplicativos \ Web bolo> in the current context!
Error: Unable to interpret <: Arquivos> in the current context!
Error: Unable to interpret <C: \ Arquivos de Programas \ DealPlyLive> in the current context!
Error: Unable to interpret <C: \ Arquivos de Programas \ Web bolo> in the current context!
Error: Unable to interpret <C: \ Arquivos de Programas \ LyriXeeker> in the current context!
Error: Unable to interpret <C: \ Arquivos de Programas \ Web Assistant> in the current context!
Error: Unable to interpret <: Reg> in the current context!
Error: Unable to interpret <C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook \ Video \ Skype \ FacebookVideoCalling.exe "= -> in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uninstall]> in the current context!
Error: Unable to interpret <"{336D0C35-8A85-403A-B9D2-65C292C39087} _is1" = -> in the current context!
Error: Unable to interpret <"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = -> in the current context!
Error: Unable to interpret <"{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}" = -> in the current context!
Error: Unable to interpret <"DealPly" = -> in the current context!
Error: Unable to interpret <"Plus-HD 2.3" = -> in the current context!
Error: Unable to interpret <"DealPly" = -> in the current context!
Error: Unable to interpret <: Comandos> in the current context!
Error: Unable to interpret <[Pureza]> in the current context!
Error: Unable to interpret <[Emptyflash]> in the current context!
Error: Unable to interpret <[Emptytemp]> in the current context!
 
OTL by OldTimer - Version 3.2.69.0 log created on 08122013_132716

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Diana
Bom dia.

Mais alguma ação?

Diana
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Marcelo
Administrador
Oi, Diana

Nossa, peço perdão! Realmente havia me esquecido desse tópico.

Por favor, poste um novo log do OTL para eu conferir a situação atual do sistema.
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Diana
Oi Marcelo!

Sem problemas! Segue relatorio OTL e EXTRAS:

OTL logfile created on: 21/8/2013 13:38:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Financeir\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
 
1013,42 Mb Total Physical Memory | 723,32 Mb Available Physical Memory | 71,37% Memory free
2,40 Gb Paging File | 1,81 Gb Available in Paging File | 75,51% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 107,21 Gb Free Space | 71,94% Space Free | Partition Type: NTFS
 
Computer Name: FINANCEIRO | User Name: Financeir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
[color=#E56717]========== Processes (All) ==========[/color]
 
PRC - [2013/08/12 12:03:33 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\FacebookUpdate.exe
PRC - [2013/08/01 21:13:06 | 000,051,992 | ---- | M] (cake bake) -- C:\Arquivos de programas\Web Cake\WebCakeDesktop.Updater.exe
PRC - [2013/07/25 16:02:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL (1).exe
PRC - [2013/07/25 09:45:40 | 020,686,704 | R--- | M] (Skype Technologies S.A.) -- C:\Arquivos de programas\Skype\Phone\Skype.exe
PRC - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe
PRC - [2013/07/15 11:23:42 | 000,409,640 | ---- | M] (GAS Tecnologia) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe
PRC - [2012/09/22 08:56:30 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe
PRC - [2011/05/07 15:29:09 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
PRC - [2010/11/02 08:36:02 | 019,580,520 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2010/08/17 10:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010/01/13 11:46:36 | 000,166,912 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2010/01/13 11:46:14 | 000,135,680 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2010/01/13 11:46:02 | 000,243,712 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2009/07/24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
PRC - [2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/28 06:14:00 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2008/04/13 23:21:23 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [RPCSS]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [NETWORKSERVICE]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [NETSVCS]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [NETSVCS]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [LOCALSERVICE]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [LOCALSERVICE]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [IMGSVC]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [DCOMLAUNCH]
PRC - [2008/04/13 23:21:19 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008/04/13 23:21:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scardsvr.exe
PRC - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008/04/13 23:20:58 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/13 23:20:54 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008/04/13 23:20:53 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008/04/13 23:20:46 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007/10/17 13:17:08 | 000,163,840 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetcrss1.exe
PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
 
 
[color=#E56717]========== Modules (All) ==========[/color]
 
