Quantcast

janelas que se abrem sozinhas.

classic Clássica list Lista threaded Em Árvore
Travado 19 mensagens Opções
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

janelas que se abrem sozinhas.

Diana
Olá!
Encontrei no forum um assunto relacionado as janelas que se abrem sozinhas.
Meu pc abre janelas de propagandas, de jogos  e outras com se fossem pop-ups ( mesmo as pop-ups desligadas), mas agora tb abrem guias novas, e quando acesso um site como americanas, ele coloca janelas por cima de alguns itens, que te levam a outros sites.
Como sou crua no assunto preciso de ajuda.
Obrigada
Diana
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Diana
Segue arquivo otl


OTL logfile created on: 25/7/2013 16:04:12 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Financeir\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
 
1013,42 Mb Total Physical Memory | 218,39 Mb Available Physical Memory | 21,55% Memory free
2,40 Gb Paging File | 1,22 Gb Available in Paging File | 50,77% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 109,84 Gb Free Space | 73,70% Space Free | Partition Type: NTFS
Drive Z: | 19,07 Gb Total Space | 12,08 Gb Free Space | 63,33% Space Free | Partition Type: NTFS
 
Computer Name: FINANCEIRO | User Name: Financeir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 360 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2013/07/25 15:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL.exe
PRC - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe
PRC - [2013/07/15 11:23:42 | 000,409,640 | ---- | M] (GAS Tecnologia) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe
PRC - [2013/04/09 05:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
PRC - [2012/09/22 08:56:30 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe
PRC - [2009/07/24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/28 06:14:00 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2008/04/13 23:20:58 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/10/17 13:17:08 | 000,163,840 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetcrss1.exe
PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2013/05/16 08:44:40 | 013,136,776 | ---- | M] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll
MOD - [2013/04/09 05:57:07 | 000,390,096 | ---- | M] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\Application\26.0.1410.64\ppgooglenaclpluginchrome.dll
MOD - [2013/04/09 05:57:05 | 004,050,896 | ---- | M] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013/04/09 05:56:13 | 001,606,096 | ---- | M] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2011/03/02 12:40:52 | 000,140,288 | ---- | M] () -- C:\Arquivos de programas\WinRAR\RarExt.dll
MOD - [2009/11/05 08:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2008/04/13 23:20:33 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [On_Demand | Stopped] -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe -- (dealplylivem)
SRV - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [Auto | Stopped] -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe -- (dealplylive)
SRV - [2013/07/15 11:23:42 | 000,409,640 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\Arquivos de programas\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2012/09/22 08:56:30 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2009/07/24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2013/07/25 15:49:32 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (NdisrdMP)
DRV - [2013/07/25 15:49:32 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (Ndisrd)
DRV - [2013/07/01 08:37:46 | 000,046,904 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\gbpkm.sys -- (GbpKm)
DRV - [2011/01/14 04:06:40 | 000,277,352 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010/11/02 08:36:26 | 006,188,648 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009/11/17 20:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/17 20:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008/12/13 11:26:38 | 000,102,400 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/04/13 15:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2007/10/25 13:50:26 | 000,062,848 | ---- | M] (ASICEN) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AsicenUSBDTVBDA_DM011.sys -- (AsicenUSBDTV_DM011)
DRV - [2006/12/01 13:48:22 | 000,020,992 | ---- | M] (ASICEN) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AS11Loader.sys -- (AS11Loader)
DRV - [2004/06/28 10:06:26 | 000,061,840 | ---- | M] (Gemplus) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTwinUSB.sys -- (GTwinUSB)
DRV - [2003/12/05 06:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/10/16 10:44:04 | 000,082,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cyg_ser.sys -- (cyg_ser)
DRV - [2003/10/16 10:43:20 | 000,051,040 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cyg_bus.sys -- (cyg_bus)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
IE - HKLM\..\SearchScopes,DefaultScope = {FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://br.msn.com/
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ [binary data]
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes,DefaultScope = {FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{B3FD69ED-2469-4493-9F02-38212A7C3E72}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSNIE8&pc=MSNIE8&src=IE-SearchBox
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}: "URL" = http://www.google.pt/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_pt-BR
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Arquivos de programas\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3: C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9: C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Arquivos de programas\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Arquivos de programas\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.135\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.135\npGoogleUpdate3.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Dados de aplicativos\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/05/07 15:29:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Arquivos de programas\Web Assistant\Firefox [2012/06/04 15:39:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\lyrix@lyrixeeker.co: C:\Arquivos de programas\LyriXeeker\125.xpi [2013/07/23 17:25:42 | 000,007,064 | ---- | M] ()
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\npbrowserext.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Arquivos de programas\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Update\1.3.21.53\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Arquivos de programas\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Bejeweled = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Radio Do Brasil = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh\1.0.56_0\
CHR - Extension: Play Parole = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dfigpchbljbamamhkecemhceioapljbn\1.0_0\
CHR - Extension: Web Assistant = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\
CHR - Extension: Fruit Ninja = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\eofdejdahdbbmnibkpgbfknnpbhpbcad\1.6_0\
CHR - Extension: Voicenote - fala em texto. = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfmldhibfm\2.4.22_0\
CHR - Extension: Bubble Shooter-HD = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.2.0_0\
CHR - Extension: Pursuit of Hat = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\jepniedfbdhmplhbjffedeomcaopopob\1.1_0\
CHR - Extension: Hatsune Miku = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\kigfdicgjnpjkhbnngdfgjfffmdaonfg\2_0\
CHR - Extension: Super Stacker 2 = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\klemmckdcnieolllgjgbniaeehggmano\3.0_0\
CHR - Extension: Crackle Brazil = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\lflobbippdgfecmbdgjdejahlimggpef\1.0.0_0\
CHR - Extension: Poppit = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Editor de HQs = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mhfajnocemhaofoiejdekipegedfeeni\1.4_0\
CHR - Extension: DealPly  Shopping = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.5.0.0_0\
CHR - Extension: Mahjong Solitaire = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\neojceinbonpjjcokpokpeobkhcpiloc\1.0.0.2_0\
CHR - Extension: Gomoku = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nhhdgipkbgjblbgjlbakfffjbffpdblo\1.0.11_0\
CHR - Extension: LyricXeeker = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\odnofacmifkjndflfmmplhckcbfjckhj\1.125_0\
CHR - Extension: Psykopaint = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\
CHR - Extension: Psykopaint = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\.bak
 
O1 HOSTS File: ([2012/12/05 13:59:59 | 000,000,774 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (ssh2 Class) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll (Scopus Tecnologia Ltda)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Arquivos de programas\Web Assistant\Extension32.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {DF89BC70-AC87-4A31-ACD5-7417E2CF1209} - No CLSID value found.
O3 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [CertificateRegistration] C:\WINDOWS\System32\aetcrss1.exe (A.E.T. Europe B.V.)
O4 - HKLM..\Run: [gemstrmw] C:\WINDOWS\System32\gemstrmw.exe (Gemplus)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKU\S-1-5-21-527237240-562591055-839522115-1003..\Run: [SpybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [SymInstallStub] C:\WINDOWS\System32\Adobe\Shockwave 11\SymInstallStub.exe (Symantec Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Google Sidewiki... - C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www14] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www2] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancoreal.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancosantander.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancosantander.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bb.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([imagem] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([internetbanking] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([internetbanking] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([bankline] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([guardiao] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([www2] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([wwws] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([wwws] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santander.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santander.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santanderempresarial.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santanderempresarial.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws2] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws2] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernetibe.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernetibe.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: secureweb.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: secureweb.com.br ([www] https in Sites confiáveis)
O16 - DPF: {2DEF4530-8CE6-41C9-84B6-A54536C90213} http://cob.bancovw.com.br/viewer9/activeXViewer/activexviewer.cab (Crystal Report Viewer Control 9)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1304768064948 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1307534482359 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} https://imagem.caixa.gov.br/cab/GBPDIST2K.CAB (GbpDistObj Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39F8FD3D-2667-4A1F-94A7-26E219669948}: NameServer = 192.168.1.254
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKU\S-1-5-21-527237240-562591055-839522115-1003 Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginAbn: DllName - (C:\Arquivos de programas\GbPlugin\gbiehAbn.dll) - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Arquivos de programas\GbPlugin\gbieh.dll) - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\Arquivos de programas\GbPlugin\gbiehCef.dll) - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\Arquivos de programas\GbPlugin\gbiehUni.dll) - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O22 - SharedTaskScheduler: {A3717295-941D-416F-9384-ED1736729F1C} - scpLIB - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O24 - Desktop WallPaper: C:\Documents and Settings\Financeir\Meus documentos\Minhas imagens\mhb.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Financeir\Meus documentos\Minhas imagens\mhb.bmp
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/03/08 12:19:42 | 000,000,021 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2012/08/22 17:35:08 | 000,000,021 | ---- | M] () - Z:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2b07deea-95e4-11e1-92c0-001fd0fef641}\Shell - "" = AutoRun
O33 - MountPoints2\{2b07deea-95e4-11e1-92c0-001fd0fef641}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{64998505-7fac-11e0-983c-001fd0fef641}\Shell - "" = AutoRun
O33 - MountPoints2\{64998505-7fac-11e0-983c-001fd0fef641}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{64998507-7fac-11e0-983c-001fd0fef641}\Shell - "" = AutoRun
O33 - MountPoints2\{64998507-7fac-11e0-983c-001fd0fef641}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b65734b8-f8d9-11e0-91f7-001fd0fef641}\Shell - "" = AutoRun
O33 - MountPoints2\{b65734b8-f8d9-11e0-91f7-001fd0fef641}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 360 Days ==========[/color]
 
[2013/07/25 15:54:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL.exe
[2013/07/25 11:23:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Financeir\Recent
[2013/07/23 17:25:42 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\LyriXeeker
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DealPlyLive
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\DealPlyLive
[2013/07/23 17:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Dealply
[2013/07/23 17:25:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\DealPly
[2013/07/23 17:25:05 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\DealPly
[2013/05/24 13:15:48 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxCoIn_v5218.dll
[2013/05/24 12:23:40 | 000,024,576 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\gemstrmw.exe
[2013/05/24 12:23:21 | 000,061,840 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\drivers\GTwinUSB.sys
[2013/05/24 12:23:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Gemplus
[2013/05/24 12:09:41 | 000,000,000 | ---D | C] -- C:\database
[2013/05/22 09:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Lucano
[2013/05/21 08:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\Escaneamentos
[2013/05/04 10:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\cielo extratos
[2013/04/26 15:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Cao
[2013/04/15 09:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\trix.therebels.tonybennett.duets2.2012
[2013/03/05 09:56:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\GAS Tecnologia
[2013/01/28 14:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\CATALOGOS
[2013/01/28 14:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Atalhos para produtos em vidro temperado
[2013/01/18 11:55:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2013/01/18 11:51:16 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/01/18 11:07:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2013/01/16 13:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\IDM
[2012/11/07 15:44:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\TeamViewer
[2012/11/06 02:04:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\MSXML 4.0
[2012/11/06 02:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Silverlight
[2012/11/01 15:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\PopCap Games
[2012/10/27 08:23:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCap Games
[2012/10/25 15:01:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/10/13 14:42:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Newsoft
[2012/10/13 14:36:21 | 000,020,992 | ---- | C] (ASICEN) -- C:\WINDOWS\System32\drivers\AS11Loader.sys
[2012/10/13 14:36:11 | 000,062,848 | ---- | C] (ASICEN) -- C:\WINDOWS\System32\drivers\AsicenUSBDTVBDA_DM011.sys
[2012/10/13 14:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\InstallShield
[2012/10/13 14:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\NewSoft
[2012/10/13 14:35:36 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\NewSoft
[2012/10/13 14:35:32 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\NewSoft
[2012/09/28 11:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\FORMULARIO MHB
[2012/09/25 16:00:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\Max Impressão
[2012/09/25 16:00:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Maxprint
[2012/09/22 08:57:00 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Java
[2012/09/22 08:56:53 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/09/22 08:56:39 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/09/21 14:10:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Sun
[2012/09/20 17:26:45 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012/09/20 13:25:49 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Silverlight
[2012/09/20 08:42:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\HP PrecisionScan LTX
[2012/09/20 08:41:55 | 000,350,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltkrn70n.dll
[2012/09/20 08:41:55 | 000,118,784 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpsjvset.dll
[2012/09/20 08:41:55 | 000,111,104 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpng70n.dll
[2012/09/20 08:41:55 | 000,093,184 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lftif70n.dll
[2012/09/20 08:41:55 | 000,055,296 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltfil70n.DLL
[2012/09/20 08:41:55 | 000,035,328 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffpx70n.dll
[2012/09/20 08:41:55 | 000,032,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfgif70n.dll
[2012/09/20 08:41:55 | 000,032,768 | ---- | C] (Hewlett-Packard, GHC) -- C:\WINDOWS\System32\hpgreg32.dll
[2012/09/20 08:41:55 | 000,032,768 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpsj32.dll
[2012/09/20 08:41:55 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcx70n.dll
[2012/09/20 08:41:54 | 000,667,648 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\ipeistor12.dll
[2012/09/20 08:41:54 | 000,331,776 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\ipebase12.dll
[2012/09/20 08:41:54 | 000,224,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LFCMP70n.DLL
[2012/09/20 08:41:54 | 000,077,824 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\ipeapi12.dll
[2012/09/20 08:41:54 | 000,055,808 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffax70n.dll
[2012/09/19 17:18:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\EurekaLog
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Oi
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Oi
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Lightcomm
[2012/09/17 12:51:41 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Oi
[2012/09/08 16:54:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\CyberLink
[2012/09/08 16:54:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\CyberLink
[2012/08/20 17:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCapY
[2012/08/20 11:04:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\PopCap Games
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 360 Days ==========[/color]
 
[2013/07/25 15:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL.exe
[2013/07/25 15:49:32 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) -- C:\WINDOWS\System32\drivers\GbpNdisrd.sys
[2013/07/25 15:43:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/07/25 11:04:29 | 000,001,997 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Norton Product Installer.lnk
[2013/07/25 11:04:10 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/07/25 10:03:57 | 000,000,642 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Product InstallerIdle.job
[2013/07/25 10:03:57 | 000,000,634 | ---- | M] () -- C:\WINDOWS\tasks\Norton Product Installer.job
[2013/07/25 09:05:18 | 000,209,696 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/24 15:41:38 | 000,001,080 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG
[2013/07/23 17:25:15 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2013/07/23 17:25:03 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\LyricXeeker Update.job
[2013/07/11 14:21:01 | 000,000,020 | ---- | M] () -- C:\WINDOWS\hppsapp.INI
[2013/07/01 08:58:00 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/07/01 08:37:46 | 000,046,904 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\System32\drivers\gbpkm.sys
[2013/06/08 09:16:14 | 000,000,192 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\HP LaserJet P1005.lnk
[2013/06/04 07:31:31 | 000,010,266 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndisrd.cat
[2013/06/04 07:31:31 | 000,003,641 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndisrd.inf
[2013/06/04 07:31:31 | 000,001,814 | ---- | M] () -- C:\WINDOWS\System32\drivers\ndisrd_m.inf
[2013/06/04 07:31:31 | 000,001,402 | ---- | M] () -- C:\WINDOWS\System32\drivers\gas.cer
[2013/05/16 13:08:13 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1006Core1ce524f91476a96.job
[2013/05/07 12:49:21 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1003Core1ce4b3a709f5680.job
[2013/04/11 07:45:58 | 000,002,444 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Google Chrome.lnk
[2013/04/10 10:15:31 | 000,006,779 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\carta.pdf
[2013/04/09 13:09:42 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/06 10:51:38 | 000,036,924 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Itau.pdf
[2013/04/04 11:14:11 | 000,000,421 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2013/04/04 09:27:50 | 000,117,287 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\Portalex 2.jpg
[2013/04/04 09:26:12 | 000,462,353 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\portalex.png
[2013/04/03 11:16:41 | 000,056,410 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\pagam.pdf
[2013/04/02 10:20:24 | 000,208,406 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Temperminas.pdf
[2013/04/01 12:27:44 | 000,531,165 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\cielo.pdf
[2013/03/26 07:49:11 | 000,536,692 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat
[2013/03/26 07:49:11 | 000,501,962 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/03/26 07:49:11 | 000,097,690 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat
[2013/03/26 07:49:11 | 000,087,398 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/03/12 08:28:02 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio4.bmp
[2013/03/07 17:32:01 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio3.bmp
[2013/03/07 17:31:15 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio2.bmp
[2013/03/07 17:30:23 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio1.bmp
[2013/03/07 17:28:55 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio.bmp
[2013/02/05 13:19:32 | 000,104,107 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\orc2.jpg
[2013/02/05 13:14:33 | 000,138,445 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\orc1.jpg
[2013/01/29 09:34:28 | 000,013,467 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\caixa hoje.pdf
[2012/12/16 09:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2012/12/16 09:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2012/12/07 13:39:05 | 000,111,595 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\PortaGenilson.pdf
[2012/12/05 13:59:59 | 000,000,774 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/11/23 07:44:31 | 000,458,136 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\tela tablet.pdf
[2012/11/12 08:07:05 | 000,078,583 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\santander.pdf
[2012/11/12 07:07:41 | 000,129,828 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\156797.pdf
[2012/11/10 14:30:10 | 000,053,699 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\EXTRATO DIGISAT ATE JULHO 2012.pdf
[2012/11/09 14:09:52 | 011,934,054 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\CompEndeço.bmp
[2012/11/07 16:17:58 | 000,084,852 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\Relatório.pdf
[2012/11/03 13:11:43 | 000,000,025 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2012/10/27 06:57:41 | 002,105,132 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\COMPROVANTE.pdf
[2012/10/13 14:35:55 | 000,001,705 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Presto! PVR.lnk
[2012/09/26 15:26:33 | 000,050,120 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL SETEMBRO.pdf
[2012/09/26 15:25:46 | 000,051,354 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL AGOSTO.pdf
[2012/09/26 15:18:39 | 000,050,298 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JULHO.pdf
[2012/09/26 15:12:33 | 000,050,311 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JUNHO.pdf
[2012/09/26 14:56:30 | 000,050,804 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL MAIO.pdf
[2012/09/25 16:00:13 | 000,000,907 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Max Impressão.lnk
[2012/09/22 08:56:31 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/09/22 08:56:30 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/09/22 08:56:30 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/09/22 08:56:30 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/09/22 08:56:30 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/09/22 08:56:29 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012/09/22 08:56:29 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012/09/22 08:37:30 | 000,002,206 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Emissor de Nota Fiscal Eletrônica (NF-e) 2.0.lnk
[2012/09/21 15:31:17 | 000,019,462 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil jul.pdf
[2012/09/21 15:30:27 | 000,020,737 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil ago.pdf
[2012/09/21 15:29:45 | 000,019,180 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil set.pdf
[2012/09/20 08:42:00 | 000,001,015 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\HP PrecisionScan LTX.lnk
[2012/09/03 19:32:40 | 000,010,265 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil.pdf
[2012/08/24 16:46:04 | 000,000,622 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Atalho para ESQ.BAT.lnk
[2012/08/07 15:57:47 | 000,000,003 | ---- | M] () -- C:\WINDOWS\System32\keyboard1.idx
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/07/25 11:04:29 | 000,002,003 | ---- | C] () -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\Norton Product Installer.lnk
[2013/07/25 11:04:29 | 000,001,997 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Norton Product Installer.lnk
[2013/07/23 17:25:15 | 000,000,912 | ---- | C] () -- C:\WINDOWS\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2013/07/23 17:25:03 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\LyricXeeker Update.job
[2013/06/08 09:16:14 | 000,000,192 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\HP LaserJet P1005.lnk
[2013/05/24 13:15:48 | 001,674,683 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2013/05/24 13:15:48 | 000,001,023 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2013/05/16 13:08:13 | 000,001,120 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1006Core1ce524f91476a96.job
[2013/05/07 12:49:21 | 000,001,132 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1003Core1ce4b3a709f5680.job
[2013/04/22 12:44:47 | 000,010,266 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndisrd.cat
[2013/04/22 12:44:47 | 000,003,641 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndisrd.inf
[2013/04/22 12:44:47 | 000,001,814 | ---- | C] () -- C:\WINDOWS\System32\drivers\ndisrd_m.inf
[2013/04/22 12:44:47 | 000,001,402 | ---- | C] () -- C:\WINDOWS\System32\drivers\gas.cer
[2013/04/10 11:25:00 | 000,006,779 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\carta.pdf
[2013/04/06 10:51:32 | 000,036,924 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Itau.pdf
[2013/04/04 09:27:50 | 000,117,287 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Portalex 2.jpg
[2013/04/04 09:26:09 | 000,462,353 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\portalex.png
[2013/04/03 11:16:40 | 000,056,410 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\pagam.pdf
[2013/04/02 10:20:21 | 000,208,406 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Temperminas.pdf
[2013/04/01 12:27:38 | 000,531,165 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\cielo.pdf
[2013/03/12 08:28:02 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio4.bmp
[2013/03/07 17:32:01 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio3.bmp
[2013/03/07 17:31:15 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio2.bmp
[2013/03/07 17:30:23 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio1.bmp
[2013/03/07 17:28:54 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio.bmp
[2013/02/07 11:51:24 | 000,000,481 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Notepad  IMPRESSO.lnk
[2013/02/05 13:19:03 | 000,104,107 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\orc2.jpg
[2013/02/05 13:14:04 | 000,138,445 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\orc1.jpg
[2013/01/29 09:34:27 | 000,013,467 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\caixa hoje.pdf
[2013/01/18 11:09:40 | 000,000,642 | -H-- | C] () -- C:\WINDOWS\tasks\Norton Product InstallerIdle.job
[2013/01/18 11:09:40 | 000,000,634 | ---- | C] () -- C:\WINDOWS\tasks\Norton Product Installer.job
[2012/12/07 13:40:38 | 000,111,595 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\PortaGenilson.pdf
[2012/11/23 07:44:29 | 000,458,136 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\tela tablet.pdf
[2012/11/12 08:17:48 | 000,129,828 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\156797.pdf
[2012/11/12 08:17:39 | 000,078,583 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\santander.pdf
[2012/11/10 14:35:24 | 000,051,354 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL AGOSTO.pdf
[2012/11/10 14:35:24 | 000,050,298 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JULHO.pdf
[2012/11/10 14:35:24 | 000,050,120 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL SETEMBRO.pdf
[2012/11/10 14:35:24 | 000,020,737 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil ago.pdf
[2012/11/10 14:35:24 | 000,019,462 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil jul.pdf
[2012/11/10 14:35:24 | 000,019,180 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil set.pdf
[2012/11/10 14:35:24 | 000,010,265 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil.pdf
[2012/11/10 14:35:23 | 000,050,804 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL MAIO.pdf
[2012/11/10 14:35:23 | 000,050,311 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JUNHO.pdf
[2012/11/10 14:30:07 | 000,053,699 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\EXTRATO DIGISAT ATE JULHO 2012.pdf
[2012/11/09 14:09:51 | 011,934,054 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\CompEndeço.bmp
[2012/11/09 14:07:20 | 000,025,823 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\comprovante_insc_KeD.pdf
[2012/11/07 16:17:57 | 000,084,852 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Relatório.pdf
[2012/11/05 08:48:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/11/05 08:48:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/10/27 08:32:43 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2012/10/27 06:57:37 | 002,105,132 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\COMPROVANTE.pdf
[2012/10/13 14:38:36 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\PsisRndr.ax
[2012/10/13 14:38:36 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/10/13 14:38:35 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2012/10/13 14:38:35 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/10/13 14:38:35 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\MSDvbNP.ax
[2012/10/13 14:38:35 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/10/13 14:35:55 | 000,001,705 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Presto! PVR.lnk
[2012/09/25 16:00:13 | 000,000,907 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Max Impressão.lnk
[2012/09/20 09:09:29 | 000,001,015 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\HP PrecisionScan LTX.lnk
[2012/09/20 08:41:55 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2012/09/20 08:41:54 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2012/08/24 16:44:30 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Atalho para ESQ.BAT.lnk
[2012/02/13 20:02:07 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\keyfile3.drm
[2011/08/31 17:25:28 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2011/08/23 13:17:17 | 000,000,020 | ---- | C] () -- C:\WINDOWS\hppsapp.INI
[2011/05/09 13:06:35 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/08 09:19:04 | 000,040,960 | ---- | C] () -- C:\Arquivos de programas\Uninstall_CDS.exe
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2011/08/31 17:24:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 23:20:40 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:53:26 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 23:20:41 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/09/19 13:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Big Fish Games
[2013/07/23 17:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
[2013/03/06 13:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GAS Tecnologia
[2013/07/25 10:02:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin
[2011/05/09 09:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IM
[2011/05/09 09:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IncrediMail
[2012/09/17 13:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Lightcomm
[2012/09/17 12:51:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Oi
[2012/10/27 08:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCap Games
[2012/08/20 17:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCapY
[2012/07/02 12:15:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\3M
[2013/07/23 17:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Dealply
[2012/09/19 17:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\EurekaLog
[2011/05/07 11:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Foxit
[2011/05/08 08:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Foxit Software
[2013/01/18 11:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\IDM
[2011/05/08 08:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Mikrotik
[2012/11/07 15:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\TeamViewer
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 514 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:70216A94_Uni.gbp
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:70216A94_Cef.gbp
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:70216A94_Bb.gbp
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:70216A94_Abn.gbp

< End of report >
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Diana
E o Extra


OTL Extras logfile created on: 25/7/2013 16:04:12 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Financeir\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
 
1013,42 Mb Total Physical Memory | 218,39 Mb Available Physical Memory | 21,55% Memory free
2,40 Gb Paging File | 1,22 Gb Available in Paging File | 50,77% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 109,84 Gb Free Space | 73,70% Space Free | Partition Type: NTFS
Drive Z: | 19,07 Gb Total Space | 12,08 Gb Free Space | 63,33% Space Free | Partition Type: NTFS
 
Computer Name: FINANCEIRO | User Name: Financeir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 360 Days
 
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Arquivos de programas\Java\jre6\bin\javaw.exe" = C:\Arquivos de programas\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\Financeir\Meus documentos\winbox.exe" = C:\Documents and Settings\Financeir\Meus documentos\winbox.exe:*:Enabled:winbox -- ()
"E:\Arquivos de programas\IncrediMail\Bin\IncMail.exe" = E:\Arquivos de programas\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail
"C:\Arquivos de programas\Google\Google Earth\client\googleearth.exe" = C:\Arquivos de programas\Google\Google Earth\client\googleearth.exe:*:Disabled:Google Earth -- (Google)
"C:\Arquivos de programas\Intelbras\Programador Modulare I e Corp\ProgramadorMC.exe" = C:\Arquivos de programas\Intelbras\Programador Modulare I e Corp\ProgramadorMC.exe:*:Enabled:ProgramadorMC -- ()
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1438B41C-658C-35B7-9253-780F2E0A0B8E}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ptb
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{20A15757-4AE4-3C82-9711-863C84AFE6AA}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{32603085-C839-4226-A1FD-BF8FAE0185CB}" = IncrediMail
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.441
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F31F3B5-C1FF-3708-8611-869DE39C0CB6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PTB
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{6347401C-C260-4B30-9816-8F5A1419CC49}" = SafeSign
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6FBA74BD-149F-4521-B921-FFCC84876864}" = Assistente de Instalação Certisign
"{85E0BA25-A5DE-4499-82C2-B4CE4F513E80}" = Cliente do Windows Rights Management com Service Pack 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110416-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edição 2003
"{90120000-0020-0416-0000-0000000FF1CE}" = Pacote de Compatibilidade para o sistema Office 2007
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9856CFCC-6805-4567-8142-A68CF5B25F4C}" = MySQL Connector/ODBC 3.51
"{98ADF875-648F-3E73-8F3B-010C2464C948}" = Microsoft .NET Framework 4 Extended PTB Language Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{B1FA73D8-AB79-3A2E-81AC-DBBAC155B2FE}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PTB
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BC0DCD27-345B-4013-A6E0-67EC92DF32C8}" = Presto! PVR
"{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{E29D8938-2E48-498C-832D-9663DCABD55F}" = Visual Basic for Applications (R) Core - Portuguese (Brazil)
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Compatibilidade com Versões Anteriores do Cliente do Windows Rights Management SP2
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}" = CorelDRAW Graphics Suite X5 - BR
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"BDE" = BDE
"CCleaner" = CCleaner
"CutePDF Writer Installation" = CutePDF Writer 2.8
"DealPly" = DealPly (remove only)
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Gemplus Smart Card Reader Tools" = Gemplus Smart Card Reader Tools
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"HP PrecisionScan LTX" = HP PrecisionScan LTX
"HP-LaserJet 1020 series" = LaserJet 1020 series
"ie8" = Windows Internet Explorer 8
"IncrediMail" = IncrediMail 2.0
"lyrix@lyrixeeker.co" = LyricXeeker
"Max Impressão" = Max Impressão 1.0
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - ptb" = Pacote de Idiomas do Microsoft .NET Framework 3.5 SP1 - PTB
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil)
"MiPony" = MiPony 1.5.0
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NVIDIA Drivers" = NVIDIA Drivers
"OrderReminder HP LaserJet 1020" = OrderReminder HP LaserJet 1020
"Plants vs. Zombies" = Plants vs. Zombies
"Programador Modulare I, Conecta, Corp 6000 e Corp 8000_is1" = Programador versão 2.53 para PABX Modulare I, Conecta, Corp 600
"programmeroi_is1" = Oi Velox
"PSN" = Post-it® Software Notes Lite
"VIVO INTERNET" = VIVO INTERNET
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dealply" = Dealply
"Emissor de Nota Fiscal Eletrônica (NF-e) 2.0" = Emissor de Nota Fiscal Eletrônica (NF-e) 2.0
"Google Chrome" = Google Chrome
"optimizer_chrome" = Widevine Media Optimizer Chrome 6.0.0
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 25/2/2013 12:09:48 | Computer Name = FINANCEIRO | Source = MsiInstaller | ID = 10005
Description = Produto: Java 7 Update 15 -- Erro interno 2755. 1624, C:\Documents
 and Settings\Financeir\Dados de aplicativos\Sun\Java\jre1.7.0_15\jre1.7.0_15-c.msi
 
Error - 26/3/2013 06:46:57 | Computer Name = FINANCEIRO | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
 
Error - 26/3/2013 07:22:57 | Computer Name = FINANCEIRO | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
 
Error - 28/3/2013 11:38:20 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha digisat.exe, versão 1.0.2.3, módulo com falha
 gbieh.dll, versão 4.0.0.44, endereço com falha 0x000aa796.
 
Error - 7/5/2013 15:43:38 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha , versão 0.0.0.0, endereço com falha 0x00000000.
 
Error - 11/5/2013 10:05:49 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha spider.exe, versão 5.1.2600.5512, módulo com
falha unknown, versão 0.0.0.0, endereço com falha 0xf90d5e65.
 
Error - 24/5/2013 11:39:38 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha kernel32.dll, versão 5.1.2600.6293, endereço com falha 0x000658c0.
 
Error - 24/5/2013 11:48:27 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha kernel32.dll, versão 5.1.2600.6293, endereço com falha 0x000658c0.
 
Error - 13/6/2013 12:42:21 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha hpipcopy.exe, versão 3.2.0.0, módulo com falha
 hpipcopy.exe, versão 3.2.0.0, endereço com falha 0x000171e6.
 
[ System Events ]
Error - 25/7/2013 09:02:59 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 25/7/2013 09:03:48 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 25/7/2013 09:22:56 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10005
Description = Erro "%1058" no DCOM na tentativa de iniciar o serviço wuauserv com
 argumentos ""  para iniciar o servidor:  {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error - 25/7/2013 09:23:06 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10005
Description = Erro "%1058" no DCOM na tentativa de iniciar o serviço wuauserv com
 argumentos ""  para iniciar o servidor:  {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error - 25/7/2013 09:23:06 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10005
Description = Erro "%1058" no DCOM na tentativa de iniciar o serviço wuauserv com
 argumentos ""  para iniciar o servidor:  {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error - 25/7/2013 09:23:27 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10005
Description = Erro "%1058" no DCOM na tentativa de iniciar o serviço wuauserv com
 argumentos ""  para iniciar o servidor:  {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error - 25/7/2013 10:03:47 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 25/7/2013 10:19:13 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 25/7/2013 10:20:06 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 25/7/2013 14:43:22 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
 
< End of report >
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Marcelo
Administrador
Em resposta à esta mensagem postada por Diana
Boa tarde, Diana!

Como nos outros casos, essas janelas podem estar sendo provocadas pelos adwares ou trojans (ambas infecções presentes em sua máquina).

1. Baixe o AdwCleaner e salve no desktop.
2. Dê um duplo clique no programa e clique em Delete e OK.
3. Se pedir para reiniciar o PC, reinicie-o.

Ele vai criar um relatório em seu desktop.

Poste aqui para mim.

Veja se as janelas irão cessar.
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Diana
Olá, bom dia.
Desculpe-me a demora em retornar.

Fiz o solicitado e gerou o seguinte relatorio:


 AdwCleaner v2.306 - Relatório criado em 05/08/2013 às 11:07:49
# Atualizado em 19/07/2013 por Xplode
# Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits)
# Usuário : Financeir - FINANCEIRO
# Modo de Boot : Normal
# Executado de : C:\Documents and Settings\Financeir\Desktop\adwcleaner.exe
# Opção [Verificar]


***** [Serviços] *****


***** [Arquivos/Pastas] *****

Arquivo Encontrado : C:\WINDOWS\tasks\Plus-HD-2.3-chromeinstaller.job
Pasta Encontrado : C:\Arquivos de programas\DealPly
Pasta Encontrado : C:\Arquivos de programas\DealPlyLive
Pasta Encontrado : C:\Arquivos de programas\Plus-HD-2.3
Pasta Encontrado : C:\Arquivos de programas\Web Assistant
Pasta Encontrado : C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
Pasta Encontrado : C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\APN
Pasta Encontrado : C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DealPlyLive
Pasta Encontrado : C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Pasta Encontrado : C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf
Pasta Encontrado : C:\Documents and Settings\Financeir\Dados de aplicativos\DealPly
Pasta Encontrado : C:\Documents and Settings\Financeir\Menu Iniciar\Programas\DealPly

***** [Registro] *****

Chave Encontrada : HKCU\Software\Crossrider
Chave Encontrada : HKCU\Software\DealPly
Chave Encontrada : HKCU\Software\IM
Chave Encontrada : HKCU\Software\ImInstaller
Chave Encontrada : HKCU\Software\InstallCore
Chave Encontrada : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Chave Encontrada : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Encontrada : HKCU\Software\Softonic
Chave Encontrada : HKCU\Software\Web Assistant
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Chave Encontrada : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{AE48ED75-5A56-4C5F-BBCE-6F1AC3875F66}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Chave Encontrada : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc
Chave Encontrada : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc.1.0
Chave Encontrada : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Chave Encontrada : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Chave Encontrada : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Chave Encontrada : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Chave Encontrada : HKLM\Software\Conduit
Chave Encontrada : HKLM\Software\DealPly
Chave Encontrada : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Chave Encontrada : HKLM\Software\Iminent
Chave Encontrada : HKLM\Software\ImInstaller
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Chave Encontrada : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Chave Encontrada : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Chave Encontrada : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Chave Encontrada : HKLM\Software\Web Assistant
Chave Encontrada : HKU\S-1-5-21-527237240-562591055-839522115-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Valor Encontrada : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Valor Encontrada : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Navegadores] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registro está limpo.

-\\ Google Chrome v28.0.1500.95

Arquivo : C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Preferences

[OK] Arquivo está limpo.

*************************

AdwCleaner[R1].txt - [9695 octets] - [05/08/2013 11:07:49]

########## EOF - C:\AdwCleaner[R1].txt - [9755 octets] ##########



Em 26 de julho de 2013 12:55, Marcelo [via Fórum Tech Suporte] <[hidden email]> escreveu:
Boa tarde, Diana!