MOD - [2013/08/14 08:31:05 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\22d4e8aa5199c8d99834a45df34f5867\System.ServiceProcess.ni.dll
MOD - [2013/08/14 08:30:56 | 000,141,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\bf2eba0e2a992653ff57a5455f0374a5\System.Configuration.Install.ni.dll
MOD - [2013/08/14 08:18:11 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e8ca7e64c7eb45bf7c80962e06f71a9\System.ni.dll
MOD - [2013/08/14 07:59:41 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\f70861e3b54f6b9e54a56b4d535d4da5\mscorlib.ni.dll
MOD - [2013/08/12 12:03:33 | 000,686,960 | ---- | M] (Facebook Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\1.2.205.0\goopdate.dll
MOD - [2013/08/12 12:03:33 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\FacebookUpdate.exe
MOD - [2013/08/01 21:13:06 | 000,051,992 | ---- | M] (cake bake) -- C:\Arquivos de programas\Web Cake\WebCakeDesktop.Updater.exe
MOD - [2013/07/25 23:48:57 | 006,017,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mshtml.dll
MOD - [2013/07/25 23:48:57 | 001,215,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2013/07/25 23:48:57 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2013/07/25 23:48:57 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\jsproxy.dll
MOD - [2013/07/25 23:48:56 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
MOD - [2013/07/25 23:48:56 | 002,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2013/07/25 23:48:56 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iepeers.dll
MOD - [2013/07/25 16:02:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL (1).exe
MOD - [2013/07/25 09:45:40 | 020,686,704 | R--- | M] (Skype Technologies S.A.) -- C:\Arquivos de programas\Skype\Phone\Skype.exe
MOD - [2013/07/25 09:40:46 | 000,088,944 | R--- | M] (Skype Technologies) -- C:\Arquivos de programas\Skype\Updater\Updater.dll
MOD - [2013/07/23 17:25:11 | 000,818,208 | ---- | M] (DealPly Technologies Ltd) -- C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\goopdate.dll
MOD - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe
MOD - [2013/07/15 11:23:42 | 000,409,640 | ---- | M] (GAS Tecnologia) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe
MOD - [2013/07/15 11:23:20 | 001,410,088 | ---- | M] (Banco do Brasil) -- C:\Arquivos de programas\GbPlugin\gbieh.dll
MOD - [2013/06/28 16:33:54 | 001,529,976 | ---- | M] (Banco Real) -- C:\Arquivos de programas\GbPlugin\gbiehabn.dll
MOD - [2013/06/10 14:36:28 | 001,396,792 | ---- | M] (Banco Itaú Unibanco) -- C:\Arquivos de programas\GbPlugin\gbiehuni.dll
MOD - [2013/05/27 22:59:29 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2013/04/22 05:45:04 | 005,920,408 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2012/12/26 12:03:38 | 001,652,584 | ---- | M] (Caixa Economica Federal) -- C:\Arquivos de programas\GbPlugin\gbiehcef.dll
MOD - [2012/10/09 17:27:00 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
MOD - [2012/10/03 05:44:30 | 000,364,640 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MOD - [2012/10/03 01:57:56 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2012/09/22 08:56:30 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Java\jre7\bin\msvcr100.dll
MOD - [2012/09/22 08:56:30 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe
MOD - [2012/08/24 10:53:14 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2012/07/06 10:58:41 | 000,337,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2012/07/06 10:58:41 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2012/06/08 11:25:19 | 008,492,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2012/06/05 12:49:24 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msxml3.dll
MOD - [2012/06/04 01:32:08 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2012/06/01 13:49:14 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2012/05/14 06:22:35 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2012/02/29 11:09:51 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2012/02/09 12:43:21 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
MOD - [2012/01/28 12:20:49 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2011/11/16 11:21:43 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2011/11/01 13:07:09 | 001,288,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2011/10/14 11:47:16 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2011/09/26 10:41:20 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2011/06/15 17:27:11 | 006,378,144 | R--- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10t.ocx
MOD - [2011/06/02 17:15:35 | 000,798,872 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\1.3.21.57\goopdate.dll
MOD - [2011/05/24 17:03:00 | 001,007,160 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
MOD - [2011/05/24 17:03:00 | 000,150,072 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.7.6406.1642\gtn.dll
MOD - [2011/05/07 15:29:09 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MOD - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
MOD - [2011/03/04 03:36:11 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\jscript.dll
MOD - [2011/03/03 03:54:38 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2011/03/02 12:40:52 | 000,140,288 | ---- | M] () -- C:\Arquivos de programas\WinRAR\RarExt.dll
MOD - [2011/02/08 10:33:34 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2010/12/22 09:34:17 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2010/12/20 14:32:04 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2010/12/20 14:25:43 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2010/12/09 12:15:17 | 000,734,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2010/11/19 09:03:24 | 000,415,056 | ---- | M] (Scopus Tecnologia Ltda.) -- C:\Arquivos de programas\Scpad\scpMIB.dll
MOD - [2010/11/09 11:52:35 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2010/11/02 08:36:02 | 019,580,520 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
MOD - [2010/08/27 02:53:36 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2010/08/23 13:12:00 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2010/08/23 13:11:58 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/08/17 10:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2010/03/18 16:47:22 | 000,030,040 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
MOD - [2010/03/18 16:47:22 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\aspnet_counters.dll
MOD - [2010/03/18 13:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr100_clr0400.dll
MOD - [2010/03/18 13:16:28 | 000,413,008 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2010/03/18 13:16:28 | 000,129,880 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
MOD - [2010/03/18 13:16:28 | 000,121,688 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
MOD - [2010/03/18 10:09:00 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll
MOD - [2010/03/18 10:09:00 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll
MOD - [2010/01/26 21:50:50 | 000,212,328 | ---- | M] (Corel Corporation) -- c:\Arquivos de programas\Arquivos comuns\Corel\Shared\Shell Extension\ShellXP.dll
MOD - [2010/01/26 21:50:48 | 000,619,880 | ---- | M] (Corel Corporation) -- c:\Arquivos de programas\Arquivos comuns\Corel\Shared\Shell Extension\FileInfoProvider.dll
MOD - [2010/01/13 11:48:58 | 000,289,280 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxrptb.lrc
MOD - [2010/01/13 11:46:36 | 000,166,912 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
MOD - [2010/01/13 11:46:14 | 000,135,680 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
MOD - [2010/01/13 11:46:04 | 000,051,712 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.dll
MOD - [2010/01/13 11:46:02 | 000,243,712 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
MOD - [2010/01/13 11:45:38 | 000,093,696 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll
MOD - [2010/01/13 11:45:32 | 000,205,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxdev.dll
MOD - [2009/12/08 06:24:25 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009/11/05 08:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2009/10/13 07:34:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2009/10/12 10:39:20 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2009/10/12 10:39:19 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2009/09/11 11:19:14 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2009/09/04 18:04:39 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2009/07/27 20:17:42 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2009/07/24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
MOD - [2009/07/17 16:03:29 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2009/07/17 13:17:04 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2009/07/10 11:52:50 | 000,202,032 | ---- | M] (Scopus Tecnologia Ltda) -- C:\Arquivos de programas\Scpad\scpLIB.dll
MOD - [2009/06/25 05:27:14 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009/06/25 05:27:14 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2009/06/10 03:15:45 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2009/03/08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dxtrans.dll
MOD - [2009/03/08 04:31:38 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imgutil.dll
MOD - [2009/03/08 04:31:36 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pngfilt.dll
MOD - [2009/03/08 04:22:38 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msls31.dll
MOD - [2009/03/06 11:20:30 | 000,286,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2009/02/09 07:53:26 | 000,683,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009/02/09 07:53:26 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2009/02/09 07:53:26 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2009/02/09 07:53:25 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
MOD - [2009/01/26 15:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) -- C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll
MOD - [2009/01/26 15:30:58 | 001,287,000 | ---- | M] (Safer Networking Limited) -- C:\Arquivos de programas\Spybot - Search & Destroy\advcheck.dll
MOD - [2009/01/07 18:21:04 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xmllite.dll
MOD - [2009/01/07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2008/10/23 09:37:45 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008/07/29 12:10:46 | 000,265,720 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\msdbg2.dll
MOD - [2008/07/29 12:10:46 | 000,136,184 | ---- | M] (Microsoft Corporation) -- c:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\csm.dll
MOD - [2008/07/25 10:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
MOD - [2008/07/25 10:17:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
MOD - [2008/07/25 10:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
MOD - [2008/07/07 17:28:46 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2008/07/06 09:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
MOD - [2008/06/24 13:43:36 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2008/06/20 13:03:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2008/06/12 11:22:42 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2008/06/12 11:22:42 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2008/06/12 11:22:42 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2008/05/19 05:33:20 | 004,445,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2008/04/28 06:14:02 | 000,293,888 | ---- | M] (Hewlett-Packard ) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\HP1006S.DLL
MOD - [2008/04/28 06:14:02 | 000,284,160 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\HP1006LM.DLL
MOD - [2008/04/28 06:14:00 | 000,039,424 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MT.DLL
MOD - [2008/04/28 06:14:00 | 000,006,144 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MP.DLL
MOD - [2008/04/13 23:21:27 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2008/04/13 23:21:27 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2008/04/13 23:21:27 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008/04/13 23:21:27 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2008/04/13 23:21:27 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2008/04/13 23:21:27 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2008/04/13 23:21:27 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2008/04/13 23:21:27 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2008/04/13 23:21:23 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2008/04/13 23:21:19 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2008/04/13 23:20:58 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2008/04/13 23:20:54 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2008/04/13 23:20:46 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2008/04/13 23:20:46 | 000,383,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcdlg.dll
MOD - [2008/04/13 23:20:46 | 000,339,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\zipfldr.dll
MOD - [2008/04/13 23:20:46 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2008/04/13 23:20:44 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008/04/13 23:20:44 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008/04/13 23:20:44 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008/04/13 23:20:44 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2008/04/13 23:20:44 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008/04/13 23:20:43 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2008/04/13 23:20:43 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Media Player\wmpband.dll
MOD - [2008/04/13 23:20:43 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2008/04/13 23:20:43 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2008/04/13 23:20:42 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll
MOD - [2008/04/13 23:20:42 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008/04/13 23:20:42 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2008/04/13 23:20:42 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2008/04/13 23:20:42 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlanapi.dll
MOD - [2008/04/13 23:20:42 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/13 23:20:42 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2008/04/13 23:20:42 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2008/04/13 23:20:41 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2008/04/13 23:20:41 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2008/04/13 23:20:41 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2008/04/13 23:20:41 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2008/04/13 23:20:41 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2008/04/13 23:20:41 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2008/04/13 23:20:41 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2008/04/13 23:20:40 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2008/04/13 23:20:40 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008/04/13 23:20:40 | 000,714,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2008/04/13 23:20:40 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008/04/13 23:20:40 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2008/04/13 23:20:40 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2008/04/13 23:20:40 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2008/04/13 23:20:40 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2008/04/13 23:20:40 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2008/04/13 23:20:40 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008/04/13 23:20:40 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2008/04/13 23:20:40 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2008/04/13 23:20:40 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2008/04/13 23:20:40 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2008/04/13 23:20:40 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2008/04/13 23:20:40 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2008/04/13 23:20:40 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2008/04/13 23:20:40 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2008/04/13 23:20:40 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdmat.dll
MOD - [2008/04/13 23:20:40 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2008/04/13 23:20:40 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008/04/13 23:20:40 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2008/04/13 23:20:40 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2008/04/13 23:20:40 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2008/04/13 23:20:40 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2008/04/13 23:20:40 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vdmdbg.dll
MOD - [2008/04/13 23:20:40 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shfolder.dll
MOD - [2008/04/13 23:20:40 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008/04/13 23:20:40 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2008/04/13 23:20:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2008/04/13 23:20:40 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2008/04/13 23:20:40 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2008/04/13 23:20:40 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2008/04/13 23:20:39 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\riched20.dll
MOD - [2008/04/13 23:20:39 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2008/04/13 23:20:39 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008/04/13 23:20:39 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2008/04/13 23:20:39 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2008/04/13 23:20:38 | 000,673,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2008/04/13 23:20:38 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2008/04/13 23:20:38 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2008/04/13 23:20:38 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasqec.dll
MOD - [2008/04/13 23:20:38 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2008/04/13 23:20:38 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2008/04/13 23:20:38 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2008/04/13 23:20:37 | 000,572,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\printui.dll
MOD - [2008/04/13 23:20:37 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll
MOD - [2008/04/13 23:20:37 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2008/04/13 23:20:37 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2008/04/13 23:20:37 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2008/04/13 23:20:37 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008/04/13 23:20:37 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2008/04/13 23:20:37 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008/04/13 23:20:37 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qutil.dll
MOD - [2008/04/13 23:20:37 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2008/04/13 23:20:37 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2008/04/13 23:20:37 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2008/04/13 23:20:37 | 000,038,400 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2008/04/13 23:20:37 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2008/04/13 23:20:37 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2008/04/13 23:20:37 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2008/04/13 23:20:37 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2008/04/13 23:20:37 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2008/04/13 23:20:37 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2008/04/13 23:20:37 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008/04/13 23:20:37 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgrprxy.dll
MOD - [2008/04/13 23:20:37 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2008/04/13 23:20:37 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2008/04/13 23:20:37 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2008/04/13 23:20:37 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2008/04/13 23:20:37 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2008/04/13 23:20:36 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2008/04/13 23:20:36 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2008/04/13 23:20:36 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2008/04/13 23:20:34 | 000,629,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2008/04/13 23:20:34 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008/04/13 23:20:34 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2008/04/13 23:20:34 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008/04/13 23:20:34 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2008/04/13 23:20:34 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2008/04/13 23:20:34 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimtf.dll
MOD - [2008/04/13 23:20:34 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2008/04/13 23:20:34 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2008/04/13 23:20:34 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2008/04/13 23:20:34 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2008/04/13 23:20:34 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2008/04/13 23:20:34 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2008/04/13 23:20:33 | 001,000,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2008/04/13 23:20:33 | 000,539,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msftedit.dll
MOD - [2008/04/13 23:20:33 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 23:20:32 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008/04/13 23:20:32 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\modemui.dll
MOD - [2008/04/13 23:20:32 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2008/04/13 23:20:32 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008/04/13 23:20:32 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2008/04/13 23:20:31 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2008/04/13 23:20:31 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2008/04/13 23:20:30 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2008/04/13 23:20:30 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ksuser.dll
MOD - [2008/04/13 23:20:28 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2008/04/13 23:20:28 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2008/04/13 23:20:28 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2008/04/13 23:20:28 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008/04/13 23:20:28 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008/04/13 23:20:28 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2008/04/13 23:20:28 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2008/04/13 23:20:27 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2008/04/13 23:20:26 | 001,092,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2008/04/13 23:20:26 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
MOD - [2008/04/13 23:20:26 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll
MOD - [2008/04/13 23:20:26 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2008/04/13 23:20:26 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008/04/13 23:20:26 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2008/04/13 23:20:26 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\faultrep.dll
MOD - [2008/04/13 23:20:26 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2008/04/13 23:20:26 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2008/04/13 23:20:26 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eapolqec.dll
MOD - [2008/04/13 23:20:26 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll
MOD - [2008/04/13 23:20:26 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2008/04/13 23:20:25 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2008/04/13 23:20:25 | 000,023,552 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2008/04/13 23:20:25 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll
MOD - [2008/04/13 23:20:25 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
MOD - [2008/04/13 23:20:24 | 001,689,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3d9.dll
MOD - [2008/04/13 23:20:24 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2008/04/13 23:20:24 | 001,025,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2008/04/13 23:20:24 | 000,824,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3dim700.dll
MOD - [2008/04/13 23:20:24 | 000,821,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008/04/13 23:20:24 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2008/04/13 23:20:24 | 000,528,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2008/04/13 23:20:24 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008/04/13 23:20:24 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2008/04/13 23:20:24 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ddraw.dll
MOD - [2008/04/13 23:20:24 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008/04/13 23:20:24 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2008/04/13 23:20:24 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2008/04/13 23:20:24 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2008/04/13 23:20:24 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2008/04/13 23:20:24 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2008/04/13 23:20:24 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2008/04/13 23:20:24 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2008/04/13 23:20:24 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2008/04/13 23:20:24 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2008/04/13 23:20:24 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/13 23:20:24 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2008/04/13 23:20:24 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2008/04/13 23:20:24 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2008/04/13 23:20:24 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2008/04/13 23:20:24 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2008/04/13 23:20:24 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ddrawex.dll
MOD - [2008/04/13 23:20:24 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2008/04/13 23:20:24 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dciman32.dll
MOD - [2008/04/13 23:20:24 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3d8thk.dll
MOD - [2008/04/13 23:20:23 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
MOD - [2008/04/13 23:20:23 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2008/04/13 23:20:23 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2008/04/13 23:20:23 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008/04/13 23:20:23 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2008/04/13 23:20:22 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acadproc.dll
MOD - [2008/04/13 23:19:55 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2008/04/13 23:19:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/13 23:18:53 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2008/04/13 23:18:31 | 000,545,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hhctrl.ocx
MOD - [2008/04/13 23:18:05 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2008/04/13 22:55:59 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdoclc.dll
MOD - [2008/04/13 22:53:30 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2008/04/13 19:20:42 | 000,995,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008/04/13 15:35:38 | 002,945,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2008/04/13 14:37:57 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2008/04/13 14:37:57 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2008/04/13 13:23:31 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2007/10/24 12:56:42 | 000,737,280 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetpkss1.dll
MOD - [2007/10/18 13:06:18 | 000,077,824 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetsprov.dll
MOD - [2007/10/17 15:28:24 | 000,023,552 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aettask.dll
MOD - [2007/10/17 13:17:08 | 000,163,840 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetcrss1.exe
MOD - [2007/08/29 16:06:10 | 000,106,496 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZSPOOL.DLL
MOD - [2007/07/13 18:39:24 | 000,057,344 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\ZIMFPRNT.DLL
MOD - [2007/07/13 18:39:24 | 000,053,248 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZTAG.DLL
MOD - [2007/07/13 18:39:22 | 000,061,440 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZIMF.DLL
MOD - [2007/07/13 18:39:00 | 000,135,168 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\WINDOWS\system32\CP1215LM.DLL
MOD - [2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
MOD - [2007/04/09 13:23:54 | 000,028,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mdimon.dll
MOD - [2007/03/28 09:54:29 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2006/03/02 09:00:00 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui2.dll
MOD - [2006/03/02 09:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netmsg.dll
MOD - [2006/03/02 09:00:00 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mapi32.dll
MOD - [2006/03/02 09:00:00 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mui\0016\hhctrlui.dll
MOD - [2006/03/02 09:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2006/03/02 09:00:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprui.dll
MOD - [2006/03/02 09:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2006/03/02 09:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2006/03/02 09:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2006/03/02 09:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasctrs.dll
MOD - [2006/03/02 09:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2006/03/02 09:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2006/03/02 09:00:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2006/03/02 09:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2005/03/18 10:18:56 | 000,086,016 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZLhp1020.dll
MOD - [2005/03/18 10:18:56 | 000,049,152 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\IMFPRINT.DLL
MOD - [2005/03/18 10:18:56 | 000,028,672 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\zlm.dll
MOD - [2005/03/18 10:18:56 | 000,028,672 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\IMF32.DLL
MOD - [2005/03/18 10:18:56 | 000,024,576 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZTAG32.DLL
MOD - [2004/08/04 01:45:28 | 001,483,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\shdocvw.dll
MOD - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
MOD - [2003/06/11 15:21:38 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\1046\MDMUI.DLL
MOD - [2003/03/18 20:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll
MOD - [2003/02/21 04:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll
MOD - [2003/02/21 04:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
MOD - [2002/01/05 15:05:48 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\PDM.DLL
MOD - [2001/12/18 01:00:00 | 000,233,472 | ---- | M] (Hewlett-Packard) -- C:\Arquivos de programas\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\hpgwiamd.dll
MOD - [2001/12/18 01:00:00 | 000,040,960 | ---- | M] (Hewlett-Packard) -- C:\Arquivos de programas\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\hpgcollab.dll
MOD - [2001/08/21 06:02:20 | 000,032,768 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hpgdtuu.dll
 