Como nos outros casos, essas janelas podem estar sendo provocadas pelos adwares ou trojans (ambas infecções presentes em sua máquina).

1. Baixe o AdwCleaner e salve no desktop.
2. Execute-o como administradora e clique em Delete e OK.
3. Se pedir para reiniciar o PC, reinicie-o.

Ele vai criar um relatório em seu desktop.

Poste aqui para mim.

Veja se as janelas irão cessar.


Se você responder a este email, a sua mensagem será adicionada à discussão abaixo:
http://forum-tech-suporte.19081.x6.nabble.com/janelas-que-se-abrem-sozinhas-tp4983702p4983715.html
Para remover sua inscrição de janelas que se abrem sozinhas., clique aqui.
NAML

Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Marcelo
Administrador
Olá,

O problema ainda ocorre?
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Diana
Olá!

Ainda ocorre sim.
Agora abre guias no Chrome, e em varios sites ( inclusive no google), janelas com gids animados de propagandas.

Diana


Em 6 de agosto de 2013 02:19, Marcelo [via Fórum Tech Suporte] <[hidden email]> escreveu:
Olá,

O problema ainda ocorre?


Se você responder a este email, a sua mensagem será adicionada à discussão abaixo:
http://forum-tech-suporte.19081.x6.nabble.com/janelas-que-se-abrem-sozinhas-tp4983702p4983767.html
Para remover sua inscrição de janelas que se abrem sozinhas., clique aqui.
NAML

Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Diana
por favor de uma olhada no print da pagina:

Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Marcelo
Administrador
Olá, Diana

Não há print na página.

Por favor, faça um novo log do OTL e poste aqui.
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Diana
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Diana
Em resposta à esta mensagem postada por Marcelo
o relatorio otl

OTL logfile created on: 8/8/2013 08:58:57 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Financeir\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
 
1013,42 Mb Total Physical Memory | 745,09 Mb Available Physical Memory | 73,52% Memory free
2,40 Gb Paging File | 1,87 Gb Available in Paging File | 78,25% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 109,04 Gb Free Space | 73,16% Space Free | Partition Type: NTFS
 
Computer Name: FINANCEIRO | User Name: Financeir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
[color=#E56717]========== Processes (All) ==========[/color]
 
PRC - [2013/08/05 13:14:26 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\FacebookUpdate.exe
PRC - [2013/08/01 21:13:06 | 000,051,992 | ---- | M] (cake bake) -- C:\Arquivos de programas\Web Cake\WebCakeDesktop.Updater.exe
PRC - [2013/07/25 15:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL.exe
PRC - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe
PRC - [2013/07/15 11:23:42 | 000,409,640 | ---- | M] (GAS Tecnologia) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe
PRC - [2012/09/22 08:56:30 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe
PRC - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe
PRC - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
PRC - [2010/11/02 08:36:02 | 019,580,520 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2010/08/17 10:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010/01/13 11:46:36 | 000,166,912 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2010/01/13 11:46:14 | 000,135,680 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2010/01/13 11:46:02 | 000,243,712 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2009/07/24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
PRC - [2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/28 06:14:00 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2008/04/13 23:21:23 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [RPCSS]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [NETWORKSERVICE]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [NETSVCS]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [LOCALSERVICE]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [LOCALSERVICE]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [IMGSVC]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [DCOMLAUNCH]
PRC - [2008/04/13 23:21:19 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008/04/13 23:21:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scardsvr.exe
PRC - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008/04/13 23:20:58 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/13 23:20:54 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008/04/13 23:20:53 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008/04/13 23:20:46 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007/10/17 13:17:08 | 000,163,840 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetcrss1.exe
PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
 
 
[color=#E56717]========== Modules (All) ==========[/color]
 
MOD - [2013/08/05 13:14:26 | 000,686,960 | ---- | M] (Facebook Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\1.2.205.0\goopdate.dll
MOD - [2013/08/05 13:14:26 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\FacebookUpdate.exe
MOD - [2013/08/01 21:13:06 | 000,051,992 | ---- | M] (cake bake) -- C:\Arquivos de programas\Web Cake\WebCakeDesktop.Updater.exe
MOD - [2013/07/30 07:47:08 | 000,853,896 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\goopdate.dll
MOD - [2013/07/25 15:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL.exe
MOD - [2013/07/23 17:25:11 | 000,818,208 | ---- | M] (DealPly Technologies Ltd) -- C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\goopdate.dll
MOD - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe
MOD - [2013/07/15 11:23:42 | 000,409,640 | ---- | M] (GAS Tecnologia) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe
MOD - [2013/07/15 11:23:20 | 001,410,088 | ---- | M] (Banco do Brasil) -- C:\Arquivos de programas\GbPlugin\gbieh.dll
MOD - [2013/06/28 16:33:54 | 001,529,976 | ---- | M] (Banco Real) -- C:\Arquivos de programas\GbPlugin\gbiehabn.dll
MOD - [2013/06/10 14:36:28 | 001,396,792 | ---- | M] (Banco Itaú Unibanco) -- C:\Arquivos de programas\GbPlugin\gbiehuni.dll
MOD - [2013/01/10 02:24:19 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\f43e890d874ef521aba51f76f64cd97b\System.ServiceProcess.ni.dll
MOD - [2013/01/10 02:24:10 | 000,141,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\5f287bf8e66e3b9bfc5562ad7e3c7857\System.Configuration.Install.ni.dll
MOD - [2013/01/10 02:18:50 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013/01/10 02:18:38 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2012/12/26 12:03:38 | 001,652,584 | ---- | M] (Caixa Economica Federal) -- C:\Arquivos de programas\GbPlugin\gbiehcef.dll
MOD - [2012/11/01 16:42:30 | 011,111,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
MOD - [2012/11/01 09:12:29 | 002,000,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2012/11/01 09:12:29 | 001,212,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2012/11/01 09:12:29 | 000,916,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2012/11/01 09:12:29 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\jsproxy.dll
MOD - [2012/10/09 17:27:00 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
MOD - [2012/10/03 05:44:30 | 000,364,640 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MOD - [2012/10/03 01:57:56 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2012/09/22 08:56:30 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Java\jre7\bin\msvcr100.dll
MOD - [2012/09/22 08:56:30 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe
MOD - [2012/08/31 04:40:10 | 005,915,744 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2012/08/24 10:53:14 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2012/07/06 10:58:41 | 000,337,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2012/07/06 10:58:41 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2012/06/08 11:25:19 | 008,492,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2012/06/04 01:32:08 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2012/06/01 13:49:14 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2012/05/14 06:22:35 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2012/02/29 11:09:51 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2012/02/09 12:43:21 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
MOD - [2012/01/28 12:20:49 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2011/11/16 11:21:43 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2011/11/01 13:07:09 | 001,288,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2011/10/14 11:47:16 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2011/09/26 10:41:20 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2011/06/02 17:15:35 | 000,798,872 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\1.3.21.57\goopdate.dll
MOD - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe
MOD - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
MOD - [2011/03/03 03:54:38 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2011/02/08 10:33:34 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2010/12/22 09:34:17 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2010/12/20 14:32:04 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2010/12/20 14:25:43 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2010/12/09 12:15:17 | 000,734,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2010/11/19 09:03:24 | 000,415,056 | ---- | M] (Scopus Tecnologia Ltda.) -- C:\Arquivos de programas\Scpad\scpMIB.dll
MOD - [2010/11/09 11:52:35 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2010/11/02 08:36:02 | 019,580,520 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
MOD - [2010/08/27 02:53:36 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2010/08/23 13:12:00 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2010/08/23 13:11:58 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/08/17 10:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2010/08/16 05:44:59 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2010/03/18 16:47:22 | 000,030,040 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
MOD - [2010/03/18 16:47:22 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\aspnet_counters.dll
MOD - [2010/03/18 13:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr100_clr0400.dll
MOD - [2010/03/18 13:16:28 | 000,413,008 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2010/03/18 13:16:28 | 000,129,880 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
MOD - [2010/03/18 13:16:28 | 000,121,688 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
MOD - [2010/03/18 10:09:00 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll
MOD - [2010/03/18 10:09:00 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll
MOD - [2010/01/26 21:50:50 | 000,212,328 | ---- | M] (Corel Corporation) -- c:\Arquivos de programas\Arquivos comuns\Corel\Shared\Shell Extension\ShellXP.dll
MOD - [2010/01/26 21:50:48 | 000,619,880 | ---- | M] (Corel Corporation) -- c:\Arquivos de programas\Arquivos comuns\Corel\Shared\Shell Extension\FileInfoProvider.dll
MOD - [2010/01/13 11:48:58 | 000,289,280 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxrptb.lrc
MOD - [2010/01/13 11:46:36 | 000,166,912 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
MOD - [2010/01/13 11:46:14 | 000,135,680 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
MOD - [2010/01/13 11:46:04 | 000,051,712 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.dll
MOD - [2010/01/13 11:46:02 | 000,243,712 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
MOD - [2010/01/13 11:45:38 | 000,093,696 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll
MOD - [2010/01/13 11:45:32 | 000,205,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxdev.dll
MOD - [2009/12/08 06:24:25 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009/11/05 08:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2009/10/13 07:34:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2009/10/12 10:39:20 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2009/10/12 10:39:19 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2009/09/11 11:19:14 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2009/09/04 18:04:39 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2009/07/27 20:17:42 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2009/07/24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
MOD - [2009/07/17 16:03:29 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2009/07/17 13:17:04 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2009/07/10 11:52:50 | 000,202,032 | ---- | M] (Scopus Tecnologia Ltda) -- C:\Arquivos de programas\Scpad\scpLIB.dll
MOD - [2009/06/25 05:27:14 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009/06/25 05:27:14 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2009/06/10 03:15:45 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2009/03/08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2009/03/06 11:20:30 | 000,286,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2009/02/09 07:53:26 | 000,683,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009/02/09 07:53:26 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2009/02/09 07:53:26 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2009/02/09 07:53:25 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
MOD - [2009/01/26 15:30:58 | 001,287,000 | ---- | M] (Safer Networking Limited) -- C:\Arquivos de programas\Spybot - Search & Destroy\advcheck.dll
MOD - [2009/01/07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2008/10/23 09:37:45 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008/07/29 12:10:46 | 000,265,720 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\msdbg2.dll
MOD - [2008/07/29 12:10:46 | 000,136,184 | ---- | M] (Microsoft Corporation) -- c:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\csm.dll
MOD - [2008/07/26 00:58:48 | 000,096,768 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\pt-BR\ShFusRes.dll
MOD - [2008/07/25 10:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
MOD - [2008/07/25 10:17:02 | 000,027,136 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
MOD - [2008/07/25 10:17:00 | 000,118,784 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\shfusion.dll
MOD - [2008/07/25 10:17:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
MOD - [2008/07/25 10:16:58 | 000,018,936 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\fusion.dll
MOD - [2008/07/25 10:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
MOD - [2008/07/07 17:28:46 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2008/07/06 09:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
MOD - [2008/06/24 13:43:36 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2008/06/20 13:03:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2008/06/12 11:22:42 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2008/06/12 11:22:42 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2008/06/12 11:22:42 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2008/05/19 05:33:20 | 004,445,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2008/04/28 06:14:02 | 001,251,840 | ---- | M] (Hewlett-Packard ) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006U.DLL
MOD - [2008/04/28 06:14:02 | 000,293,888 | ---- | M] (Hewlett-Packard ) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\HP1006S.DLL
MOD - [2008/04/28 06:14:02 | 000,284,160 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\HP1006LM.DLL
MOD - [2008/04/28 06:14:02 | 000,225,280 | ---- | M] (Hewlett-Packard ) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006C.DLL
MOD - [2008/04/28 06:14:02 | 000,082,944 | ---- | M] (Hewlett-Packard ) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006L.DLL
MOD - [2008/04/28 06:14:00 | 000,039,424 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MT.DLL
MOD - [2008/04/28 06:14:00 | 000,006,144 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MP.DLL
MOD - [2008/04/13 23:21:27 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2008/04/13 23:21:27 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2008/04/13 23:21:27 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008/04/13 23:21:27 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2008/04/13 23:21:27 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2008/04/13 23:21:27 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2008/04/13 23:21:27 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2008/04/13 23:21:27 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2008/04/13 23:21:23 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2008/04/13 23:21:19 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2008/04/13 23:20:58 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2008/04/13 23:20:54 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2008/04/13 23:20:46 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2008/04/13 23:20:46 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2008/04/13 23:20:44 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008/04/13 23:20:44 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008/04/13 23:20:44 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008/04/13 23:20:44 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2008/04/13 23:20:44 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008/04/13 23:20:43 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2008/04/13 23:20:43 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Media Player\wmpband.dll
MOD - [2008/04/13 23:20:43 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2008/04/13 23:20:43 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2008/04/13 23:20:42 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll
MOD - [2008/04/13 23:20:42 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008/04/13 23:20:42 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2008/04/13 23:20:42 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2008/04/13 23:20:42 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/13 23:20:42 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2008/04/13 23:20:42 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2008/04/13 23:20:41 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2008/04/13 23:20:41 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2008/04/13 23:20:41 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2008/04/13 23:20:41 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2008/04/13 23:20:41 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2008/04/13 23:20:40 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2008/04/13 23:20:40 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008/04/13 23:20:40 | 000,714,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2008/04/13 23:20:40 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008/04/13 23:20:40 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2008/04/13 23:20:40 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2008/04/13 23:20:40 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2008/04/13 23:20:40 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2008/04/13 23:20:40 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2008/04/13 23:20:40 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008/04/13 23:20:40 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2008/04/13 23:20:40 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2008/04/13 23:20:40 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2008/04/13 23:20:40 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2008/04/13 23:20:40 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2008/04/13 23:20:40 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2008/04/13 23:20:40 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2008/04/13 23:20:40 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2008/04/13 23:20:40 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdmat.dll
MOD - [2008/04/13 23:20:40 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2008/04/13 23:20:40 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008/04/13 23:20:40 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2008/04/13 23:20:40 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2008/04/13 23:20:40 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2008/04/13 23:20:40 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2008/04/13 23:20:40 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vdmdbg.dll
MOD - [2008/04/13 23:20:40 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shfolder.dll
MOD - [2008/04/13 23:20:40 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008/04/13 23:20:40 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2008/04/13 23:20:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2008/04/13 23:20:40 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2008/04/13 23:20:40 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2008/04/13 23:20:40 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2008/04/13 23:20:39 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2008/04/13 23:20:39 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008/04/13 23:20:39 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2008/04/13 23:20:39 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2008/04/13 23:20:38 | 000,673,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2008/04/13 23:20:38 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2008/04/13 23:20:38 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2008/04/13 23:20:38 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasqec.dll
MOD - [2008/04/13 23:20:38 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2008/04/13 23:20:38 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2008/04/13 23:20:38 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2008/04/13 23:20:37 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll
MOD - [2008/04/13 23:20:37 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2008/04/13 23:20:37 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2008/04/13 23:20:37 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2008/04/13 23:20:37 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008/04/13 23:20:37 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2008/04/13 23:20:37 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008/04/13 23:20:37 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qutil.dll
MOD - [2008/04/13 23:20:37 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2008/04/13 23:20:37 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2008/04/13 23:20:37 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2008/04/13 23:20:37 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2008/04/13 23:20:37 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2008/04/13 23:20:37 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2008/04/13 23:20:37 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2008/04/13 23:20:37 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2008/04/13 23:20:37 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2008/04/13 23:20:37 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008/04/13 23:20:37 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2008/04/13 23:20:37 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2008/04/13 23:20:37 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2008/04/13 23:20:37 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2008/04/13 23:20:37 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2008/04/13 23:20:36 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2008/04/13 23:20:36 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2008/04/13 23:20:36 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2008/04/13 23:20:34 | 000,629,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2008/04/13 23:20:34 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008/04/13 23:20:34 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2008/04/13 23:20:34 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008/04/13 23:20:34 | 000,278,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstask.dll
MOD - [2008/04/13 23:20:34 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2008/04/13 23:20:34 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2008/04/13 23:20:34 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2008/04/13 23:20:34 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2008/04/13 23:20:34 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2008/04/13 23:20:34 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2008/04/13 23:20:34 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2008/04/13 23:20:34 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2008/04/13 23:20:33 | 001,000,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2008/04/13 23:20:32 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008/04/13 23:20:32 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\modemui.dll
MOD - [2008/04/13 23:20:32 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2008/04/13 23:20:32 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008/04/13 23:20:32 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2008/04/13 23:20:31 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2008/04/13 23:20:31 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2008/04/13 23:20:30 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2008/04/13 23:20:30 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ksuser.dll
MOD - [2008/04/13 23:20:28 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2008/04/13 23:20:28 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2008/04/13 23:20:28 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2008/04/13 23:20:28 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008/04/13 23:20:28 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008/04/13 23:20:28 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2008/04/13 23:20:28 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2008/04/13 23:20:27 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2008/04/13 23:20:26 | 001,092,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2008/04/13 23:20:26 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
MOD - [2008/04/13 23:20:26 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2008/04/13 23:20:26 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008/04/13 23:20:26 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2008/04/13 23:20:26 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2008/04/13 23:20:26 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2008/04/13 23:20:26 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eapolqec.dll
MOD - [2008/04/13 23:20:26 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2008/04/13 23:20:25 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2008/04/13 23:20:25 | 000,023,552 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2008/04/13 23:20:25 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll
MOD - [2008/04/13 23:20:25 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
MOD - [2008/04/13 23:20:24 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2008/04/13 23:20:24 | 001,025,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2008/04/13 23:20:24 | 000,821,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008/04/13 23:20:24 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2008/04/13 23:20:24 | 000,528,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2008/04/13 23:20:24 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008/04/13 23:20:24 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2008/04/13 23:20:24 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008/04/13 23:20:24 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2008/04/13 23:20:24 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2008/04/13 23:20:24 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2008/04/13 23:20:24 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2008/04/13 23:20:24 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2008/04/13 23:20:24 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2008/04/13 23:20:24 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2008/04/13 23:20:24 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2008/04/13 23:20:24 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2008/04/13 23:20:24 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2008/04/13 23:20:24 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2008/04/13 23:20:24 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2008/04/13 23:20:24 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2008/04/13 23:20:24 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2008/04/13 23:20:24 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2008/04/13 23:20:23 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
MOD - [2008/04/13 23:20:23 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2008/04/13 23:20:23 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2008/04/13 23:20:23 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008/04/13 23:20:23 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2008/04/13 23:20:22 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acadproc.dll
MOD - [2008/04/13 23:19:55 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2008/04/13 23:19:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/13 23:18:53 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2008/04/13 23:18:31 | 000,545,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hhctrl.ocx
MOD - [2008/04/13 23:18:05 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2008/04/13 19:20:42 | 000,995,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008/04/13 15:35:38 | 002,945,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2008/04/13 14:37:57 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2008/04/13 14:37:57 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2008/04/13 13:23:31 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2007/10/24 12:56:42 | 000,737,280 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetpkss1.dll
MOD - [2007/10/18 13:06:18 | 000,077,824 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetsprov.dll
MOD - [2007/10/17 15:28:24 | 000,023,552 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aettask.dll
MOD - [2007/10/17 13:17:08 | 000,163,840 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetcrss1.exe
MOD - [2007/08/29 16:06:10 | 000,106,496 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZSPOOL.DLL
MOD - [2007/07/13 18:39:24 | 000,057,344 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\ZIMFPRNT.DLL
MOD - [2007/07/13 18:39:24 | 000,053,248 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZTAG.DLL
MOD - [2007/07/13 18:39:22 | 000,061,440 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZIMF.DLL
MOD - [2007/07/13 18:39:00 | 000,135,168 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\WINDOWS\system32\CP1215LM.DLL
MOD - [2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
MOD - [2007/04/09 13:23:54 | 000,028,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mdimon.dll
MOD - [2007/03/28 09:54:29 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2006/03/02 09:00:00 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui2.dll
MOD - [2006/03/02 09:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netmsg.dll
MOD - [2006/03/02 09:00:00 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiavusd.dll
MOD - [2006/03/02 09:00:00 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mui\0016\hhctrlui.dll
MOD - [2006/03/02 09:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2006/03/02 09:00:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprui.dll
MOD - [2006/03/02 09:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2006/03/02 09:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2006/03/02 09:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2006/03/02 09:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasctrs.dll
MOD - [2006/03/02 09:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2006/03/02 09:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2006/03/02 09:00:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2006/03/02 09:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2005/03/18 10:18:56 | 000,086,016 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZLhp1020.dll
MOD - [2005/03/18 10:18:56 | 000,049,152 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\IMFPRINT.DLL
MOD - [2005/03/18 10:18:56 | 000,028,672 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\zlm.dll
MOD - [2005/03/18 10:18:56 | 000,028,672 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\IMF32.DLL
MOD - [2005/03/18 10:18:56 | 000,024,576 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZTAG32.DLL
MOD - [2004/08/04 01:45:28 | 001,483,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\shdocvw.dll
MOD - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
MOD - [2003/06/11 15:21:38 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\1046\MDMUI.DLL
MOD - [2003/03/18 20:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll
MOD - [2003/02/21 04:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll
MOD - [2003/02/21 04:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
 
 
[color=#E56717]========== Services (All) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/08/01 21:13:06 | 000,051,992 | ---- | M] (cake bake) [Auto | Running] -- C:\Arquivos de programas\Web Cake\WebCakeDesktop.Updater.exe -- (WebCakeUpdater)
SRV - [2013/07/25 09:40:44 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Arquivos de programas\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [On_Demand | Stopped] -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe -- (dealplylivem)
SRV - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [Auto | Stopped] -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe -- (dealplylive)
SRV - [2013/07/15 11:23:42 | 000,409,640 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\Arquivos de programas\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2012/09/22 08:56:30 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/06 10:58:41 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2011/05/07 15:29:08 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe -- (gupdatem)
SRV - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe -- (gupdate)
SRV - [2010/08/27 02:53:36 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2010/08/17 10:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009/07/27 20:17:42 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2009/07/27 20:17:42 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/07/27 20:17:42 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2009/07/24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/06/10 03:15:45 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
SRV - [2009/04/20 14:19:39 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2009/02/09 07:53:26 | 000,683,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2009/02/09 07:53:26 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2009/02/09 07:53:26 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
SRV - [2008/07/29 20:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/07/29 18:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/25 10:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/07 17:28:46 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008/06/20 13:03:40 | 000,247,808 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2008/05/19 00:57:42 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 23:21:24 | 000,126,464 | ---- | M] (Microsoft Corporation) [Boot | Stopped] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2008/04/13 23:21:22 | 000,292,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 23:21:21 | 000,073,728 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2008/04/13 23:21:21 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS)
SRV - [2008/04/13 23:21:18 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008/04/13 23:21:17 | 000,142,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2008/04/13 23:21:17 | 000,099,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2008/04/13 23:21:11 | 000,113,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/13 23:21:11 | 000,113,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/13 23:21:09 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2008/04/13 23:21:07 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 23:21:04 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator)
SRV - [2008/04/13 23:21:02 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/13 23:20:56 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 23:20:55 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 23:20:55 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2008/04/13 23:20:51 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008/04/13 23:20:51 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
SRV - [2008/04/13 23:20:46 | 000,483,840 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008/04/13 23:20:46 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2008/04/13 23:20:46 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/13 23:20:45 | 000,006,656 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 23:20:44 | 000,080,896 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2008/04/13 23:20:43 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/13 23:20:42 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/13 23:20:41 | 000,176,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2008/04/13 23:20:41 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2008/04/13 23:20:41 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/13 23:20:40 | 000,296,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/13 23:20:40 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 23:20:40 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 23:20:40 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2008/04/13 23:20:40 | 000,171,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 23:20:40 | 000,090,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2008/04/13 23:20:40 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008/04/13 23:20:40 | 000,039,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008/04/13 23:20:40 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 23:20:38 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2008/04/13 23:20:38 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2008/04/13 23:20:37 | 000,437,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 23:20:37 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2008/04/13 23:20:37 | 000,292,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent)
SRV - [2008/04/13 23:20:37 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 23:20:37 | 000,038,400 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/13 23:20:34 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/04/13 23:20:34 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN)
SRV - [2008/04/13 23:20:34 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/13 23:20:32 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/13 23:20:30 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc)
SRV - [2008/04/13 23:20:30 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 23:20:28 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/13 23:20:26 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2008/04/13 23:20:26 | 000,023,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008/04/13 23:20:25 | 000,133,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/13 23:20:25 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 23:20:24 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/04/13 23:20:24 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 23:20:24 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/13 23:20:23 | 000,172,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
SRV - [2008/04/13 23:20:23 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2007/06/28 13:43:00 | 000,155,716 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2006/03/02 09:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)
SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
[color=#E56717]========== Driver Services (All) ==========[/color]
 
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ViaIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (perc2)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (mraid35x)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (i2omp)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (hpn)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (dac960nt)
DRV - File not found [Kernel | Disabled | Unknown] --  -- (dac2w2k)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (CmdIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (cd20xrnt)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Atdisk)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (AliIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Abiosdsk)
DRV - [2013/08/08 07:28:57 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (NdisrdMP)
DRV - [2013/08/08 07:28:57 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (Ndisrd)
DRV - [2013/07/01 08:37:46 | 000,046,904 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\gbpkm.sys -- (GbpKm)
DRV - [2012/07/04 11:05:20 | 000,139,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2011/08/17 10:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\afd.sys -- (AFD)
DRV - [2011/07/15 10:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2011/07/08 11:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2011/04/21 10:37:43 | 000,105,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2011/02/17 10:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2011/01/14 04:06:40 | 000,277,352 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010/11/02 12:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2010/11/02 08:36:26 | 006,188,648 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2010/01/13 12:18:36 | 001,730,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2009/11/17 20:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/17 20:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/10/20 13:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/06/24 08:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2008/12/13 11:26:38 | 000,102,400 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/06/20 08:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/04/13 23:21:49 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/13 23:21:49 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/13 23:21:48 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/13 23:02:36 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)
DRV - [2008/04/13 23:02:31 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 23:02:29 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008/04/13 23:02:24 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008/04/13 22:59:07 | 000,153,984 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/13 22:59:00 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 22:58:35 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 22:58:03 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/04/13 22:57:13 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/04/13 22:55:20 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2008/04/13 22:55:19 | 000,053,504 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 22:53:17 | 000,058,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/13 22:53:00 | 000,053,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 22:52:42 | 000,044,672 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/13 22:50:10 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 22:50:05 | 000,188,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008/04/13 22:50:05 | 000,030,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/13 16:28:39 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 16:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/13 16:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 16:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/13 16:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008/04/13 16:19:43 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008/04/13 16:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/13 16:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 16:15:55 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 16:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 16:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 16:14:21 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 15:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 15:57:27 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 15:57:21 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 15:57:15 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/13 15:57:07 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 15:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/13 15:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/13 15:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 15:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 15:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/13 15:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008/04/13 15:51:25 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 15:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/13 15:46:26 | 000,085,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NABTSFEC.sys -- (NABTSFEC)
DRV - [2008/04/13 15:46:24 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC)
DRV - [2008/04/13 15:46:24 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CCDECODE.sys -- (CCDECODE)
DRV - [2008/04/13 15:46:24 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SLIP.sys -- (SLIP)
DRV - [2008/04/13 15:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StreamIP.sys -- (streamip)
DRV - [2008/04/13 15:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/04/13 15:46:22 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NdisIP.sys -- (NdisIP)
DRV - [2008/04/13 15:46:20 | 000,121,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbvideo.sys -- (usbvideo)
DRV - [2008/04/13 15:45:40 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/04/13 15:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2008/04/13 15:45:37 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/13 15:45:35 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/13 15:45:35 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/04/13 15:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/04/13 15:45:27 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (hidusb)
DRV - [2008/04/13 15:45:13 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 15:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio)
DRV - [2008/04/13 15:45:09 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/13 15:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/13 15:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/13 15:45:01 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic)
DRV - [2008/04/13 15:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 15:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/13 15:40:49 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 15:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 15:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008/04/13 15:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 15:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008/04/13 15:40:25 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/13 15:40:25 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 15:40:12 | 000,015,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum)
DRV - [2008/04/13 15:39:53 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/13 15:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 15:39:51 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 15:39:50 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE)
DRV - [2008/04/13 15:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 15:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/13 15:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 15:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 15:32:59 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2008/04/13 15:32:51 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 15:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 15:32:39 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/13 15:32:39 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/13 15:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 13:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008/04/13 13:39:16 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008/04/13 13:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/10/25 13:50:26 | 000,062,848 | ---- | M] (ASICEN) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AsicenUSBDTVBDA_DM011.sys -- (AsicenUSBDTV_DM011)
DRV - [2007/06/28 13:43:00 | 006,807,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/12/01 13:48:22 | 000,020,992 | ---- | M] (ASICEN) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AS11Loader.sys -- (AS11Loader)
DRV - [2006/03/02 09:00:00 | 000,125,824 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2006/03/02 09:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2006/03/02 09:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2006/03/02 09:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2006/03/02 09:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2006/03/02 09:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2006/03/02 09:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2006/03/02 09:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2006/03/02 09:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2006/03/02 09:00:00 | 000,011,904 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2006/03/02 09:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2006/03/02 09:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2006/03/02 09:00:00 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2006/03/02 09:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2006/03/02 09:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2006/03/02 09:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2006/03/02 09:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2006/03/02 09:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2006/03/02 09:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2006/03/02 09:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)
DRV - [2004/06/28 10:06:26 | 000,061,840 | ---- | M] (Gemplus) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTwinUSB.sys -- (GTwinUSB)
DRV - [2003/12/05 06:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/10/16 10:44:04 | 000,082,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cyg_ser.sys -- (cyg_ser)
DRV - [2003/10/16 10:43:20 | 000,051,040 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cyg_bus.sys -- (cyg_bus)
DRV - [2001/09/05 23:17:14 | 000,003,456 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2001/08/17 18:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
 
 
[color=#E56717]========== Standard Registry (All) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = <a href="http://search.live.com/results.aspx?q={searchTerms}&amp;src={referrer:source">http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}: "URL" = <a href="http://www.google.com/search?q={searchTerms}&amp;rls=com.microsoft:{language}:{referrer:source?}&amp;ie={inputEncoding}&amp;oe={outputEncoding}&amp;sourceid=ie7">http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://br.msn.com/
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ [binary data]
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.asp
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes,DefaultScope = {FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;src=IE-SearchBox&amp;FORM=IE8SRC">http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;FORM=IE8SRC">http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{B3FD69ED-2469-4493-9F02-38212A7C3E72}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;form=MSNIE8&amp;pc=MSNIE8&amp;src=IE-SearchBox">http://www.bing.com/search?q={searchTerms}&form=MSNIE8&pc=MSNIE8&src=IE-SearchBox
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}: "URL" = <a href="http://www.google.pt/search?q={searchTerms}&amp;rls=com.microsoft:{language}:{referrer:source?}&amp;ie={inputEncoding}&amp;oe={outputEncoding}&amp;sourceid=ie7&amp;rlz=1I7GGHP_pt-BR">http://www.google.pt/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_pt-BR
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Arquivos de programas\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3: C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9: C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Arquivos de programas\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Arquivos de programas\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Dados de aplicativos\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/05/07 15:29:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2012/11/06 02:25:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Arquivos de programas\Web Assistant\Firefox [2012/06/04 15:39:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[hidden email]: C:\Arquivos de programas\LyriXeeker\125.xpi [2013/07/23 17:25:42 | 000,007,064 | ---- | M] ()
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\npbrowserext.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Arquivos de programas\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Update\1.3.21.53\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Arquivos de programas\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Bejeweled = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Radio Do Brasil = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh\1.0.56_0\
CHR - Extension: Play Parole = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dfigpchbljbamamhkecemhceioapljbn\1.0_0\
CHR - Extension: Web Assistant = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\
CHR - Extension: Fruit Ninja = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\eofdejdahdbbmnibkpgbfknnpbhpbcad\1.6_0\
CHR - Extension: Web Cake = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0\
CHR - Extension: Voicenote - fala em texto. = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfmldhibfm\2.4.22_0\
CHR - Extension: Bubble Shooter-HD = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.2.0_0\
CHR - Extension: Pursuit of Hat = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\jepniedfbdhmplhbjffedeomcaopopob\1.1_0\
CHR - Extension: Hatsune Miku = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\kigfdicgjnpjkhbnngdfgjfffmdaonfg\2_0\
CHR - Extension: Super Stacker 2 = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\klemmckdcnieolllgjgbniaeehggmano\3.0_0\
CHR - Extension: Crackle Brazil = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\lflobbippdgfecmbdgjdejahlimggpef\1.0.0_0\
CHR - Extension: Poppit = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Editor de HQs = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mhfajnocemhaofoiejdekipegedfeeni\1.4_0\
CHR - Extension: DealPly  Shopping = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.5.0.0_0\
CHR - Extension: Mahjong Solitaire = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\neojceinbonpjjcokpokpeobkhcpiloc\1.0.0.2_0\
CHR - Extension: Gomoku = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nhhdgipkbgjblbgjlbakfffjbffpdblo\1.0.11_0\
CHR - Extension: LyricXeeker = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\odnofacmifkjndflfmmplhckcbfjckhj\1.125_0\
CHR - Extension: Psykopaint = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\
CHR - Extension: Psykopaint = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\.bak
 
O1 HOSTS File: ([2012/12/05 13:59:59 | 000,000,774 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (ssh2 Class) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll (Scopus Tecnologia Ltda)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Arquivos de programas\Web Assistant\Extension32.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {DF89BC70-AC87-4A31-ACD5-7417E2CF1209} - No CLSID value found.
O3 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\Toolbar\ShellBrowser: (E&ndereço) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [CertificateRegistration] C:\WINDOWS\System32\aetcrss1.exe (A.E.T. Europe B.V.)
O4 - HKLM..\Run: [gemstrmw] C:\WINDOWS\System32\gemstrmw.exe (Gemplus)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-527237240-562591055-839522115-1003..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-527237240-562591055-839522115-1003..\Run: [Facebook Update] C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-527237240-562591055-839522115-1003..\Run: [Google Update] C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\S-1-5-21-527237240-562591055-839522115-1003..\Run: [SpybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [SymInstallStub] C:\WINDOWS\System32\Adobe\Shockwave 11\SymInstallStub.exe (Symantec Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de programas\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www14] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www2] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancoreal.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancosantander.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancosantander.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bb.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([imagem] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([internetbanking] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([internetbanking] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([bankline] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([guardiao] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([www2] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([wwws] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([wwws] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santander.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santander.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santanderempresarial.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santanderempresarial.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws2] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws2] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernetibe.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernetibe.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: secureweb.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: secureweb.com.br ([www] https in Sites confiáveis)
O16 - DPF: {2DEF4530-8CE6-41C9-84B6-A54536C90213} http://cob.bancovw.com.br/viewer9/activeXViewer/activexviewer.cab (Crystal Report Viewer Control 9)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1304768064948 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1307534482359 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} https://imagem.caixa.gov.br/cab/GBPDIST2K.CAB (GbpDistObj Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39F8FD3D-2667-4A1F-94A7-26E219669948}: NameServer = 192.168.1.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - HKU\S-1-5-21-527237240-562591055-839522115-1003 Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginAbn: DllName - (C:\Arquivos de programas\GbPlugin\gbiehAbn.dll) - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Arquivos de programas\GbPlugin\gbieh.dll) - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\Arquivos de programas\GbPlugin\gbiehCef.dll) - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\Arquivos de programas\GbPlugin\gbiehUni.dll) - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Pré-carregador Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Daemon de cache de categorias de componente - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {A3717295-941D-416F-9384-ED1736729F1C} - scpLIB - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O24 - Desktop WallPaper: C:\Documents and Settings\Financeir\Meus documentos\Minhas imagens\mhb.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Financeir\Meus documentos\Minhas imagens\mhb.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/03/08 12:19:42 | 000,000,021 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{2b07deea-95e4-11e1-92c0-001fd0fef641}\Shell - "" = AutoRun
O33 - MountPoints2\{2b07deea-95e4-11e1-92c0-001fd0fef641}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{64998505-7fac-11e0-983c-001fd0fef641}\Shell - "" = AutoRun
O33 - MountPoints2\{64998505-7fac-11e0-983c-001fd0fef641}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{64998507-7fac-11e0-983c-001fd0fef641}\Shell - "" = AutoRun
O33 - MountPoints2\{64998507-7fac-11e0-983c-001fd0fef641}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{b65734b8-f8d9-11e0-91f7-001fd0fef641}\Shell - "" = AutoRun
O33 - MountPoints2\{b65734b8-f8d9-11e0-91f7-001fd0fef641}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 360 Days ==========[/color]
 