 
[color=#E56717]========== Services (All) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/08/01 21:13:06 | 000,051,992 | ---- | M] (cake bake) [Auto | Running] -- C:\Arquivos de programas\Web Cake\WebCakeDesktop.Updater.exe -- (WebCakeUpdater)
SRV - [2013/07/25 09:40:44 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Arquivos de programas\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [On_Demand | Stopped] -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe -- (dealplylivem)
SRV - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [Auto | Stopped] -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe -- (dealplylive)
SRV - [2013/07/15 11:23:42 | 000,409,640 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\Arquivos de programas\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2013/04/18 19:45:12 | 000,754,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2012/09/22 08:56:30 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/06 10:58:41 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2011/05/07 15:29:08 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe -- (gupdatem)
SRV - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe -- (gupdate)
SRV - [2010/08/27 02:53:36 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2010/08/17 10:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009/07/27 20:17:42 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2009/07/27 20:17:42 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/07/27 20:17:42 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2009/07/24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/06/10 03:15:45 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
SRV - [2009/04/20 14:19:39 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2009/02/09 07:53:26 | 000,683,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2009/02/09 07:53:26 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2009/02/09 07:53:26 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
SRV - [2008/07/29 20:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/07/29 18:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/25 10:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/07 17:28:46 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008/06/20 13:03:40 | 000,247,808 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2008/05/19 00:57:42 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 23:21:24 | 000,126,464 | ---- | M] (Microsoft Corporation) [Boot | Stopped] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2008/04/13 23:21:22 | 000,292,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 23:21:21 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2008/04/13 23:21:21 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS)
SRV - [2008/04/13 23:21:18 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008/04/13 23:21:17 | 000,142,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2008/04/13 23:21:17 | 000,099,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2008/04/13 23:21:11 | 000,113,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/13 23:21:11 | 000,113,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/13 23:21:09 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2008/04/13 23:21:07 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 23:21:04 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator)
SRV - [2008/04/13 23:21:02 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/13 23:20:56 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 23:20:55 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 23:20:55 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2008/04/13 23:20:51 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008/04/13 23:20:51 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
SRV - [2008/04/13 23:20:46 | 000,483,840 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008/04/13 23:20:46 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2008/04/13 23:20:46 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/13 23:20:45 | 000,006,656 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 23:20:44 | 000,080,896 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2008/04/13 23:20:43 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/13 23:20:42 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/13 23:20:41 | 000,176,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2008/04/13 23:20:41 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2008/04/13 23:20:41 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/13 23:20:40 | 000,296,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/13 23:20:40 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 23:20:40 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 23:20:40 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2008/04/13 23:20:40 | 000,171,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 23:20:40 | 000,090,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2008/04/13 23:20:40 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008/04/13 23:20:40 | 000,039,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008/04/13 23:20:40 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 23:20:38 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2008/04/13 23:20:38 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2008/04/13 23:20:37 | 000,437,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 23:20:37 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2008/04/13 23:20:37 | 000,292,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent)
SRV - [2008/04/13 23:20:37 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 23:20:37 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/13 23:20:34 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/04/13 23:20:34 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN)
SRV - [2008/04/13 23:20:34 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/13 23:20:32 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/13 23:20:30 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc)
SRV - [2008/04/13 23:20:30 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 23:20:28 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/13 23:20:26 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2008/04/13 23:20:26 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008/04/13 23:20:25 | 000,133,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/13 23:20:25 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 23:20:24 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/04/13 23:20:24 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 23:20:24 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/13 23:20:23 | 000,172,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
SRV - [2008/04/13 23:20:23 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2007/06/28 13:43:00 | 000,155,716 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2006/03/02 09:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)
SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
[color=#E56717]========== Driver Services (All) ==========[/color]
 
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ViaIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (perc2)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (mraid35x)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (i2omp)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (hpn)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (dac960nt)
DRV - File not found [Kernel | Disabled | Unknown] --  -- (dac2w2k)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (CmdIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (cd20xrnt)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Atdisk)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (AliIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Abiosdsk)
DRV - [2013/08/21 07:20:19 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (NdisrdMP)
DRV - [2013/08/21 07:20:19 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (Ndisrd)
DRV - [2013/07/01 08:37:46 | 000,046,904 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\gbpkm.sys -- (GbpKm)
DRV - [2012/07/04 11:05:20 | 000,139,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2011/08/17 10:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\afd.sys -- (AFD)
DRV - [2011/07/15 10:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2011/07/08 11:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2011/04/21 10:37:43 | 000,105,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2011/02/17 10:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2011/01/14 04:06:40 | 000,277,352 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010/11/02 12:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2010/11/02 08:36:26 | 006,188,648 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2010/01/13 12:18:36 | 001,730,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2009/11/17 20:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/17 20:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/10/20 13:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/06/24 08:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2008/12/13 11:26:38 | 000,102,400 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/06/20 08:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/04/13 23:21:49 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/13 23:21:49 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/13 23:21:48 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/13 23:02:36 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)
DRV - [2008/04/13 23:02:31 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 23:02:29 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008/04/13 23:02:24 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008/04/13 22:59:07 | 000,153,984 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/13 22:59:00 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 22:58:35 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 22:58:03 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/04/13 22:57:13 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/04/13 22:55:20 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2008/04/13 22:55:19 | 000,053,504 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 22:53:17 | 000,058,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/13 22:53:00 | 000,053,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 22:52:42 | 000,044,672 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/13 22:50:10 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 22:50:05 | 000,188,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008/04/13 22:50:05 | 000,030,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/13 16:28:39 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 16:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/13 16:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 16:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/13 16:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008/04/13 16:19:43 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008/04/13 16:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/13 16:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 16:15:55 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 16:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 16:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 16:14:21 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 15:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 15:57:27 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 15:57:21 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 15:57:15 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/13 15:57:07 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 15:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/13 15:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/13 15:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 15:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 15:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/13 15:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008/04/13 15:51:25 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 15:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/13 15:46:26 | 000,085,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NABTSFEC.sys -- (NABTSFEC)
DRV - [2008/04/13 15:46:24 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC)
DRV - [2008/04/13 15:46:24 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CCDECODE.sys -- (CCDECODE)
DRV - [2008/04/13 15:46:24 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SLIP.sys -- (SLIP)
DRV - [2008/04/13 15:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StreamIP.sys -- (streamip)
DRV - [2008/04/13 15:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/04/13 15:46:22 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NdisIP.sys -- (NdisIP)
DRV - [2008/04/13 15:46:20 | 000,121,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbvideo.sys -- (usbvideo)
DRV - [2008/04/13 15:45:40 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/04/13 15:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2008/04/13 15:45:37 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/13 15:45:35 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/13 15:45:35 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/04/13 15:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/04/13 15:45:27 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (hidusb)
DRV - [2008/04/13 15:45:13 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 15:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio)
DRV - [2008/04/13 15:45:09 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/13 15:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/13 15:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/13 15:45:01 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic)
DRV - [2008/04/13 15:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 15:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/13 15:40:49 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 15:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 15:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008/04/13 15:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 15:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008/04/13 15:40:25 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/13 15:40:25 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 15:40:12 | 000,015,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum)
DRV - [2008/04/13 15:39:53 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/13 15:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 15:39:51 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 15:39:50 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE)
DRV - [2008/04/13 15:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 15:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/13 15:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 15:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 15:32:59 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2008/04/13 15:32:51 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 15:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 15:32:39 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/13 15:32:39 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/13 15:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 13:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008/04/13 13:39:16 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008/04/13 13:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/10/25 13:50:26 | 000,062,848 | ---- | M] (ASICEN) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AsicenUSBDTVBDA_DM011.sys -- (AsicenUSBDTV_DM011)
DRV - [2007/06/28 13:43:00 | 006,807,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/12/01 13:48:22 | 000,020,992 | ---- | M] (ASICEN) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AS11Loader.sys -- (AS11Loader)
DRV - [2006/03/02 09:00:00 | 000,125,824 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2006/03/02 09:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2006/03/02 09:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2006/03/02 09:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2006/03/02 09:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2006/03/02 09:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2006/03/02 09:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2006/03/02 09:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2006/03/02 09:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2006/03/02 09:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2006/03/02 09:00:00 | 000,011,904 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2006/03/02 09:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2006/03/02 09:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2006/03/02 09:00:00 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2006/03/02 09:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2006/03/02 09:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2006/03/02 09:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2006/03/02 09:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2006/03/02 09:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2006/03/02 09:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2006/03/02 09:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)
DRV - [2004/06/28 10:06:26 | 000,061,840 | ---- | M] (Gemplus) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTwinUSB.sys -- (GTwinUSB)
DRV - [2003/12/05 06:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/10/16 10:44:04 | 000,082,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cyg_ser.sys -- (cyg_ser)
DRV - [2003/10/16 10:43:20 | 000,051,040 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cyg_bus.sys -- (cyg_bus)
DRV - [2001/09/05 23:17:14 | 000,003,456 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2001/08/17 18:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
 