[2013/08/07 14:48:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Skype
[2013/08/07 14:48:04 | 000,000,000 | R--D | C] -- C:\Arquivos de programas\Skype
[2013/08/07 14:48:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Skype
[2013/08/07 14:48:04 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Skype
[2013/08/07 14:47:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Skype
[2013/08/07 09:52:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Web Cake
[2013/08/07 09:52:29 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Web Cake
[2013/08/07 09:51:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer
[2013/08/05 12:44:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook
[2013/08/05 11:36:49 | 002,349,096 | ---- | C] (Banco do Brasil SA) -- C:\Documents and Settings\Financeir\Meus documentos\DiagnosticoBB.exe
[2013/08/02 08:07:08 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Plus-HD-2.3
[2013/07/25 15:54:17 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL.exe
[2013/07/25 11:23:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Financeir\Recent
[2013/07/23 17:25:42 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\LyriXeeker
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DealPlyLive
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\DealPlyLive
[2013/07/23 17:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Dealply
[2013/07/23 17:25:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\DealPly
[2013/07/23 17:25:05 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\DealPly
[2013/07/23 17:21:42 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2013/07/23 17:21:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2013/07/23 17:21:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2013/05/24 13:15:48 | 000,155,648 | ---- | C] (Intel Corporation) -- C:\WINDOWS\System32\igfxCoIn_v5218.dll
[2013/05/24 12:23:40 | 000,024,576 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\gemstrmw.exe
[2013/05/24 12:23:21 | 000,061,840 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\drivers\GTwinUSB.sys
[2013/05/24 12:23:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Gemplus
[2013/05/24 12:09:41 | 000,000,000 | ---D | C] -- C:\database
[2013/05/22 09:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Lucano
[2013/05/21 08:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\Escaneamentos
[2013/05/04 10:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\cielo extratos
[2013/04/26 15:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Cao
[2013/04/15 09:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\trix.therebels.tonybennett.duets2.2012
[2013/03/05 09:56:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\GAS Tecnologia
[2013/01/28 14:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\CATALOGOS
[2013/01/28 14:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Atalhos para produtos em vidro temperado
[2013/01/18 11:55:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2013/01/18 11:51:16 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/01/18 11:07:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2013/01/16 13:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\IDM
[2012/11/07 15:44:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\TeamViewer
[2012/11/06 02:04:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\MSXML 4.0
[2012/11/06 02:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Silverlight
[2012/11/05 09:15:11 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012/11/01 23:04:06 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2012/11/01 15:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\PopCap Games
[2012/10/27 08:23:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCap Games
[2012/10/25 15:01:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/10/13 14:42:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Newsoft
[2012/10/13 14:39:09 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2012/10/13 14:39:07 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MPE.sys
[2012/10/13 14:39:07 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2012/10/13 14:39:04 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2012/10/13 14:39:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2012/10/13 14:39:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2012/10/13 14:39:02 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2012/10/13 14:38:59 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2012/10/13 14:38:56 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2012/10/13 14:38:54 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2012/10/13 14:38:51 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2012/10/13 14:38:36 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2012/10/13 14:38:36 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2012/10/13 14:38:35 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2012/10/13 14:38:35 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2012/10/13 14:38:35 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2012/10/13 14:38:35 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2012/10/13 14:38:35 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2012/10/13 14:38:35 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2012/10/13 14:38:35 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\BdaSup.sys
[2012/10/13 14:38:35 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2012/10/13 14:38:34 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2012/10/13 14:38:34 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\BdaPlgIn.ax
[2012/10/13 14:36:21 | 000,020,992 | ---- | C] (ASICEN) -- C:\WINDOWS\System32\drivers\AS11Loader.sys
[2012/10/13 14:36:11 | 000,062,848 | ---- | C] (ASICEN) -- C:\WINDOWS\System32\drivers\AsicenUSBDTVBDA_DM011.sys
[2012/10/13 14:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\InstallShield
[2012/10/13 14:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\NewSoft
[2012/10/13 14:35:36 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\NewSoft
[2012/10/13 14:35:32 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\NewSoft
[2012/10/02 15:04:32 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\synceng.dll
[2012/09/28 11:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\FORMULARIO MHB
[2012/09/25 16:00:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\Max Impressão
[2012/09/25 16:00:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Maxprint
[2012/09/22 08:57:00 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Java
[2012/09/22 08:56:53 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/09/22 08:56:39 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/09/21 14:10:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Sun
[2012/09/20 17:26:45 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012/09/20 13:25:49 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Silverlight
[2012/09/20 08:42:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\HP PrecisionScan LTX
[2012/09/20 08:41:55 | 000,350,208 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltkrn70n.dll
[2012/09/20 08:41:55 | 000,118,784 | ---- | C] (Hewlett-Packard) -- C:\WINDOWS\System32\hpsjvset.dll
[2012/09/20 08:41:55 | 000,111,104 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpng70n.dll
[2012/09/20 08:41:55 | 000,093,184 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lftif70n.dll
[2012/09/20 08:41:55 | 000,055,296 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\ltfil70n.DLL
[2012/09/20 08:41:55 | 000,035,328 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffpx70n.dll
[2012/09/20 08:41:55 | 000,032,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfgif70n.dll
[2012/09/20 08:41:55 | 000,032,768 | ---- | C] (Hewlett-Packard, GHC) -- C:\WINDOWS\System32\hpgreg32.dll
[2012/09/20 08:41:55 | 000,032,768 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\hpsj32.dll
[2012/09/20 08:41:55 | 000,024,576 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lfpcx70n.dll
[2012/09/20 08:41:54 | 000,667,648 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\ipeistor12.dll
[2012/09/20 08:41:54 | 000,331,776 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\ipebase12.dll
[2012/09/20 08:41:54 | 000,224,768 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\LFCMP70n.DLL
[2012/09/20 08:41:54 | 000,077,824 | ---- | C] (Hewlett-Packard Company) -- C:\WINDOWS\System32\ipeapi12.dll
[2012/09/20 08:41:54 | 000,055,808 | ---- | C] (LEAD Technologies, Inc.) -- C:\WINDOWS\System32\lffax70n.dll
[2012/09/19 17:18:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\EurekaLog
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Oi
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Oi
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Lightcomm
[2012/09/17 12:51:41 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Oi
[2012/09/08 16:54:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\CyberLink
[2012/09/08 16:54:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\CyberLink
[2012/08/20 17:03:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCapY
[2012/08/20 11:04:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\PopCap Games
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Arquivos de programas\*.tmp files -> C:\Arquivos de programas\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Financeir\*.tmp files -> C:\Documents and Settings\Financeir\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 360 Days ==========[/color]
 
[2013/08/08 08:50:40 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/08/08 07:29:01 | 000,000,634 | ---- | M] () -- C:\WINDOWS\tasks\Norton Product Installer.job
[2013/08/08 07:28:57 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) -- C:\WINDOWS\System32\drivers\GbpNdisrd.sys
[2013/08/08 07:27:48 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/08/07 17:10:01 | 000,002,315 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/08/07 07:40:07 | 000,001,080 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG
[2013/08/05 13:14:44 | 000,001,012 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1003Core1ce91f6e5ec6902.job
[2013/08/05 11:36:49 | 002,349,096 | ---- | M] (Banco do Brasil SA) -- C:\Documents and Settings\Financeir\Meus documentos\DiagnosticoBB.exe
[2013/08/05 10:56:42 | 000,666,633 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\adwcleaner.exe
[2013/08/05 07:31:34 | 000,001,997 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Norton Product Installer.lnk
[2013/08/04 18:13:48 | 000,000,642 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Product InstallerIdle.job
[2013/08/04 10:20:23 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/08/02 08:07:10 | 000,001,924 | ---- | M] () -- C:\WINDOWS\tasks\Plus-HD-2.3-chromeinstaller.job
[2013/08/01 19:11:45 | 000,002,444 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Google Chrome.lnk
[2013/07/30 07:47:18 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1003Core1ce8d12293a3846.job
[2013/07/25 15:54:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL.exe
[2013/07/25 09:05:18 | 000,209,696 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/07/23 17:25:15 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2013/07/23 17:25:03 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\LyricXeeker Update.job
[2013/07/11 14:21:01 | 000,000,020 | ---- | M] () -- C:\WINDOWS\hppsapp.INI
[2013/07/01 08:37:46 | 000,046,904 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\System32\drivers\gbpkm.sys
[2013/06/08 09:16:14 | 000,000,192 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\HP LaserJet P1005.lnk
[2013/05/16 13:08:13 | 000,001,120 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1006Core1ce524f91476a96.job
[2013/05/07 12:49:21 | 000,001,132 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1003Core1ce4b3a709f5680.job
[2013/04/10 10:15:31 | 000,006,779 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\carta.pdf
[2013/04/09 13:09:42 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/06 10:51:38 | 000,036,924 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Itau.pdf
[2013/04/04 11:14:11 | 000,000,421 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2013/04/04 09:27:50 | 000,117,287 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\Portalex 2.jpg
[2013/04/04 09:26:12 | 000,462,353 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\portalex.png
[2013/04/03 11:16:41 | 000,056,410 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\pagam.pdf
[2013/04/02 10:20:24 | 000,208,406 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Temperminas.pdf
[2013/04/01 12:27:44 | 000,531,165 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\cielo.pdf
[2013/03/26 07:49:11 | 000,536,692 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat
[2013/03/26 07:49:11 | 000,501,962 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/03/26 07:49:11 | 000,097,690 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat
[2013/03/26 07:49:11 | 000,087,398 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/03/12 08:28:02 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio4.bmp
[2013/03/07 17:32:01 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio3.bmp
[2013/03/07 17:31:15 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio2.bmp
[2013/03/07 17:30:23 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio1.bmp
[2013/03/07 17:28:55 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio.bmp
[2013/02/05 13:19:32 | 000,104,107 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\orc2.jpg
[2013/02/05 13:14:33 | 000,138,445 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\orc1.jpg
[2013/01/29 09:34:28 | 000,013,467 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\caixa hoje.pdf
[2013/01/06 02:33:53 | 006,009,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2012/12/16 09:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2012/12/16 09:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2012/12/07 13:39:05 | 000,111,595 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\PortaGenilson.pdf
[2012/12/05 13:59:59 | 000,000,774 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2012/11/23 07:44:31 | 000,458,136 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\tela tablet.pdf
[2012/11/13 08:55:14 | 001,866,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2012/11/13 08:55:14 | 001,866,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2012/11/12 08:07:05 | 000,078,583 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\santander.pdf
[2012/11/12 07:07:41 | 000,129,828 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\156797.pdf
[2012/11/10 14:30:10 | 000,053,699 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\EXTRATO DIGISAT ATE JULHO 2012.pdf
[2012/11/09 14:09:52 | 011,934,054 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\CompEndeço.bmp
[2012/11/07 16:17:58 | 000,084,852 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\Relatório.pdf
[2012/11/05 23:00:50 | 001,371,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2012/11/03 13:11:43 | 000,000,025 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2012/11/01 23:04:06 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll
[2012/11/01 23:04:06 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2012/11/01 16:42:30 | 011,111,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2012/11/01 09:12:29 | 002,000,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2012/11/01 09:12:29 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2012/11/01 09:12:29 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2012/11/01 09:12:29 | 001,212,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2012/11/01 09:12:29 | 000,916,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2012/11/01 09:12:29 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012/11/01 09:12:29 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2012/11/01 09:12:29 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2012/11/01 09:12:29 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2012/11/01 09:12:29 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2012/11/01 09:12:29 | 000,521,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012/11/01 09:12:29 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2012/11/01 09:12:29 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2012/11/01 09:12:29 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2012/11/01 09:12:29 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2012/11/01 09:12:29 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2012/11/01 09:12:29 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2012/11/01 09:12:29 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2012/11/01 09:12:29 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2012/11/01 09:12:29 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2012/11/01 09:12:29 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2012/11/01 09:12:29 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2012/11/01 09:12:29 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2012/11/01 09:12:29 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2012/11/01 09:12:29 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2012/10/31 21:35:49 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2012/10/31 21:35:49 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2012/10/31 21:35:48 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2012/10/27 06:57:41 | 002,105,132 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\COMPROVANTE.pdf
[2012/10/13 14:35:55 | 000,001,705 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Presto! PVR.lnk
[2012/10/03 01:57:56 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2012/10/02 15:04:32 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\synceng.dll
[2012/10/02 15:04:32 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\synceng.dll
[2012/09/26 15:26:33 | 000,050,120 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL SETEMBRO.pdf
[2012/09/26 15:25:46 | 000,051,354 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL AGOSTO.pdf
[2012/09/26 15:18:39 | 000,050,298 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JULHO.pdf
[2012/09/26 15:12:33 | 000,050,311 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JUNHO.pdf
[2012/09/26 14:56:30 | 000,050,804 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL MAIO.pdf
[2012/09/25 16:00:13 | 000,000,907 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Max Impressão.lnk
[2012/09/22 08:56:31 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2012/09/22 08:56:30 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2012/09/22 08:56:30 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2012/09/22 08:56:30 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2012/09/22 08:56:30 | 000,143,872 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2012/09/22 08:56:29 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\npDeployJava1.dll
[2012/09/22 08:56:29 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\deployJava1.dll
[2012/09/22 08:37:30 | 000,002,206 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Emissor de Nota Fiscal Eletrônica (NF-e) 2.0.lnk
[2012/09/21 15:31:17 | 000,019,462 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil jul.pdf
[2012/09/21 15:30:27 | 000,020,737 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil ago.pdf
[2012/09/21 15:29:45 | 000,019,180 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil set.pdf
[2012/09/20 08:42:00 | 000,001,015 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\HP PrecisionScan LTX.lnk
[2012/09/03 19:32:40 | 000,010,265 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil.pdf
[2012/08/24 16:46:04 | 000,000,622 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Atalho para ESQ.BAT.lnk
[2012/08/24 10:53:14 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll
[2012/08/23 03:27:14 | 002,073,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2012/08/23 03:27:13 | 002,197,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2012/08/23 03:27:12 | 002,152,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2012/08/23 03:27:12 | 002,152,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2012/08/23 03:27:11 | 002,031,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2012/08/23 03:27:11 | 002,031,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Arquivos de programas\*.tmp files -> C:\Arquivos de programas\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Documents and Settings\Financeir\*.tmp files -> C:\Documents and Settings\Financeir\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/08/07 14:48:04 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/08/05 13:14:44 | 000,001,012 | ---- | C] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1003Core1ce91f6e5ec6902.job
[2013/08/05 10:56:29 | 000,666,633 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\adwcleaner.exe
[2013/08/05 07:31:34 | 000,002,003 | ---- | C] () -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\Norton Product Installer.lnk
[2013/08/05 07:31:34 | 000,001,997 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Norton Product Installer.lnk
[2013/08/02 08:07:10 | 000,001,924 | ---- | C] () -- C:\WINDOWS\tasks\Plus-HD-2.3-chromeinstaller.job
[2013/07/30 07:47:18 | 000,001,132 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1003Core1ce8d12293a3846.job
[2013/07/23 17:25:15 | 000,000,912 | ---- | C] () -- C:\WINDOWS\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2013/07/23 17:25:03 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\LyricXeeker Update.job
[2013/06/08 09:16:14 | 000,000,192 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\HP LaserJet P1005.lnk
[2013/05/24 13:15:48 | 001,674,683 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2013/05/24 13:15:48 | 000,001,023 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2013/05/16 13:08:13 | 000,001,120 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1006Core1ce524f91476a96.job
[2013/05/07 12:49:21 | 000,001,132 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-527237240-562591055-839522115-1003Core1ce4b3a709f5680.job
[2013/04/10 11:25:00 | 000,006,779 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\carta.pdf
[2013/04/06 10:51:32 | 000,036,924 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Itau.pdf
[2013/04/04 09:27:50 | 000,117,287 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Portalex 2.jpg
[2013/04/04 09:26:09 | 000,462,353 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\portalex.png
[2013/04/03 11:16:40 | 000,056,410 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\pagam.pdf
[2013/04/02 10:20:21 | 000,208,406 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Temperminas.pdf
[2013/04/01 12:27:38 | 000,531,165 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\cielo.pdf
[2013/03/12 08:28:02 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio4.bmp
[2013/03/07 17:32:01 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio3.bmp
[2013/03/07 17:31:15 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio2.bmp
[2013/03/07 17:30:23 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio1.bmp
[2013/03/07 17:28:54 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio.bmp
[2013/02/07 11:51:24 | 000,000,481 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Notepad  IMPRESSO.lnk
[2013/02/05 13:19:03 | 000,104,107 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\orc2.jpg
[2013/02/05 13:14:04 | 000,138,445 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\orc1.jpg
[2013/01/29 09:34:27 | 000,013,467 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\caixa hoje.pdf
[2013/01/18 11:09:40 | 000,000,642 | -H-- | C] () -- C:\WINDOWS\tasks\Norton Product InstallerIdle.job
[2013/01/18 11:09:40 | 000,000,634 | ---- | C] () -- C:\WINDOWS\tasks\Norton Product Installer.job
[2012/12/07 13:40:38 | 000,111,595 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\PortaGenilson.pdf
[2012/11/23 07:44:29 | 000,458,136 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\tela tablet.pdf
[2012/11/12 08:17:48 | 000,129,828 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\156797.pdf
[2012/11/12 08:17:39 | 000,078,583 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\santander.pdf
[2012/11/10 14:35:24 | 000,051,354 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL AGOSTO.pdf
[2012/11/10 14:35:24 | 000,050,298 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JULHO.pdf
[2012/11/10 14:35:24 | 000,050,120 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL SETEMBRO.pdf
[2012/11/10 14:35:24 | 000,020,737 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil ago.pdf
[2012/11/10 14:35:24 | 000,019,462 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil jul.pdf
[2012/11/10 14:35:24 | 000,019,180 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil set.pdf
[2012/11/10 14:35:24 | 000,010,265 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil.pdf
[2012/11/10 14:35:23 | 000,050,804 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL MAIO.pdf
[2012/11/10 14:35:23 | 000,050,311 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JUNHO.pdf
[2012/11/10 14:30:07 | 000,053,699 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\EXTRATO DIGISAT ATE JULHO 2012.pdf
[2012/11/09 14:09:51 | 011,934,054 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\CompEndeço.bmp
[2012/11/09 14:07:20 | 000,025,823 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\comprovante_insc_KeD.pdf
[2012/11/07 16:17:57 | 000,084,852 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Relatório.pdf
[2012/11/05 08:48:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/11/05 08:48:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/10/27 08:32:43 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2012/10/27 06:57:37 | 002,105,132 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\COMPROVANTE.pdf
[2012/10/13 14:38:36 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\PsisRndr.ax
[2012/10/13 14:38:36 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/10/13 14:38:35 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2012/10/13 14:38:35 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/10/13 14:38:35 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\MSDvbNP.ax
[2012/10/13 14:38:35 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/10/13 14:35:55 | 000,001,705 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Presto! PVR.lnk
[2012/09/25 16:00:13 | 000,000,907 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Max Impressão.lnk
[2012/09/20 09:09:29 | 000,001,015 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\HP PrecisionScan LTX.lnk
[2012/09/20 08:41:55 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2012/09/20 08:41:54 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2012/08/24 16:44:30 | 000,000,622 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Atalho para ESQ.BAT.lnk
[2012/02/13 20:02:07 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\keyfile3.drm
[2011/08/31 17:25:28 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2011/08/23 13:17:17 | 000,000,020 | ---- | C] () -- C:\WINDOWS\hppsapp.INI
[2011/05/09 13:06:35 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/08 09:19:04 | 000,040,960 | ---- | C] () -- C:\Arquivos de programas\Uninstall_CDS.exe
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2011/08/31 17:24:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 23:20:40 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 07:53:26 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/13 23:20:41 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/09/19 13:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Big Fish Games
[2013/07/23 17:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
[2013/03/06 13:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GAS Tecnologia
[2013/08/06 07:54:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin
[2011/05/09 09:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IM
[2011/05/09 09:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IncrediMail
[2012/09/17 13:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Lightcomm
[2012/09/17 12:51:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Oi
[2012/10/27 08:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCap Games
[2012/08/20 17:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCapY
[2013/08/07 09:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer
[2012/07/02 12:15:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\3M
[2013/07/23 17:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Dealply
[2012/09/19 17:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\EurekaLog
[2011/05/07 11:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Foxit
[2011/05/08 08:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Foxit Software
[2013/01/18 11:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\IDM
[2011/05/08 08:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Mikrotik
[2012/11/07 15:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\TeamViewer
[2013/08/07 16:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Web Cake
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 514 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:70216A94_Uni.gbp
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:70216A94_Cef.gbp
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:70216A94_Bb.gbp
@Alternate Data Stream - 2 bytes -> C:\WINDOWS\system32:70216A94_Abn.gbp