 
[color=#E56717]========== Standard Registry (All) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = <a href="http://search.live.com/results.aspx?q={searchTerms}&amp;src={referrer:source">http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}: "URL" = <a href="http://www.google.com/search?q={searchTerms}&amp;rls=com.microsoft:{language}:{referrer:source?}&amp;ie={inputEncoding}&amp;oe={outputEncoding}&amp;sourceid=ie7">http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ [binary data]
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes,DefaultScope = {FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;src=IE-SearchBox&amp;FORM=IE8SRC">http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;FORM=IE8SRC">http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{B3FD69ED-2469-4493-9F02-38212A7C3E72}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;form=MSNIE8&amp;pc=MSNIE8&amp;src=IE-SearchBox">http://www.bing.com/search?q={searchTerms}&form=MSNIE8&pc=MSNIE8&src=IE-SearchBox
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}: "URL" = <a href="http://www.google.pt/search?q={searchTerms}&amp;rls=com.microsoft:{language}:{referrer:source?}&amp;ie={inputEncoding}&amp;oe={outputEncoding}&amp;sourceid=ie7&amp;rlz=1I7GGHP_pt-BR">http://www.google.pt/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_pt-BR
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Arquivos de programas\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3: C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9: C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Arquivos de programas\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Arquivos de programas\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Dados de aplicativos\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/05/07 15:29:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2012/11/06 02:25:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Arquivos de programas\Web Assistant\Firefox [2012/06/04 15:39:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[hidden email]: C:\Arquivos de programas\LyriXeeker\125.xpi [2013/07/23 17:25:42 | 000,007,064 | ---- | M] ()
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\npbrowserext.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Arquivos de programas\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Update\1.3.21.53\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Arquivos de programas\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Bejeweled = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Radio Do Brasil = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh\1.0.56_0\
CHR - Extension: Play Parole = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dfigpchbljbamamhkecemhceioapljbn\1.0_0\
CHR - Extension: Web Assistant = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\
CHR - Extension: Fruit Ninja = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\eofdejdahdbbmnibkpgbfknnpbhpbcad\1.6_0\
CHR - Extension: Web Cake = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0\
CHR - Extension: Voicenote - fala em texto. = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfmldhibfm\2.4.22_0\
CHR - Extension: Bubble Shooter-HD = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.2.0_0\
CHR - Extension: Pursuit of Hat = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\jepniedfbdhmplhbjffedeomcaopopob\1.1_0\
CHR - Extension: Hatsune Miku = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\kigfdicgjnpjkhbnngdfgjfffmdaonfg\2_0\
CHR - Extension: Super Stacker 2 = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\klemmckdcnieolllgjgbniaeehggmano\3.0_0\
CHR - Extension: Crackle Brazil = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\lflobbippdgfecmbdgjdejahlimggpef\1.0.0_0\
CHR - Extension: Poppit = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Editor de HQs = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mhfajnocemhaofoiejdekipegedfeeni\1.4_0\
CHR - Extension: DealPly  Shopping = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.5.0.0_0\
CHR - Extension: Mahjong Solitaire = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\neojceinbonpjjcokpokpeobkhcpiloc\1.0.0.2_0\
CHR - Extension: Gomoku = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nhhdgipkbgjblbgjlbakfffjbffpdblo\1.0.11_0\
CHR - Extension: LyricXeeker = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\odnofacmifkjndflfmmplhckcbfjckhj\1.125_0\
CHR - Extension: Psykopaint = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\
CHR - Extension: Psykopaint = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\.bak
 
O1 HOSTS File: ([2013/08/12 13:48:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (ssh2 Class) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll (Scopus Tecnologia Ltda)
O2 - BHO: (no name) - {336D0C35-8A85-403a-B9D2-65C292C39087} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {DF89BC70-AC87-4A31-ACD5-7417E2CF1209} - No CLSID value found.
O3 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\Toolbar\ShellBrowser: (E&ndereço) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [CertificateRegistration] C:\WINDOWS\System32\aetcrss1.exe (A.E.T. Europe B.V.)
O4 - HKLM..\Run: [gemstrmw] C:\WINDOWS\System32\gemstrmw.exe (Gemplus)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-527237240-562591055-839522115-1003..\Run: [Facebook Update] C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-527237240-562591055-839522115-1003..\Run: [SpybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [SymInstallStub] C:\WINDOWS\System32\Adobe\Shockwave 11\SymInstallStub.exe (Symantec Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-527237240-562591055-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de programas\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www14] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www2] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancoreal.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancosantander.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancosantander.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bb.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([imagem] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([internetbanking] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([internetbanking] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([bankline] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([guardiao] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([www2] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([wwws] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([wwws] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santander.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santander.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santanderempresarial.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santanderempresarial.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws2] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws2] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernetibe.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernetibe.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: secureweb.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: secureweb.com.br ([www] https in Sites confiáveis)
O16 - DPF: {2DEF4530-8CE6-41C9-84B6-A54536C90213} http://cob.bancovw.com.br/viewer9/activeXViewer/activexviewer.cab (Crystal Report Viewer Control 9)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1304768064948 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1307534482359 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} https://imagem.caixa.gov.br/cab/GBPDIST2K.CAB (GbpDistObj Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39F8FD3D-2667-4A1F-94A7-26E219669948}: NameServer = 192.168.1.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginAbn: DllName - (C:\Arquivos de programas\GbPlugin\gbiehAbn.dll) - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Arquivos de programas\GbPlugin\gbieh.dll) - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\Arquivos de programas\GbPlugin\gbiehCef.dll) - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\Arquivos de programas\GbPlugin\gbiehUni.dll) - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Pré-carregador Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Daemon de cache de categorias de componente - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {A3717295-941D-416F-9384-ED1736729F1C} - scpLIB - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O24 - Desktop WallPaper: C:\Documents and Settings\Financeir\Meus documentos\Minhas imagens\mhb.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Financeir\Meus documentos\Minhas imagens\mhb.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/03/08 12:19:42 | 000,000,021 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 360 Days ==========[/color]
 
[2013/08/14 08:46:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\PCHealth
[2013/08/14 08:06:28 | 000,000,000 | ---D | C] -- C:\8e6272f23157f7be5aa526432a2642
[2013/08/13 08:33:47 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[2013/08/13 08:33:46 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013/08/12 13:42:36 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/08/12 13:37:22 | 000,012,568 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP113.SYS
[2013/08/12 13:37:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Financeir\Meus documentos\Meus vídeos
[2013/08/12 13:37:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\Ferramentas administrativas
[2013/08/12 13:36:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/08/07 14:48:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Skype
[2013/08/07 14:48:04 | 000,000,000 | R--D | C] -- C:\Arquivos de programas\Skype
[2013/08/07 14:48:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Skype
[2013/08/07 14:48:04 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Skype
[2013/08/07 14:47:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Skype
[2013/08/07 09:52:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Web Cake
[2013/08/07 09:52:29 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Web Cake
[2013/08/07 09:51:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer
[2013/08/05 12:44:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook
[2013/08/05 11:36:49 | 002,349,096 | ---- | C] (Banco do Brasil SA) -- C:\Documents and Settings\Financeir\Meus documentos\DiagnosticoBB.exe
[2013/08/02 08:07:08 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Plus-HD-2.3
[2013/07/25 16:02:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL (1).exe
[2013/07/25 11:23:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Financeir\Recent
[2013/07/23 17:25:42 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\LyriXeeker
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DealPlyLive
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\DealPlyLive
[2013/07/23 17:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Dealply
[2013/07/23 17:25:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\DealPly
[2013/07/23 17:21:42 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2013/07/23 17:21:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2013/07/23 17:21:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2013/05/24 12:23:40 | 000,024,576 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\gemstrmw.exe
[2013/05/24 12:23:21 | 000,061,840 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\drivers\GTwinUSB.sys
[2013/05/24 12:23:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Gemplus
[2013/05/24 12:09:41 | 000,000,000 | ---D | C] -- C:\database
[2013/05/22 09:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Lucano
[2013/05/21 08:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\Escaneamentos
[2013/05/04 10:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\cielo extratos
[2013/04/26 15:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Cao
[2013/04/15 09:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\trix.therebels.tonybennett.duets2.2012
[2013/03/05 09:56:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\GAS Tecnologia
[2013/01/28 14:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\CATALOGOS
[2013/01/28 14:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Atalhos para produtos em vidro temperado
[2013/01/18 11:55:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2013/01/18 11:51:16 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/01/18 11:07:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2013/01/16 13:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\IDM
[2012/11/07 15:44:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\TeamViewer
[2012/11/06 02:04:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\MSXML 4.0
[2012/11/06 02:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Silverlight
[2012/11/05 09:15:11 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012/11/01 23:04:06 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2012/11/01 15:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\PopCap Games
[2012/10/27 08:23:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCap Games
[2012/10/25 15:01:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/10/13 14:42:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Newsoft
[2012/10/13 14:39:09 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2012/10/13 14:39:07 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MPE.sys
[2012/10/13 14:39:07 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2012/10/13 14:39:04 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2012/10/13 14:39:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2012/10/13 14:39:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2012/10/13 14:39:02 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2012/10/13 14:38:59 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2012/10/13 14:38:56 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2012/10/13 14:38:54 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2012/10/13 14:38:51 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2012/10/13 14:38:36 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2012/10/13 14:38:36 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2012/10/13 14:38:35 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2012/10/13 14:38:35 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2012/10/13 14:38:35 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2012/10/13 14:38:35 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2012/10/13 14:38:35 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2012/10/13 14:38:35 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2012/10/13 14:38:35 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\BdaSup.sys
[2012/10/13 14:38:35 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2012/10/13 14:38:34 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2012/10/13 14:38:34 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\BdaPlgIn.ax
[2012/10/13 14:36:21 | 000,020,992 | ---- | C] (ASICEN) -- C:\WINDOWS\System32\drivers\AS11Loader.sys
[2012/10/13 14:36:11 | 000,062,848 | ---- | C] (ASICEN) -- C:\WINDOWS\System32\drivers\AsicenUSBDTVBDA_DM011.sys
[2012/10/13 14:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\InstallShield
[2012/10/13 14:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\NewSoft
[2012/10/13 14:35:36 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\NewSoft
[2012/10/13 14:35:32 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\NewSoft
[2012/10/02 15:04:32 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\synceng.dll
[2012/09/28 11:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\FORMULARIO MHB
[2012/09/25 16:00:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\Max Impressão
[2012/09/25 16:00:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Maxprint
[2012/09/22 08:57:00 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Java
[2012/09/21 14:10:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Sun
[2012/09/20 13:25:49 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Silverlight
[2012/09/20 08:42:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\HP PrecisionScan LTX
[2012/09/19 17:18:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\EurekaLog
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Oi
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Oi
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Lightcomm
[2012/09/17 12:51:41 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Oi
[2012/09/08 16:54:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\CyberLink
[2012/09/08 16:54:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\CyberLink
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Arquivos de programas\*.tmp files -> C:\Arquivos de programas\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 360 Days ==========[/color]
 