< End of report >



Em 7 de agosto de 2013 15:42, Marcelo [via Fórum Tech Suporte] <[hidden email]> escreveu:
Olá, Diana

Não há print na página.

Por favor, faça um novo log do OTL e poste aqui.


Se você responder a este email, a sua mensagem será adicionada à discussão abaixo:
http://forum-tech-suporte.19081.x6.nabble.com/janelas-que-se-abrem-sozinhas-tp4983702p4983780.html
Para remover sua inscrição de janelas que se abrem sozinhas., clique aqui.
NAML

Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Diana
Em resposta à esta mensagem postada por Marcelo
o relatorio extras

OTL Extras logfile created on: 8/8/2013 08:58:57 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Financeir\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
 
1013,42 Mb Total Physical Memory | 745,09 Mb Available Physical Memory | 73,52% Memory free
2,40 Gb Paging File | 1,87 Gb Available in Paging File | 78,25% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 109,04 Gb Free Space | 73,16% Space Free | Partition Type: NTFS
 
Computer Name: FINANCEIRO | User Name: Financeir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
[color=#E56717]========== Extra Registry (All) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = comfile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Arquivos de programas\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Arquivos de programas\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Arquivos de programas\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Arquivos de programas\Java\jre6\bin\javaw.exe" = C:\Arquivos de programas\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\Financeir\Meus documentos\winbox.exe" = C:\Documents and Settings\Financeir\Meus documentos\winbox.exe:*:Enabled:winbox -- ()
"E:\Arquivos de programas\IncrediMail\Bin\IncMail.exe" = E:\Arquivos de programas\IncrediMail\Bin\IncMail.exe:*:Enabled:IncrediMail
"C:\Arquivos de programas\Google\Google Earth\client\googleearth.exe" = C:\Arquivos de programas\Google\Google Earth\client\googleearth.exe:*:Disabled:Google Earth -- (Google)
"C:\Arquivos de programas\Intelbras\Programador Modulare I e Corp\ProgramadorMC.exe" = C:\Arquivos de programas\Intelbras\Programador Modulare I e Corp\ProgramadorMC.exe:*:Enabled:ProgramadorMC -- ()
"C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Video\Skype\FacebookVideoCalling.exe" = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Video\Skype\FacebookVideoCalling.exe:*:Enabled:Facebook Video Calling Plugin
"C:\Arquivos de programas\Skype\Phone\Skype.exe" = C:\Arquivos de programas\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1438B41C-658C-35B7-9253-780F2E0A0B8E}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ptb
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{20A15757-4AE4-3C82-9711-863C84AFE6AA}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{32603085-C839-4226-A1FD-BF8FAE0185CB}" = IncrediMail
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.441
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F31F3B5-C1FF-3708-8611-869DE39C0CB6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PTB
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{6347401C-C260-4B30-9816-8F5A1419CC49}" = SafeSign
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6FBA74BD-149F-4521-B921-FFCC84876864}" = Assistente de Instalação Certisign
"{85E0BA25-A5DE-4499-82C2-B4CE4F513E80}" = Cliente do Windows Rights Management com Service Pack 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110416-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edição 2003
"{90120000-0020-0416-0000-0000000FF1CE}" = Pacote de Compatibilidade para o sistema Office 2007
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9856CFCC-6805-4567-8142-A68CF5B25F4C}" = MySQL Connector/ODBC 3.51
"{98ADF875-648F-3E73-8F3B-010C2464C948}" = Microsoft .NET Framework 4 Extended PTB Language Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{B1FA73D8-AB79-3A2E-81AC-DBBAC155B2FE}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PTB
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BC0DCD27-345B-4013-A6E0-67EC92DF32C8}" = Presto! PVR
"{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}" = Web Cake 3.00
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{E29D8938-2E48-498C-832D-9663DCABD55F}" = Visual Basic for Applications (R) Core - Portuguese (Brazil)
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Compatibilidade com Versões Anteriores do Cliente do Windows Rights Management SP2
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}" = CorelDRAW Graphics Suite X5 - BR
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"BDE" = BDE
"CCleaner" = CCleaner
"CutePDF Writer Installation" = CutePDF Writer 2.8
"DealPly" = DealPly (remove only)
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Gemplus Smart Card Reader Tools" = Gemplus Smart Card Reader Tools
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"HP PrecisionScan LTX" = HP PrecisionScan LTX
"HP-LaserJet 1020 series" = LaserJet 1020 series
"ie8" = Windows Internet Explorer 8
"IncrediMail" = IncrediMail 2.0
"[hidden email]" = LyricXeeker
"Max Impressão" = Max Impressão 1.0
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - ptb" = Pacote de Idiomas do Microsoft .NET Framework 3.5 SP1 - PTB
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil)
"MiPony" = MiPony 1.5.0
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NVIDIA Drivers" = NVIDIA Drivers
"OrderReminder HP LaserJet 1020" = OrderReminder HP LaserJet 1020
"Plants vs. Zombies" = Plants vs. Zombies
"Plus-HD-2.3" = Plus-HD-2.3
"Programador Modulare I, Conecta, Corp 6000 e Corp 8000_is1" = Programador versão 2.53 para PABX Modulare I, Conecta, Corp 600
"programmeroi_is1" = Oi Velox
"PSN" = Post-it® Software Notes Lite
"VIVO INTERNET" = VIVO INTERNET
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dealply" = Dealply
"Emissor de Nota Fiscal Eletrônica (NF-e) 2.0" = Emissor de Nota Fiscal Eletrônica (NF-e) 2.0
"Google Chrome" = Google Chrome
"optimizer_chrome" = Widevine Media Optimizer Chrome 6.0.0
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 26/3/2013 06:46:57 | Computer Name = FINANCEIRO | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
 
Error - 26/3/2013 07:22:57 | Computer Name = FINANCEIRO | Source = WmiAdapter | ID = 4099
Description = Falha na abertura do serviço.
 
Error - 28/3/2013 11:38:20 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha digisat.exe, versão 1.0.2.3, módulo com falha
 gbieh.dll, versão 4.0.0.44, endereço com falha 0x000aa796.
 
Error - 7/5/2013 15:43:38 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha , versão 0.0.0.0, endereço com falha 0x00000000.
 
Error - 11/5/2013 10:05:49 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha spider.exe, versão 5.1.2600.5512, módulo com 
falha unknown, versão 0.0.0.0, endereço com falha 0xf90d5e65.
 
Error - 24/5/2013 11:39:38 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha kernel32.dll, versão 5.1.2600.6293, endereço com falha 0x000658c0.
 
Error - 24/5/2013 11:48:27 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha kernel32.dll, versão 5.1.2600.6293, endereço com falha 0x000658c0.
 
Error - 13/6/2013 12:42:21 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha hpipcopy.exe, versão 3.2.0.0, módulo com falha
 hpipcopy.exe, versão 3.2.0.0, endereço com falha 0x000171e6.
 
[ System Events ]
Error - 5/8/2013 09:45:11 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 5/8/2013 16:55:00 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 6/8/2013 06:53:50 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 6/8/2013 06:54:09 | Computer Name = FINANCEIRO | Source = Service Control Manager | ID = 7022
Description = Serviço Gbp Service suspenso ao iniciar.
 
Error - 7/8/2013 06:32:36 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 7/8/2013 08:52:20 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10005
Description = Erro "%1058" no DCOM na tentativa de iniciar o serviço wuauserv com
 argumentos ""  para iniciar o servidor:  {E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error - 7/8/2013 09:47:08 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 7/8/2013 10:47:07 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 8/8/2013 06:28:03 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 8/8/2013 06:28:25 | Computer Name = FINANCEIRO | Source = Print | ID = 19
Description = Falha ao compartilhar impressora: + 1722; impressora HP LaserJet P1005,
 nome de compartilhamento HPLaserJ.2.
 
 
< End of report >



Em 7 de agosto de 2013 15:42, Marcelo [via Fórum Tech Suporte] <[hidden email]> escreveu:
Olá, Diana

Não há print na página.

Por favor, faça um novo log do OTL e poste aqui.


Se você responder a este email, a sua mensagem será adicionada à discussão abaixo:
http://forum-tech-suporte.19081.x6.nabble.com/janelas-que-se-abrem-sozinhas-tp4983702p4983780.html
Para remover sua inscrição de janelas que se abrem sozinhas., clique aqui.
NAML

Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Marcelo
Administrador
Em resposta à esta mensagem postada por Diana
Diana,

Vamos resolver isso.

Peço que vá me mantendo informado após realizar cada procedimento, porque assim facilita para mim.

1) Abra o OTL.
2) Na área azul inferior chamada "Exames Personalizados/Correções" cole todo o texto dessa página aqui.
3) Clique no botão vermelho Consertar. Se for solicitada o reinicio da máquina, reinicie.
4) Após reiniciar, ele vai gerar um log do resultado. Poste este log em sua resposta.

Depois disso...

1) Baixe o ComboFix e salve no desktop.
2) Dê um duplo clique no arquivo e efetue o scan seguindo esse guia oficial.
3) Ao término, um log será aberto. O mesmo estará presente em C:\ComboFix.txt.

Poste ambos os logs em sua próxima resposta.
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Diana
Olá.

Desculpe a demora, muito serviço Para pouca Diana.

Segue arquivo de log:

All processes killed
Error: Unable to interpret <: OTL> in the current context!
Error: Unable to interpret <SRV - [2013/08/01 21:13:06 | 000051992 | ---- | M] (cake bake) [Auto | duração] - C: \ Arquivos de Programas \ Web bolo \ WebCakeDesktop.Updater.exe - - (WebCakeUpdater)Auto | duração] - C: \ Arquivos de Programas \ Web bolo \ WebCakeDesktop.Updater.exe - (WebCakeUpdater)> in the current context!
Error: Unable to interpret <SRV - [2013/07/23 17:25:11 | 000148000 | ---- | M] (DealPly Technologies Ltd) [On_Demand | Stopped] - C: \ Arquivos de Programas \ DealPlyLive \ Update \ DealPlyLive.exe - - (dealplylivem)> in the current context!
Error: Unable to interpret <SRV - [2013/07/23 17:25:11 | 000148000 | ---- | M] (DealPly Technologies Ltd) [Auto | Stopped] - C: \ Arquivos de Programas \ DealPlyLive \ Update \ DealPlyLive.exe - - (dealplylive)> in the current context!
Error: Unable to interpret <IE - HKLM \ Internet Explorer \ Main, extensões fora da página = cerca de \ SOFTWARE \ Microsoft: NoAdd-onsInternet Explorer \ Main, extensões fora da página = about: NoAdd-ons> in the current context!
Error: Unable to interpret <IE - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Segurança Risco página = sobre: ​​SecurityRiskRisco de Segurança Página = sobre: ​​SecurityRisk> in the current context!
Error: Unable to interpret <IE - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal> in the current context!
Error: Unable to interpret <FF - HKLM \ Software \ MozillaPlugins \ @ tools.dpliveupdate.com / DealPlyLive Atualização; version = 3: C: \ Arquivos de Programas \ DealPlyLive \ Update \ 1.3.23.0 \ npGoogleUpdate3.dll (DealPly Technologies Ltd)> in the current context!
Error: Unable to interpret <FF - HKLM \ Software \ MozillaPlugins \ @ tools.dpliveupdate.com / DealPlyLive Atualização; version = 9: C: \ Arquivos de Programas \ DealPlyLive \ Update \ 1.3.23.0 \ npGoogleUpdate3.dll (DealPly Technologies Ltd)> in the current context!
Error: Unable to interpret <FF - HKCU \ Software \ MozillaPlugins \ @ Limited.com Skype / Facebook Vídeo Chamada Plugin: C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook \ Video \ Skype \ npFacebookVideoCalling.dll File not foundVídeo Chamada Plugin: C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook \ Video \ Skype \ npFacebookVideoCalling.dll File not found> in the current context!
Error: Unable to interpret <FF - HKEY_CURRENT_USER \ Software \ Mozilla \ Firefox \ Extensions \ \ [e-mail oculto]: C: \ Arquivos de Programas \ LyriXeeker \ 125.xpi [2013/07/23 17:25:42 | 000007064 | ---- | M ] ()Firefox \ Extensions \ \ [e-mail oculto]: C: \ Arquivos de Programas \ LyriXeeker \ 125.xpi [2013/07/23 17:25:42 | 000007064 | ---- | M] ()> in the current context!
Error: Unable to interpret <CHR - homepage: http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal> in the current context!
Error: Unable to interpret <CHR - plugin: Injovo Plugin Extensão (Ativado) = C: \ Documents and Settings \ Financeir \ Configura \ u00E7 \ u00F5es locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ dlnembnfbcpjnepmfjmngjenhhajpdfd \ 2.0.0.441_0 \ npbrowserext . dll> in the current context!
Error: Unable to interpret <CHR - Extensão: Web Assistant = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ dlnembnfbcpjnepmfjmngjenhhajpdfd \ 2.0.0.441_0 \> in the current context!
Error: Unable to interpret <CHR - Extensão: Bolo Web = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ fjoijdanhaiflhibkljeklcghcmmfffh \ 1.0.3_0 \> in the current context!
Error: Unable to interpret <CHR - Extensão: Bubble Shooter-HD = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ hpakbhbnhkbghdcejiiangcefallmaln \ 2.2.0_0 \> in the current context!
Error: Unable to interpret <CHR - Extensão: DealPly Shopping = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ mphpbdjcljebbcnfopfngmfdackbbdgf \ 3.5.0.0_0 \> in the current context!
Error: Unable to interpret <CHR - Extensão: LyricXeeker = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ odnofacmifkjndflfmmplhckcbfjckhj \ 1.125_0 \> in the current context!
Error: Unable to interpret <O2 - BHO: (Assistente Web) - {336D0C35-8A85-403A-B9D2-65C292C39087} - C: \ Arquivos de Programas \ Web Assistant \ Extension32.dll ()> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {DF89BC70-AC87-4a31-ACD5-7417E2CF1209} - No CLSID valor encontrado.> in the current context!
Error: Unable to interpret <O4 - HKU \ S-1-5-21-527237240-562591055-839522115-1003 .. \ Run: [Facebook Update] C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook \ Update \ FacebookUpdate. exe (Facebook Inc.)> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {2b07deea-95e4-11e1-espécies 92C0 Florestas-001fd0fef641} \ Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {2b07deea-95e4-11e1-espécies 92C0 Florestas-001fd0fef641} \ Shell \ \ command AutoRun - "" = E: \ AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {64998505-7fac-11e0-983c-001fd0fef641} \ Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {64998505-7fac-11e0-983c-001fd0fef641} \ Shell \ \ command AutoRun - "" = F: \ AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {64998507-7fac-11e0-983c-001fd0fef641} \ Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {64998507-7fac-11e0-983c-001fd0fef641} \ Shell \ \ command AutoRun - "" = F: \ AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {b65734b8-f8d9-11e0-91f7-001fd0fef641} \ Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {b65734b8-f8d9-11e0-91f7-001fd0fef641} \ Shell \ \ command AutoRun - "" = E: \ AutoRun.exe> in the current context!
Error: Unable to interpret <[2013/08/07 09:52:29 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Dados de aplicativos \ Web bolo> in the current context!
Error: Unable to interpret <[2013/08/07 09:52:29 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ Web bolo> in the current context!
Error: Unable to interpret <[2013/08/07 09:51:49 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ All Users \ Dados de aplicativos \ Tarma Installer> in the current context!
Error: Unable to interpret <[2013/08/05 00:44:32 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook> in the current context!
Error: Unable to interpret <[2013/08/05 11:36:49 | 002349096 | ---- | C] (Banco do Brasil SA) - C: \ Documents and Settings \ Financeir \ MEUS Documentos \ DiagnosticoBB.exe> in the current context!
Error: Unable to interpret <[2013/08/02 08:07:08 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ Plus HD-2.3> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:42 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ LyriXeeker> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:11 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ DealPlyLive> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:11 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ All Users \ Dados de aplicativos \ DealPlyLive> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:11 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ DealPlyLive> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:09 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Dados de aplicativos \ DealPly> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:05 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Menu Iniciar \ Programas \ DealPly> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:05 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ DealPly> in the current context!
Error: Unable to interpret <[2013/08/05 13:14:44 | 000001012 | ---- | M] () -> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:15 | 000000912 | ---- | M] () - C: \ WINDOWS \ tasks \ DealPlyLiveUpdateTaskMachineCore.job> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:03 | 000000404 | ---- | M] () - C: \ WINDOWS \ tasks \ LyricXeeker Update.job> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:11 | 000,000,000 | --- D | M] - C: \ Documents and Settings \ All Users \ Dados de aplicativos \ DealPlyLive> in the current context!
Error: Unable to interpret <[2013/08/07 09:52:29 | 000,000,000 | --- D | M] - C: \ Documents and Settings \ All Users \ Dados de aplicativos \ Tarma Installer> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:09 | 000,000,000 | --- D | M] - C: \ Documents and Settings \ Financeir \ Dados de aplicativos \ DealPly> in the current context!
Error: Unable to interpret <[2013/08/07 16:16:10 | 000,000,000 | --- D | M] - C: \ Documents and Settings \ Financeir \ Dados de aplicativos \ Web bolo> in the current context!
Error: Unable to interpret <: Arquivos> in the current context!
Error: Unable to interpret <C: \ Arquivos de Programas \ DealPlyLive> in the current context!
Error: Unable to interpret <C: \ Arquivos de Programas \ Web bolo> in the current context!
Error: Unable to interpret <C: \ Arquivos de Programas \ LyriXeeker> in the current context!
Error: Unable to interpret <C: \ Arquivos de Programas \ Web Assistant> in the current context!
Error: Unable to interpret <: Reg> in the current context!
Error: Unable to interpret <C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook \ Video \ Skype \ FacebookVideoCalling.exe "= -> in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uninstall]> in the current context!
Error: Unable to interpret <"{336D0C35-8A85-403A-B9D2-65C292C39087} _is1" = -> in the current context!
Error: Unable to interpret <"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = -> in the current context!
Error: Unable to interpret <"{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}" = -> in the current context!
Error: Unable to interpret <"DealPly" = -> in the current context!
Error: Unable to interpret <"Plus-HD 2.3" = -> in the current context!
Error: Unable to interpret <"DealPly" = -> in the current context!
Error: Unable to interpret <: Comandos> in the current context!
Error: Unable to interpret <[Pureza]> in the current context!
Error: Unable to interpret <[Emptyflash]> in the current context!
Error: Unable to interpret <[Emptytemp]> in the current context!
 
OTL by OldTimer - Version 3.2.69.0 log created on 08122013_132716

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Diana
Em resposta à esta mensagem postada por Marcelo
segue arquivo Combifix:

All processes killed
Error: Unable to interpret <: OTL> in the current context!
Error: Unable to interpret <SRV - [2013/08/01 21:13:06 | 000051992 | ---- | M] (cake bake) [Auto | duração] - C: \ Arquivos de Programas \ Web bolo \ WebCakeDesktop.Updater.exe - - (WebCakeUpdater)Auto | duração] - C: \ Arquivos de Programas \ Web bolo \ WebCakeDesktop.Updater.exe - (WebCakeUpdater)> in the current context!
Error: Unable to interpret <SRV - [2013/07/23 17:25:11 | 000148000 | ---- | M] (DealPly Technologies Ltd) [On_Demand | Stopped] - C: \ Arquivos de Programas \ DealPlyLive \ Update \ DealPlyLive.exe - - (dealplylivem)> in the current context!
Error: Unable to interpret <SRV - [2013/07/23 17:25:11 | 000148000 | ---- | M] (DealPly Technologies Ltd) [Auto | Stopped] - C: \ Arquivos de Programas \ DealPlyLive \ Update \ DealPlyLive.exe - - (dealplylive)> in the current context!
Error: Unable to interpret <IE - HKLM \ Internet Explorer \ Main, extensões fora da página = cerca de \ SOFTWARE \ Microsoft: NoAdd-onsInternet Explorer \ Main, extensões fora da página = about: NoAdd-ons> in the current context!
Error: Unable to interpret <IE - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Segurança Risco página = sobre: ​​SecurityRiskRisco de Segurança Página = sobre: ​​SecurityRisk> in the current context!
Error: Unable to interpret <IE - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal> in the current context!
Error: Unable to interpret <FF - HKLM \ Software \ MozillaPlugins \ @ tools.dpliveupdate.com / DealPlyLive Atualização; version = 3: C: \ Arquivos de Programas \ DealPlyLive \ Update \ 1.3.23.0 \ npGoogleUpdate3.dll (DealPly Technologies Ltd)> in the current context!
Error: Unable to interpret <FF - HKLM \ Software \ MozillaPlugins \ @ tools.dpliveupdate.com / DealPlyLive Atualização; version = 9: C: \ Arquivos de Programas \ DealPlyLive \ Update \ 1.3.23.0 \ npGoogleUpdate3.dll (DealPly Technologies Ltd)> in the current context!
Error: Unable to interpret <FF - HKCU \ Software \ MozillaPlugins \ @ Limited.com Skype / Facebook Vídeo Chamada Plugin: C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook \ Video \ Skype \ npFacebookVideoCalling.dll File not foundVídeo Chamada Plugin: C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook \ Video \ Skype \ npFacebookVideoCalling.dll File not found> in the current context!
Error: Unable to interpret <FF - HKEY_CURRENT_USER \ Software \ Mozilla \ Firefox \ Extensions \ \ [e-mail oculto]: C: \ Arquivos de Programas \ LyriXeeker \ 125.xpi [2013/07/23 17:25:42 | 000007064 | ---- | M ] ()Firefox \ Extensions \ \ [e-mail oculto]: C: \ Arquivos de Programas \ LyriXeeker \ 125.xpi [2013/07/23 17:25:42 | 000007064 | ---- | M] ()> in the current context!
Error: Unable to interpret <CHR - homepage: http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal> in the current context!
Error: Unable to interpret <CHR - plugin: Injovo Plugin Extensão (Ativado) = C: \ Documents and Settings \ Financeir \ Configura \ u00E7 \ u00F5es locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ dlnembnfbcpjnepmfjmngjenhhajpdfd \ 2.0.0.441_0 \ npbrowserext . dll> in the current context!
Error: Unable to interpret <CHR - Extensão: Web Assistant = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ dlnembnfbcpjnepmfjmngjenhhajpdfd \ 2.0.0.441_0 \> in the current context!
Error: Unable to interpret <CHR - Extensão: Bolo Web = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ fjoijdanhaiflhibkljeklcghcmmfffh \ 1.0.3_0 \> in the current context!
Error: Unable to interpret <CHR - Extensão: Bubble Shooter-HD = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ hpakbhbnhkbghdcejiiangcefallmaln \ 2.2.0_0 \> in the current context!
Error: Unable to interpret <CHR - Extensão: DealPly Shopping = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ mphpbdjcljebbcnfopfngmfdackbbdgf \ 3.5.0.0_0 \> in the current context!
Error: Unable to interpret <CHR - Extensão: LyricXeeker = C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Google \ Chrome \ User Data \ Default \ Extensions \ odnofacmifkjndflfmmplhckcbfjckhj \ 1.125_0 \> in the current context!
Error: Unable to interpret <O2 - BHO: (Assistente Web) - {336D0C35-8A85-403A-B9D2-65C292C39087} - C: \ Arquivos de Programas \ Web Assistant \ Extension32.dll ()> in the current context!
Error: Unable to interpret <O2 - BHO: (no name) - {DF89BC70-AC87-4a31-ACD5-7417E2CF1209} - No CLSID valor encontrado.> in the current context!
Error: Unable to interpret <O4 - HKU \ S-1-5-21-527237240-562591055-839522115-1003 .. \ Run: [Facebook Update] C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook \ Update \ FacebookUpdate. exe (Facebook Inc.)> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {2b07deea-95e4-11e1-espécies 92C0 Florestas-001fd0fef641} \ Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {2b07deea-95e4-11e1-espécies 92C0 Florestas-001fd0fef641} \ Shell \ \ command AutoRun - "" = E: \ AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {64998505-7fac-11e0-983c-001fd0fef641} \ Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {64998505-7fac-11e0-983c-001fd0fef641} \ Shell \ \ command AutoRun - "" = F: \ AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {64998507-7fac-11e0-983c-001fd0fef641} \ Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {64998507-7fac-11e0-983c-001fd0fef641} \ Shell \ \ command AutoRun - "" = F: \ AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {b65734b8-f8d9-11e0-91f7-001fd0fef641} \ Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2 \ {b65734b8-f8d9-11e0-91f7-001fd0fef641} \ Shell \ \ command AutoRun - "" = E: \ AutoRun.exe> in the current context!
Error: Unable to interpret <[2013/08/07 09:52:29 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Dados de aplicativos \ Web bolo> in the current context!
Error: Unable to interpret <[2013/08/07 09:52:29 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ Web bolo> in the current context!
Error: Unable to interpret <[2013/08/07 09:51:49 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ All Users \ Dados de aplicativos \ Tarma Installer> in the current context!
Error: Unable to interpret <[2013/08/05 00:44:32 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook> in the current context!
Error: Unable to interpret <[2013/08/05 11:36:49 | 002349096 | ---- | C] (Banco do Brasil SA) - C: \ Documents and Settings \ Financeir \ MEUS Documentos \ DiagnosticoBB.exe> in the current context!
Error: Unable to interpret <[2013/08/02 08:07:08 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ Plus HD-2.3> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:42 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ LyriXeeker> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:11 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ DealPlyLive> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:11 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ All Users \ Dados de aplicativos \ DealPlyLive> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:11 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ DealPlyLive> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:09 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Dados de aplicativos \ DealPly> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:05 | 000,000,000 | --- D | C] - C: \ Documents and Settings \ Financeir \ Menu Iniciar \ Programas \ DealPly> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:05 | 000,000,000 | --- D | C] - C: \ Arquivos de Programas \ DealPly> in the current context!
Error: Unable to interpret <[2013/08/05 13:14:44 | 000001012 | ---- | M] () -> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:15 | 000000912 | ---- | M] () - C: \ WINDOWS \ tasks \ DealPlyLiveUpdateTaskMachineCore.job> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:03 | 000000404 | ---- | M] () - C: \ WINDOWS \ tasks \ LyricXeeker Update.job> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:11 | 000,000,000 | --- D | M] - C: \ Documents and Settings \ All Users \ Dados de aplicativos \ DealPlyLive> in the current context!
Error: Unable to interpret <[2013/08/07 09:52:29 | 000,000,000 | --- D | M] - C: \ Documents and Settings \ All Users \ Dados de aplicativos \ Tarma Installer> in the current context!
Error: Unable to interpret <[2013/07/23 17:25:09 | 000,000,000 | --- D | M] - C: \ Documents and Settings \ Financeir \ Dados de aplicativos \ DealPly> in the current context!
Error: Unable to interpret <[2013/08/07 16:16:10 | 000,000,000 | --- D | M] - C: \ Documents and Settings \ Financeir \ Dados de aplicativos \ Web bolo> in the current context!
Error: Unable to interpret <: Arquivos> in the current context!
Error: Unable to interpret <C: \ Arquivos de Programas \ DealPlyLive> in the current context!
Error: Unable to interpret <C: \ Arquivos de Programas \ Web bolo> in the current context!
Error: Unable to interpret <C: \ Arquivos de Programas \ LyriXeeker> in the current context!
Error: Unable to interpret <C: \ Arquivos de Programas \ Web Assistant> in the current context!
Error: Unable to interpret <: Reg> in the current context!
Error: Unable to interpret <C: \ Documents and Settings \ Financeir \ Configurações locais \ Dados de aplicativos \ Facebook \ Video \ Skype \ FacebookVideoCalling.exe "= -> in the current context!
Error: Unable to interpret <[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uninstall]> in the current context!
Error: Unable to interpret <"{336D0C35-8A85-403A-B9D2-65C292C39087} _is1" = -> in the current context!
Error: Unable to interpret <"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = -> in the current context!
Error: Unable to interpret <"{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}" = -> in the current context!
Error: Unable to interpret <"DealPly" = -> in the current context!
Error: Unable to interpret <"Plus-HD 2.3" = -> in the current context!
Error: Unable to interpret <"DealPly" = -> in the current context!
Error: Unable to interpret <: Comandos> in the current context!
Error: Unable to interpret <[Pureza]> in the current context!
Error: Unable to interpret <[Emptyflash]> in the current context!
Error: Unable to interpret <[Emptytemp]> in the current context!
 
OTL by OldTimer - Version 3.2.69.0 log created on 08122013_132716

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Diana
Bom dia.

Mais alguma ação?

Diana
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Marcelo
Administrador
Oi, Diana

Nossa, peço perdão! Realmente havia me esquecido desse tópico.

Por favor, poste um novo log do OTL para eu conferir a situação atual do sistema.
Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Diana
Oi Marcelo!

Sem problemas! Segue relatorio OTL e EXTRAS:

OTL logfile created on: 21/8/2013 13:38:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Financeir\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
 
1013,42 Mb Total Physical Memory | 723,32 Mb Available Physical Memory | 71,37% Memory free
2,40 Gb Paging File | 1,81 Gb Available in Paging File | 75,51% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 107,21 Gb Free Space | 71,94% Space Free | Partition Type: NTFS
 
Computer Name: FINANCEIRO | User Name: Financeir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
[color=#E56717]========== Processes (All) ==========[/color]
 
PRC - [2013/08/12 12:03:33 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\FacebookUpdate.exe
PRC - [2013/08/01 21:13:06 | 000,051,992 | ---- | M] (cake bake) -- C:\Arquivos de programas\Web Cake\WebCakeDesktop.Updater.exe
PRC - [2013/07/25 16:02:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL (1).exe
PRC - [2013/07/25 09:45:40 | 020,686,704 | R--- | M] (Skype Technologies S.A.) -- C:\Arquivos de programas\Skype\Phone\Skype.exe
PRC - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe
PRC - [2013/07/15 11:23:42 | 000,409,640 | ---- | M] (GAS Tecnologia) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe
PRC - [2012/09/22 08:56:30 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe
PRC - [2011/05/07 15:29:09 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
PRC - [2010/11/02 08:36:02 | 019,580,520 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
PRC - [2010/08/17 10:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
PRC - [2010/01/13 11:46:36 | 000,166,912 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
PRC - [2010/01/13 11:46:14 | 000,135,680 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
PRC - [2010/01/13 11:46:02 | 000,243,712 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
PRC - [2009/07/24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
PRC - [2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/04/28 06:14:00 | 000,073,728 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MC.EXE
PRC - [2008/04/13 23:21:23 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [RPCSS]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [NETWORKSERVICE]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [NETSVCS]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [NETSVCS]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [LOCALSERVICE]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [LOCALSERVICE]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [IMGSVC]
PRC - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe  [DCOMLAUNCH]
PRC - [2008/04/13 23:21:19 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
PRC - [2008/04/13 23:21:17 | 000,099,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scardsvr.exe
PRC - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
PRC - [2008/04/13 23:20:58 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008/04/13 23:20:54 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
PRC - [2008/04/13 23:20:53 | 000,006,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\csrss.exe
PRC - [2008/04/13 23:20:46 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\alg.exe
PRC - [2007/10/17 13:17:08 | 000,163,840 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetcrss1.exe
PRC - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
 
 
[color=#E56717]========== Modules (All) ==========[/color]
 