[2013/08/21 07:27:30 | 000,002,315 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/08/21 07:20:22 | 000,000,634 | ---- | M] () -- C:\WINDOWS\tasks\Norton Product Installer.job
[2013/08/21 07:20:19 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) -- C:\WINDOWS\System32\drivers\GbpNdisrd.sys
[2013/08/21 07:19:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/08/20 09:54:12 | 000,001,080 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG
[2013/08/19 07:45:20 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/08/15 07:32:27 | 000,209,696 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/08/14 08:21:40 | 000,537,104 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat
[2013/08/14 08:21:40 | 000,502,374 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/08/14 08:21:40 | 000,098,102 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat
[2013/08/14 08:21:40 | 000,087,810 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/08/14 08:19:56 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/08/13 17:07:39 | 000,000,412 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\spider.sav
[2013/08/12 13:48:41 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/08/12 13:42:40 | 000,000,355 | RHS- | M] () -- C:\boot.ini
[2013/08/12 13:37:22 | 000,012,568 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP113.SYS
[2013/08/12 08:43:11 | 000,001,997 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Norton Product Installer.lnk
[2013/08/10 20:50:26 | 000,000,642 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Product InstallerIdle.job
[2013/08/09 16:13:38 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/08/05 11:36:49 | 002,349,096 | ---- | M] (Banco do Brasil SA) -- C:\Documents and Settings\Financeir\Meus documentos\DiagnosticoBB.exe
[2013/08/05 10:56:42 | 000,666,633 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\adwcleaner.exe
[2013/08/02 08:07:10 | 000,001,924 | ---- | M] () -- C:\WINDOWS\tasks\Plus-HD-2.3-chromeinstaller.job
[2013/08/01 19:11:45 | 000,002,444 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Google Chrome.lnk
[2013/07/25 23:48:57 | 006,017,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013/07/25 23:48:57 | 001,215,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2013/07/25 23:48:57 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2013/07/25 23:48:57 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013/07/25 23:48:57 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2013/07/25 23:48:57 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013/07/25 23:48:57 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2013/07/25 23:48:57 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013/07/25 23:48:57 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/07/25 23:48:57 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2013/07/25 23:48:57 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2013/07/25 23:48:57 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013/07/25 23:48:57 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013/07/25 23:48:57 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2013/07/25 23:48:57 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013/07/25 23:48:57 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2013/07/25 23:48:57 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2013/07/25 23:48:57 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2013/07/25 23:48:57 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2013/07/25 23:48:56 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013/07/25 23:48:56 | 002,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013/07/25 23:48:56 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2013/07/25 23:48:56 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013/07/25 23:48:56 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/07/25 23:48:56 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2013/07/25 23:48:56 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013/07/25 23:48:56 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2013/07/25 23:48:56 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2013/07/25 21:28:18 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2013/07/25 21:28:18 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2013/07/25 16:02:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL (1).exe
[2013/07/25 12:58:11 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2013/07/23 17:25:15 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2013/07/23 17:25:03 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\LyricXeeker Update.job
[2013/07/11 14:21:01 | 000,000,020 | ---- | M] () -- C:\WINDOWS\hppsapp.INI
[2013/07/10 07:37:49 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usp10.dll
[2013/07/04 04:34:02 | 002,074,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2013/07/04 04:34:01 | 002,197,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013/07/04 04:34:00 | 002,153,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2013/07/04 04:34:00 | 002,153,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2013/07/04 04:33:59 | 002,032,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2013/07/04 04:33:59 | 002,032,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2013/07/01 08:37:46 | 000,046,904 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\System32\drivers\gbpkm.sys
[2013/06/08 09:16:14 | 000,000,192 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\HP LaserJet P1005.lnk
[2013/05/27 22:59:29 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2013/04/25 17:41:22 | 000,810,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmod.dll
[2013/04/25 17:41:22 | 000,810,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll
[2013/04/10 10:15:31 | 000,006,779 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\carta.pdf
[2013/04/09 13:09:42 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/06 10:51:38 | 000,036,924 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Itau.pdf
[2013/04/04 11:14:11 | 000,000,421 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2013/04/04 09:27:50 | 000,117,287 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\Portalex 2.jpg
[2013/04/04 09:26:12 | 000,462,353 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\portalex.png
[2013/04/03 11:16:41 | 000,056,410 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\pagam.pdf
[2013/04/02 10:20:24 | 000,208,406 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Temperminas.pdf
[2013/04/01 12:27:44 | 000,531,165 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\cielo.pdf
[2013/03/12 08:28:02 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio4.bmp
[2013/03/08 05:36:13 | 000,293,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winsrv.dll
[2013/03/08 05:36:13 | 000,293,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsrv.dll
[2013/03/07 17:32:01 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio3.bmp
[2013/03/07 17:31:15 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio2.bmp
[2013/03/07 17:30:23 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio1.bmp
[2013/03/07 17:28:55 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio.bmp
[2013/02/27 04:58:25 | 002,067,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2013/02/11 21:32:23 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013/02/11 21:32:23 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys
[2013/02/11 21:32:23 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[2013/02/05 13:19:32 | 000,104,107 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\orc2.jpg
[2013/02/05 13:14:33 | 000,138,445 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\orc1.jpg
[2013/01/29 09:34:28 | 000,013,467 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\caixa hoje.pdf
[2012/12/07 13:39:05 | 000,111,595 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\PortaGenilson.pdf
[2012/11/23 07:44:31 | 000,458,136 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\tela tablet.pdf
[2012/11/13 08:55:14 | 001,866,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2012/11/13 08:55:14 | 001,866,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2012/11/12 08:07:05 | 000,078,583 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\santander.pdf
[2012/11/12 07:07:41 | 000,129,828 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\156797.pdf
[2012/11/10 14:30:10 | 000,053,699 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\EXTRATO DIGISAT ATE JULHO 2012.pdf
[2012/11/09 14:09:52 | 011,934,054 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\CompEndeço.bmp
[2012/11/07 16:17:58 | 000,084,852 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\Relatório.pdf
[2012/11/05 23:00:50 | 001,371,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2012/11/03 13:11:43 | 000,000,025 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2012/11/01 23:04:06 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll
[2012/11/01 23:04:06 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2012/10/27 06:57:41 | 002,105,132 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\COMPROVANTE.pdf
[2012/10/13 14:35:55 | 000,001,705 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Presto! PVR.lnk
[2012/10/03 01:57:56 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2012/10/02 15:04:32 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\synceng.dll
[2012/10/02 15:04:32 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\synceng.dll
[2012/09/26 15:26:33 | 000,050,120 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL SETEMBRO.pdf
[2012/09/26 15:25:46 | 000,051,354 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL AGOSTO.pdf
[2012/09/26 15:18:39 | 000,050,298 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JULHO.pdf
[2012/09/26 15:12:33 | 000,050,311 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JUNHO.pdf
[2012/09/26 14:56:30 | 000,050,804 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL MAIO.pdf
[2012/09/25 16:00:13 | 000,000,907 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Max Impressão.lnk
[2012/09/22 08:37:30 | 000,002,206 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Emissor de Nota Fiscal Eletrônica (NF-e) 2.0.lnk
[2012/09/21 15:31:17 | 000,019,462 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil jul.pdf
[2012/09/21 15:30:27 | 000,020,737 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil ago.pdf
[2012/09/21 15:29:45 | 000,019,180 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil set.pdf
[2012/09/20 08:42:00 | 000,001,015 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\HP PrecisionScan LTX.lnk
[2012/09/03 19:32:40 | 000,010,265 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil.pdf
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Arquivos de programas\*.tmp files -> C:\Arquivos de programas\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/08/14 07:41:16 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/08/12 13:42:40 | 000,000,245 | ---- | C] () -- C:\Boot.bak
[2013/08/12 13:42:36 | 000,261,856 | RHS- | C] () -- C:\cmldr
[2013/08/12 08:43:11 | 000,002,003 | ---- | C] () -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\Norton Product Installer.lnk
[2013/08/12 08:43:11 | 000,001,997 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Norton Product Installer.lnk
[2013/08/07 14:48:04 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/08/05 10:56:29 | 000,666,633 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\adwcleaner.exe
[2013/08/02 08:07:10 | 000,001,924 | ---- | C] () -- C:\WINDOWS\tasks\Plus-HD-2.3-chromeinstaller.job
[2013/07/23 17:25:15 | 000,000,912 | ---- | C] () -- C:\WINDOWS\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2013/07/23 17:25:03 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\LyricXeeker Update.job
[2013/06/08 09:16:14 | 000,000,192 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\HP LaserJet P1005.lnk
[2013/05/24 13:15:48 | 001,674,683 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2013/05/24 13:15:48 | 000,001,023 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2013/04/10 11:25:00 | 000,006,779 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\carta.pdf
[2013/04/06 10:51:32 | 000,036,924 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Itau.pdf
[2013/04/04 09:27:50 | 000,117,287 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Portalex 2.jpg
[2013/04/04 09:26:09 | 000,462,353 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\portalex.png
[2013/04/03 11:16:40 | 000,056,410 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\pagam.pdf
[2013/04/02 10:20:21 | 000,208,406 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Temperminas.pdf
[2013/04/01 12:27:38 | 000,531,165 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\cielo.pdf
[2013/03/12 08:28:02 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio4.bmp
[2013/03/07 17:32:01 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio3.bmp
[2013/03/07 17:31:15 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio2.bmp
[2013/03/07 17:30:23 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio1.bmp
[2013/03/07 17:28:54 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio.bmp
[2013/02/07 11:51:24 | 000,000,481 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Notepad  IMPRESSO.lnk
[2013/02/05 13:19:03 | 000,104,107 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\orc2.jpg
[2013/02/05 13:14:04 | 000,138,445 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\orc1.jpg
[2013/01/29 09:34:27 | 000,013,467 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\caixa hoje.pdf
[2013/01/18 11:09:40 | 000,000,642 | -H-- | C] () -- C:\WINDOWS\tasks\Norton Product InstallerIdle.job
[2013/01/18 11:09:40 | 000,000,634 | ---- | C] () -- C:\WINDOWS\tasks\Norton Product Installer.job
[2012/12/07 13:40:38 | 000,111,595 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\PortaGenilson.pdf
[2012/11/23 07:44:29 | 000,458,136 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\tela tablet.pdf
[2012/11/12 08:17:48 | 000,129,828 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\156797.pdf
[2012/11/12 08:17:39 | 000,078,583 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\santander.pdf
[2012/11/10 14:35:24 | 000,051,354 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL AGOSTO.pdf
[2012/11/10 14:35:24 | 000,050,298 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JULHO.pdf
[2012/11/10 14:35:24 | 000,050,120 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL SETEMBRO.pdf
[2012/11/10 14:35:24 | 000,020,737 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil ago.pdf
[2012/11/10 14:35:24 | 000,019,462 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil jul.pdf
[2012/11/10 14:35:24 | 000,019,180 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil set.pdf
[2012/11/10 14:35:24 | 000,010,265 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil.pdf
[2012/11/10 14:35:23 | 000,050,804 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL MAIO.pdf
[2012/11/10 14:35:23 | 000,050,311 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JUNHO.pdf
[2012/11/10 14:30:07 | 000,053,699 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\EXTRATO DIGISAT ATE JULHO 2012.pdf
[2012/11/09 14:09:51 | 011,934,054 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\CompEndeço.bmp
[2012/11/09 14:07:20 | 000,025,823 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\comprovante_insc_KeD.pdf
[2012/11/07 16:17:57 | 000,084,852 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Relatório.pdf
[2012/11/05 08:48:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/11/05 08:48:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/10/27 08:32:43 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2012/10/27 06:57:37 | 002,105,132 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\COMPROVANTE.pdf
[2012/10/13 14:38:36 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\PsisRndr.ax
[2012/10/13 14:38:36 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/10/13 14:38:35 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2012/10/13 14:38:35 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/10/13 14:38:35 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\MSDvbNP.ax
[2012/10/13 14:38:35 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/10/13 14:35:55 | 000,001,705 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Presto! PVR.lnk
[2012/09/25 16:00:13 | 000,000,907 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Max Impressão.lnk
[2012/09/20 09:09:29 | 000,001,015 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\HP PrecisionScan LTX.lnk
[2012/09/20 08:41:55 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2012/09/20 08:41:54 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2012/02/13 20:02:07 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\keyfile3.drm
[2011/08/31 17:25:28 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2011/08/23 13:17:17 | 000,000,020 | ---- | C] () -- C:\WINDOWS\hppsapp.INI
[2011/05/09 13:06:35 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/08 09:19:04 | 000,040,960 | ---- | C] () -- C:\Arquivos de programas\Uninstall_CDS.exe
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2011/08/31 17:24:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 23:20:40 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:53:26 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 23:20:41 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/09/19 13:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Big Fish Games
[2013/07/23 17:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
[2013/03/06 13:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GAS Tecnologia
[2013/08/21 13:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin
[2011/05/09 09:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IM
[2011/05/09 09:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IncrediMail
[2012/09/17 13:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Lightcomm
[2012/09/17 12:51:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Oi
[2012/10/27 08:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCap Games
[2012/08/20 17:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCapY
[2013/08/07 09:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer
[2012/07/02 12:15:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\3M
[2013/07/23 17:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Dealply
[2012/09/19 17:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\EurekaLog
[2011/05/07 11:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Foxit
[2011/05/08 08:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Foxit Software
[2013/01/18 11:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\IDM
[2011/05/08 08:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Mikrotik
[2012/11/07 15:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\TeamViewer
[2013/08/07 16:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Web Cake
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 463 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst

< End of report >



EXTRAS


OTL Extras logfile created on: 21/8/2013 13:38:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Financeir\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
 
1013,42 Mb Total Physical Memory | 723,32 Mb Available Physical Memory | 71,37% Memory free
2,40 Gb Paging File | 1,81 Gb Available in Paging File | 75,51% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 107,21 Gb Free Space | 71,94% Space Free | Partition Type: NTFS
 
Computer Name: FINANCEIRO | User Name: Financeir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
[color=#E56717]========== Extra Registry (All) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Arquivos de programas\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Arquivos de programas\Java\jre6\bin\javaw.exe" = C:\Arquivos de programas\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\Financeir\Meus documentos\winbox.exe" = C:\Documents and Settings\Financeir\Meus documentos\winbox.exe:*:Enabled:winbox -- ()
"C:\Arquivos de programas\Google\Google Earth\client\googleearth.exe" = C:\Arquivos de programas\Google\Google Earth\client\googleearth.exe:*:Disabled:Google Earth -- (Google)
"C:\Arquivos de programas\Intelbras\Programador Modulare I e Corp\ProgramadorMC.exe" = C:\Arquivos de programas\Intelbras\Programador Modulare I e Corp\ProgramadorMC.exe:*:Enabled:ProgramadorMC -- ()
"C:\Arquivos de programas\Skype\Phone\Skype.exe" = C:\Arquivos de programas\Skype\Phone\Skype.exe:*:Enabled:Skype  -- (Skype Technologies S.A.)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1438B41C-658C-35B7-9253-780F2E0A0B8E}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ptb
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{20A15757-4AE4-3C82-9711-863C84AFE6AA}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{32603085-C839-4226-A1FD-BF8FAE0185CB}" = IncrediMail
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.441
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F31F3B5-C1FF-3708-8611-869DE39C0CB6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PTB
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{6347401C-C260-4B30-9816-8F5A1419CC49}" = SafeSign
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6FBA74BD-149F-4521-B921-FFCC84876864}" = Assistente de Instalação Certisign
"{85E0BA25-A5DE-4499-82C2-B4CE4F513E80}" = Cliente do Windows Rights Management com Service Pack 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110416-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edição 2003
"{90120000-0020-0416-0000-0000000FF1CE}" = Pacote de Compatibilidade para o sistema Office 2007
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9856CFCC-6805-4567-8142-A68CF5B25F4C}" = MySQL Connector/ODBC 3.51
"{98ADF875-648F-3E73-8F3B-010C2464C948}" = Microsoft .NET Framework 4 Extended PTB Language Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{B1FA73D8-AB79-3A2E-81AC-DBBAC155B2FE}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PTB
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BC0DCD27-345B-4013-A6E0-67EC92DF32C8}" = Presto! PVR
"{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}" = Web Cake 3.00
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{E29D8938-2E48-498C-832D-9663DCABD55F}" = Visual Basic for Applications (R) Core - Portuguese (Brazil)
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Compatibilidade com Versões Anteriores do Cliente do Windows Rights Management SP2
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}" = CorelDRAW Graphics Suite X5 - BR
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"BDE" = BDE
"CCleaner" = CCleaner
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Gemplus Smart Card Reader Tools" = Gemplus Smart Card Reader Tools
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"HP-LaserJet 1020 series" = LaserJet 1020 series
"ie8" = Windows Internet Explorer 8
"IncrediMail" = IncrediMail 2.0
"[hidden email]" = LyricXeeker
"Max Impressão" = Max Impressão 1.0
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - ptb" = Pacote de Idiomas do Microsoft .NET Framework 3.5 SP1 - PTB
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil)
"MiPony" = MiPony 1.5.0
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NVIDIA Drivers" = NVIDIA Drivers
"OrderReminder HP LaserJet 1020" = OrderReminder HP LaserJet 1020
"Plants vs. Zombies" = Plants vs. Zombies
"Plus-HD-2.3" = Plus-HD-2.3
"Programador Modulare I, Conecta, Corp 6000 e Corp 8000_is1" = Programador versão 2.53 para PABX Modulare I, Conecta, Corp 600
"programmeroi_is1" = Oi Velox
"PSN" = Post-it® Software Notes Lite
"VIVO INTERNET" = VIVO INTERNET
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dealply" = Dealply
"Emissor de Nota Fiscal Eletrônica (NF-e) 2.0" = Emissor de Nota Fiscal Eletrônica (NF-e) 2.0
"Google Chrome" = Google Chrome
"optimizer_chrome" = Widevine Media Optimizer Chrome 6.0.0
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 7/5/2013 15:43:38 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha , versão 0.0.0.0, endereço com falha 0x00000000.
 
Error - 11/5/2013 10:05:49 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha spider.exe, versão 5.1.2600.5512, módulo com 
falha unknown, versão 0.0.0.0, endereço com falha 0xf90d5e65.
 
Error - 24/5/2013 11:39:38 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha kernel32.dll, versão 5.1.2600.6293, endereço com falha 0x000658c0.
 
Error - 24/5/2013 11:48:27 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha kernel32.dll, versão 5.1.2600.6293, endereço com falha 0x000658c0.
 
[ System Events ]
Error - 15/8/2013 10:43:39 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 16/8/2013 06:27:43 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 16/8/2013 16:50:26 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 17/8/2013 06:37:11 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 19/8/2013 06:45:18 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 20/8/2013 06:23:33 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 20/8/2013 08:39:06 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 20/8/2013 10:39:06 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 20/8/2013 12:39:05 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 21/8/2013 06:19:50 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
 
< End of report >



Em 20 de agosto de 2013 19:46, Marcelo [via Fórum Tech Suporte] <[hidden email]> escreveu:
Oi, Diana

Nossa, peço perdão! Realmente havia me esquecido desse tópico.

Por favor, poste um novo log do OTL para eu conferir a situação atual do sistema.


Se você responder a este email, a sua mensagem será adicionada à discussão abaixo:
http://forum-tech-suporte.19081.x6.nabble.com/janelas-que-se-abrem-sozinhas-tp4983702p4983978.html
Para remover sua inscrição de janelas que se abrem sozinhas., clique aqui.
NAML

Responder | Em Árvore
Abra essa mensagem na visão em árvore
|

Re: janelas que se abrem sozinhas.

Marcelo
Administrador
Boa tarde, Diana!

Por favor, siga as instruções a seguir.

1ª Etapa


1) Dê um duplo clique no OTL para rodá-lo mais uma vez.
2) Clique no botãozinho azul chamado "Show rest of quote" (desse campo abaixo) para expandir o conteúdo do quote e copie todo o texto em vermelho (a partir de ":OTL" até "[emptytemp]"). Não deixe faltar nenhum caractere desse enorme script vermelho.

:OTL
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/08/01 21:13:06 | 000,051,992 | ---- | M] (cake bake) [Auto | Running] -- C:\Arquivos de programas\Web Cake\WebCakeDesktop.Updater.exe -- (WebCakeUpdater)
SRV - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [On_Demand | Stopped] -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe -- (dealplylivem)
SRV - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [Auto | Stopped] -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe -- (dealplylive)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ViaIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (perc2)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (mraid35x)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (i2omp)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (hpn)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (dac960nt)
DRV - File not found [Kernel | Disabled | Unknown] --  -- (dac2w2k)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (CmdIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (cd20xrnt)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Atdisk)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (AliIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Abiosdsk)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = <a href="http://search.live.com/results.aspx?q={searchTerms}&amp;src={referrer:source">http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ [binary data]
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;src=IE-SearchBox&amp;FORM=IE8SRC">http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;FORM=IE8SRC">http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{B3FD69ED-2469-4493-9F02-38212A7C3E72}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;form=MSNIE8&amp;pc=MSNIE8&amp;src=IE-SearchBox">http://www.bing.com/search?q={searchTerms}&form=MSNIE8&pc=MSNIE8&src=IE-SearchBox
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3: C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9: C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Dados de aplicativos\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/05/07 15:29:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[hidden email]: C:\Arquivos de programas\LyriXeeker\125.xpi [2013/07/23 17:25:42 | 000,007,064 | ---- | M] ()
CHR - homepage: http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\npbrowserext.dll
CHR - Extension: Web Assistant = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\
CHR - Extension: Web Cake = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0\
CHR - Extension: DealPly  Shopping = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.5.0.0_0\
CHR - Extension: LyricXeeker = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\odnofacmifkjndflfmmplhckcbfjckhj\1.125_0\
O2 - BHO: (no name) - {336D0C35-8A85-403a-B9D2-65C292C39087} - No CLSID value found.
O2 - BHO: (no name) - {DF89BC70-AC87-4A31-ACD5-7417E2CF1209} - No CLSID value found.
O4 - HKU\S-1-5-21-527237240-562591055-839522115-1003..\Run: [Facebook Update] C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
[2013/08/07 09:52:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Web Cake
[2013/08/07 09:52:29 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Web Cake
[2013/08/07 09:51:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer
[2013/08/05 12:44:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook
[2013/08/05 11:36:49 | 002,349,096 | ---- | C] (Banco do Brasil SA) -- C:\Documents and Settings\Financeir\Meus documentos\DiagnosticoBB.exe
[2013/08/02 08:07:08 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Plus-HD-2.3
[2013/07/23 17:25:42 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\LyriXeeker
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DealPlyLive
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\DealPlyLive
[2013/07/23 17:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Dealply
[2013/07/23 17:25:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\DealPly
[2013/08/02 08:07:10 | 000,001,924 | ---- | M] () -- C:\WINDOWS\tasks\Plus-HD-2.3-chromeinstaller.job
[2013/07/23 17:25:15 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2013/07/23 17:25:03 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\LyricXeeker Update.job
[2013/08/02 08:07:10 | 000,001,924 | ---- | C] () -- C:\WINDOWS\tasks\Plus-HD-2.3-chromeinstaller.job
[2013/07/23 17:25:15 | 000,000,912 | ---- | C] () -- C:\WINDOWS\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2013/07/23 17:25:03 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\LyricXeeker Update.job
[2013/07/23 17:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
[2013/08/07 09:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer
[2013/07/23 17:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Dealply
[2013/08/07 16:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Web Cake

:Files
C:\Arquivos de programas\Web Cake
C:\Arquivos de programas\DealPlyLive
C:\Arquivos de programas\Plus-HD-2.3
C:\Arquivos de programas\LyriXeeker

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1"=-
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}"=-
"{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}"=-
"[hidden email]"=-
"Plus-HD-2.3"=-
[HKEY_USERS\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dealply"=-

:Commands
[CREATERESTOREPOINT]
[purity]
[emptyjava]
[emptytemp]
3) Cole o conteúdo copiado na área inferior azul do programa chamada "Exames Personalizados/Correções".
4) Clique em Consertar e aguarde a ferramenta gerar o novo relatório. Poste em sua próxima resposta.

2ª Etapa


1) Execute o programa AdwCleaner que já está salvo em seu PC e clique no botão DELETE e OK.
2) Se pedir para reiniciar o PC, reinicie-o.
3) Ele vai criar um relatório em seu desktop.
4) Poste aqui para mim.

3ª Etapa


1) Baixe o ComboFix e salve na área de trabalho.
2) Dê um duplo clique no arquivo para abrir o programa.
3) Efetue o scan em seu computador seguindo as instruções desse tutorial oficial.
4) Ao término do scan, ele vai gerar um log. O mesmo estará salvo, por padrão, em C:\ComboFix.txt.

Em sua próxima resposta, cole os três relatórios, por gentileza.

OBS: Caso não consiga colar tudo no post, zipe eles e anexe eles em seu post ou upe-os no Pastebin.