MOD - [2013/08/14 08:31:05 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\22d4e8aa5199c8d99834a45df34f5867\System.ServiceProcess.ni.dll
MOD - [2013/08/14 08:30:56 | 000,141,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\bf2eba0e2a992653ff57a5455f0374a5\System.Configuration.Install.ni.dll
MOD - [2013/08/14 08:18:11 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e8ca7e64c7eb45bf7c80962e06f71a9\System.ni.dll
MOD - [2013/08/14 07:59:41 | 011,497,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\f70861e3b54f6b9e54a56b4d535d4da5\mscorlib.ni.dll
MOD - [2013/08/12 12:03:33 | 000,686,960 | ---- | M] (Facebook Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\1.2.205.0\goopdate.dll
MOD - [2013/08/12 12:03:33 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\FacebookUpdate.exe
MOD - [2013/08/01 21:13:06 | 000,051,992 | ---- | M] (cake bake) -- C:\Arquivos de programas\Web Cake\WebCakeDesktop.Updater.exe
MOD - [2013/07/25 23:48:57 | 006,017,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mshtml.dll
MOD - [2013/07/25 23:48:57 | 001,215,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\urlmon.dll
MOD - [2013/07/25 23:48:57 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wininet.dll
MOD - [2013/07/25 23:48:57 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\jsproxy.dll
MOD - [2013/07/25 23:48:56 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ieframe.dll
MOD - [2013/07/25 23:48:56 | 002,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iertutil.dll
MOD - [2013/07/25 23:48:56 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iepeers.dll
MOD - [2013/07/25 16:02:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL (1).exe
MOD - [2013/07/25 09:45:40 | 020,686,704 | R--- | M] (Skype Technologies S.A.) -- C:\Arquivos de programas\Skype\Phone\Skype.exe
MOD - [2013/07/25 09:40:46 | 000,088,944 | R--- | M] (Skype Technologies) -- C:\Arquivos de programas\Skype\Updater\Updater.dll
MOD - [2013/07/23 17:25:11 | 000,818,208 | ---- | M] (DealPly Technologies Ltd) -- C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\goopdate.dll
MOD - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe
MOD - [2013/07/15 11:23:42 | 000,409,640 | ---- | M] (GAS Tecnologia) -- C:\Arquivos de programas\GbPlugin\gbpsv.exe
MOD - [2013/07/15 11:23:20 | 001,410,088 | ---- | M] (Banco do Brasil) -- C:\Arquivos de programas\GbPlugin\gbieh.dll
MOD - [2013/06/28 16:33:54 | 001,529,976 | ---- | M] (Banco Real) -- C:\Arquivos de programas\GbPlugin\gbiehabn.dll
MOD - [2013/06/10 14:36:28 | 001,396,792 | ---- | M] (Banco Itaú Unibanco) -- C:\Arquivos de programas\GbPlugin\gbiehuni.dll
MOD - [2013/05/27 22:59:29 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcrt4.dll
MOD - [2013/04/22 05:45:04 | 005,920,408 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
MOD - [2012/12/26 12:03:38 | 001,652,584 | ---- | M] (Caixa Economica Federal) -- C:\Arquivos de programas\GbPlugin\gbiehcef.dll
MOD - [2012/10/09 17:27:00 | 000,258,048 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
MOD - [2012/10/03 05:44:30 | 000,364,640 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
MOD - [2012/10/03 01:57:56 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kernel32.dll
MOD - [2012/09/22 08:56:30 | 000,770,384 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Java\jre7\bin\msvcr100.dll
MOD - [2012/09/22 08:56:30 | 000,161,768 | ---- | M] (Oracle Corporation) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe
MOD - [2012/08/24 10:53:14 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wintrust.dll
MOD - [2012/07/06 10:58:41 | 000,337,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netapi32.dll
MOD - [2012/07/06 10:58:41 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browser.dll
MOD - [2012/06/08 11:25:19 | 008,492,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shell32.dll
MOD - [2012/06/05 12:49:24 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msxml3.dll
MOD - [2012/06/04 01:32:08 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\schannel.dll
MOD - [2012/06/01 13:49:14 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\crypt32.dll
MOD - [2012/05/14 06:22:35 | 000,347,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\localspl.dll
MOD - [2012/02/29 11:09:51 | 000,148,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imagehlp.dll
MOD - [2012/02/09 12:43:21 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
MOD - [2012/01/28 12:20:49 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_pt-BR_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll
MOD - [2011/11/16 11:21:43 | 000,354,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winhttp.dll
MOD - [2011/11/01 13:07:09 | 001,288,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ole32.dll
MOD - [2011/10/14 11:47:16 | 000,179,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winmm.dll
MOD - [2011/09/26 10:41:20 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleacc.dll
MOD - [2011/06/15 17:27:11 | 006,378,144 | R--- | M] (Adobe Systems, Inc.) -- C:\WINDOWS\system32\Macromed\Flash\Flash10t.ocx
MOD - [2011/06/02 17:15:35 | 000,798,872 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\1.3.21.57\goopdate.dll
MOD - [2011/05/24 17:03:00 | 001,007,160 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll
MOD - [2011/05/24 17:03:00 | 000,150,072 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.7.6406.1642\gtn.dll
MOD - [2011/05/07 15:29:09 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MOD - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
MOD - [2011/03/04 03:36:11 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\jscript.dll
MOD - [2011/03/03 03:54:38 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dnsapi.dll
MOD - [2011/03/02 12:40:52 | 000,140,288 | ---- | M] () -- C:\Arquivos de programas\WinRAR\RarExt.dll
MOD - [2011/02/08 10:33:34 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42u.dll
MOD - [2010/12/22 09:34:17 | 000,301,568 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kerberos.dll
MOD - [2010/12/20 14:32:04 | 000,551,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oleaut32.dll
MOD - [2010/12/20 14:25:43 | 000,732,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsasrv.dll
MOD - [2010/12/09 12:15:17 | 000,734,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdll.dll
MOD - [2010/11/19 09:03:24 | 000,415,056 | ---- | M] (Scopus Tecnologia Ltda.) -- C:\Arquivos de programas\Scpad\scpMIB.dll
MOD - [2010/11/09 11:52:35 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbc32.dll
MOD - [2010/11/02 08:36:02 | 019,580,520 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE
MOD - [2010/08/27 02:53:36 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srvsvc.dll
MOD - [2010/08/23 13:12:00 | 000,617,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comctl32.dll
MOD - [2010/08/23 13:11:58 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
MOD - [2010/08/17 10:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolsv.exe
MOD - [2010/03/18 16:47:22 | 000,030,040 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
MOD - [2010/03/18 16:47:22 | 000,017,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\aspnet_counters.dll
MOD - [2010/03/18 13:16:28 | 000,771,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr100_clr0400.dll
MOD - [2010/03/18 13:16:28 | 000,413,008 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
MOD - [2010/03/18 13:16:28 | 000,129,880 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
MOD - [2010/03/18 13:16:28 | 000,121,688 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
MOD - [2010/03/18 10:09:00 | 000,297,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscoree.dll
MOD - [2010/03/18 10:09:00 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netfxperf.dll
MOD - [2010/01/26 21:50:50 | 000,212,328 | ---- | M] (Corel Corporation) -- c:\Arquivos de programas\Arquivos comuns\Corel\Shared\Shell Extension\ShellXP.dll
MOD - [2010/01/26 21:50:48 | 000,619,880 | ---- | M] (Corel Corporation) -- c:\Arquivos de programas\Arquivos comuns\Corel\Shared\Shell Extension\FileInfoProvider.dll
MOD - [2010/01/13 11:48:58 | 000,289,280 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxrptb.lrc
MOD - [2010/01/13 11:46:36 | 000,166,912 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hkcmd.exe
MOD - [2010/01/13 11:46:14 | 000,135,680 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxpers.exe
MOD - [2010/01/13 11:46:04 | 000,051,712 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.dll
MOD - [2010/01/13 11:46:02 | 000,243,712 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxsrvc.exe
MOD - [2010/01/13 11:45:38 | 000,093,696 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\hccutils.dll
MOD - [2010/01/13 11:45:32 | 000,205,824 | ---- | M] (Intel Corporation) -- C:\WINDOWS\system32\igfxdev.dll
MOD - [2009/12/08 06:24:25 | 000,474,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shlwapi.dll
MOD - [2009/11/05 08:39:40 | 000,087,552 | ---- | M] () -- C:\WINDOWS\system32\cpwmon2k.dll
MOD - [2009/10/13 07:34:00 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\oakley.dll
MOD - [2009/10/12 10:39:20 | 000,150,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastls.dll
MOD - [2009/10/12 10:39:19 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\raschap.dll
MOD - [2009/09/11 11:19:14 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msv1_0.dll
MOD - [2009/09/04 18:04:39 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msasn1.dll
MOD - [2009/07/27 20:17:42 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shsvcs.dll
MOD - [2009/07/24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe
MOD - [2009/07/17 16:03:29 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\atl.dll
MOD - [2009/07/17 13:17:04 | 001,439,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\query.dll
MOD - [2009/07/10 11:52:50 | 000,202,032 | ---- | M] (Scopus Tecnologia Ltda) -- C:\Arquivos de programas\Scpad\scpLIB.dll
MOD - [2009/06/25 05:27:14 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\secur32.dll
MOD - [2009/06/25 05:27:14 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdigest.dll
MOD - [2009/06/10 03:15:45 | 000,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wkssvc.dll
MOD - [2009/03/08 04:34:48 | 000,236,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\webcheck.dll
MOD - [2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dxtrans.dll
MOD - [2009/03/08 04:31:38 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imgutil.dll
MOD - [2009/03/08 04:31:36 | 000,046,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pngfilt.dll
MOD - [2009/03/08 04:22:38 | 000,156,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msls31.dll
MOD - [2009/03/06 11:20:30 | 000,286,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pdh.dll
MOD - [2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\services.exe
MOD - [2009/02/09 07:53:26 | 000,683,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\advapi32.dll
MOD - [2009/02/09 07:53:26 | 000,473,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\fastprox.dll
MOD - [2009/02/09 07:53:26 | 000,401,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rpcss.dll
MOD - [2009/02/09 07:53:25 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiprvsd.dll
MOD - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe
MOD - [2009/01/26 15:31:02 | 001,879,896 | ---- | M] (Safer Networking Limited) -- C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll
MOD - [2009/01/26 15:30:58 | 001,287,000 | ---- | M] (Safer Networking Limited) -- C:\Arquivos de programas\Spybot - Search & Destroy\advcheck.dll
MOD - [2009/01/07 18:21:04 | 000,121,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xmllite.dll
MOD - [2009/01/07 18:20:36 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\normaliz.dll
MOD - [2008/10/23 09:37:45 | 000,286,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\gdi32.dll
MOD - [2008/07/29 12:10:46 | 000,265,720 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\msdbg2.dll
MOD - [2008/07/29 12:10:46 | 000,136,184 | ---- | M] (Microsoft Corporation) -- c:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\csm.dll
MOD - [2008/07/25 10:17:20 | 000,635,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.3053_x-ww_b80fa8ca\msvcr80.dll
MOD - [2008/07/25 10:17:00 | 000,077,312 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
MOD - [2008/07/25 10:16:40 | 000,033,800 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
MOD - [2008/07/07 17:28:46 | 000,253,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\es.dll
MOD - [2008/07/06 09:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
MOD - [2008/06/24 13:43:36 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mscms.dll
MOD - [2008/06/20 13:03:40 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mswsock.dll
MOD - [2008/06/12 11:22:42 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcprx.dll
MOD - [2008/06/12 11:22:42 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msdtcuiu.dll
MOD - [2008/06/12 11:22:42 | 000,066,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mtxclu.dll
MOD - [2008/05/19 05:33:20 | 004,445,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msi.dll
MOD - [2008/04/28 06:14:02 | 000,293,888 | ---- | M] (Hewlett-Packard ) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\HP1006S.DLL
MOD - [2008/04/28 06:14:02 | 000,284,160 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\HP1006LM.DLL
MOD - [2008/04/28 06:14:00 | 000,039,424 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MT.DLL
MOD - [2008/04/28 06:14:00 | 000,006,144 | ---- | M] (Software 2000 Limited) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\HP1006MP.DLL
MOD - [2008/04/13 23:21:27 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\h323.tsp
MOD - [2008/04/13 23:21:27 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdm.tsp
MOD - [2008/04/13 23:21:27 | 000,146,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winspool.drv
MOD - [2008/04/13 23:21:27 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ndptsp.tsp
MOD - [2008/04/13 23:21:27 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\kmddsp.tsp
MOD - [2008/04/13 23:21:27 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hidphone.tsp
MOD - [2008/04/13 23:21:27 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wdmaud.drv
MOD - [2008/04/13 23:21:27 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipconf.tsp
MOD - [2008/04/13 23:21:23 | 000,509,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winlogon.exe
MOD - [2008/04/13 23:21:20 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\svchost.exe
MOD - [2008/04/13 23:21:19 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\smss.exe
MOD - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\lsass.exe
MOD - [2008/04/13 23:20:58 | 001,035,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
MOD - [2008/04/13 23:20:54 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ctfmon.exe
MOD - [2008/04/13 23:20:46 | 000,483,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsvc.dll
MOD - [2008/04/13 23:20:46 | 000,383,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcdlg.dll
MOD - [2008/04/13 23:20:46 | 000,339,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\zipfldr.dll
MOD - [2008/04/13 23:20:46 | 000,052,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wzcsapi.dll
MOD - [2008/04/13 23:20:44 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2_32.dll
MOD - [2008/04/13 23:20:44 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wsock32.dll
MOD - [2008/04/13 23:20:44 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ws2help.dll
MOD - [2008/04/13 23:20:44 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wshtcpip.dll
MOD - [2008/04/13 23:20:44 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wtsapi32.dll
MOD - [2008/04/13 23:20:43 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmisvc.dll
MOD - [2008/04/13 23:20:43 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Media Player\wmpband.dll
MOD - [2008/04/13 23:20:43 | 000,097,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wmiutils.dll
MOD - [2008/04/13 23:20:43 | 000,093,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlnotify.dll
MOD - [2008/04/13 23:20:42 | 000,334,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wiaservc.dll
MOD - [2008/04/13 23:20:42 | 000,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wldap32.dll
MOD - [2008/04/13 23:20:42 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\win32spl.dll
MOD - [2008/04/13 23:20:42 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winscard.dll
MOD - [2008/04/13 23:20:42 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wlanapi.dll
MOD - [2008/04/13 23:20:42 | 000,053,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winsta.dll
MOD - [2008/04/13 23:20:42 | 000,032,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winipsec.dll
MOD - [2008/04/13 23:20:42 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\winrnr.dll
MOD - [2008/04/13 23:20:41 | 000,531,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcore.dll
MOD - [2008/04/13 23:20:41 | 000,430,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vssapi.dll
MOD - [2008/04/13 23:20:41 | 000,273,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemess.dll
MOD - [2008/04/13 23:20:41 | 000,214,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemcomn.dll
MOD - [2008/04/13 23:20:41 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\w32time.dll
MOD - [2008/04/13 23:20:41 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemsvc.dll
MOD - [2008/04/13 23:20:41 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\wbemprox.dll
MOD - [2008/04/13 23:20:40 | 001,499,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdocvw.dll
MOD - [2008/04/13 23:20:40 | 000,732,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\userenv.dll
MOD - [2008/04/13 23:20:40 | 000,714,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sxs.dll
MOD - [2008/04/13 23:20:40 | 000,579,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\user32.dll
MOD - [2008/04/13 23:20:40 | 000,428,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samsrv.dll
MOD - [2008/04/13 23:20:40 | 000,388,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\themeui.dll
MOD - [2008/04/13 23:20:40 | 000,320,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scesrv.dll
MOD - [2008/04/13 23:20:40 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\termsrv.dll
MOD - [2008/04/13 23:20:40 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapisrv.dll
MOD - [2008/04/13 23:20:40 | 000,219,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uxtheme.dll
MOD - [2008/04/13 23:20:40 | 000,184,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
MOD - [2008/04/13 23:20:40 | 000,181,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapi32.dll
MOD - [2008/04/13 23:20:40 | 000,171,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srsvc.dll
MOD - [2008/04/13 23:20:40 | 000,141,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc_os.dll
MOD - [2008/04/13 23:20:40 | 000,133,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\upnp.dll
MOD - [2008/04/13 23:20:40 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umpnpmgr.dll
MOD - [2008/04/13 23:20:40 | 000,122,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\stobject.dll
MOD - [2008/04/13 23:20:40 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\trkwks.dll
MOD - [2008/04/13 23:20:40 | 000,077,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\unimdmat.dll
MOD - [2008/04/13 23:20:40 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spoolss.dll
MOD - [2008/04/13 23:20:40 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\srclient.dll
MOD - [2008/04/13 23:20:40 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shimeng.dll
MOD - [2008/04/13 23:20:40 | 000,046,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tcpmon.dll
MOD - [2008/04/13 23:20:40 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sens.dll
MOD - [2008/04/13 23:20:40 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ssdpapi.dll
MOD - [2008/04/13 23:20:40 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\vdmdbg.dll
MOD - [2008/04/13 23:20:40 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shfolder.dll
MOD - [2008/04/13 23:20:40 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\version.dll
MOD - [2008/04/13 23:20:40 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\seclogon.dll
MOD - [2008/04/13 23:20:40 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\usbmon.dll
MOD - [2008/04/13 23:20:40 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\uniplat.dll
MOD - [2008/04/13 23:20:40 | 000,007,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sensapi.dll
MOD - [2008/04/13 23:20:40 | 000,005,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\sfc.dll
MOD - [2008/04/13 23:20:39 | 000,433,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\riched20.dll
MOD - [2008/04/13 23:20:39 | 000,178,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\repdrvfs.dll
MOD - [2008/04/13 23:20:39 | 000,064,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\samlib.dll
MOD - [2008/04/13 23:20:39 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\resutils.dll
MOD - [2008/04/13 23:20:39 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rtutils.dll
MOD - [2008/04/13 23:20:38 | 000,673,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasdlg.dll
MOD - [2008/04/13 23:20:38 | 000,210,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasppp.dll
MOD - [2008/04/13 23:20:38 | 000,186,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasmans.dll
MOD - [2008/04/13 23:20:38 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasqec.dll
MOD - [2008/04/13 23:20:38 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasman.dll
MOD - [2008/04/13 23:20:38 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rastapi.dll
MOD - [2008/04/13 23:20:38 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\regapi.dll
MOD - [2008/04/13 23:20:37 | 000,572,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\printui.dll
MOD - [2008/04/13 23:20:37 | 000,409,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgr.dll
MOD - [2008/04/13 23:20:37 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasapi32.dll
MOD - [2008/04/13 23:20:37 | 000,145,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntshrui.dll
MOD - [2008/04/13 23:20:37 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\onex.dll
MOD - [2008/04/13 23:20:37 | 000,119,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntmarta.dll
MOD - [2008/04/13 23:20:37 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psbase.dll
MOD - [2008/04/13 23:20:37 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\olepro32.dll
MOD - [2008/04/13 23:20:37 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qutil.dll
MOD - [2008/04/13 23:20:37 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntdsapi.dll
MOD - [2008/04/13 23:20:37 | 000,044,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlanman.dll
MOD - [2008/04/13 23:20:37 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfctrs.dll
MOD - [2008/04/13 23:20:37 | 000,038,400 | ---- | M] (Microsoft Corporation) -- c:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
MOD - [2008/04/13 23:20:37 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfproc.dll
MOD - [2008/04/13 23:20:37 | 000,034,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pstorsvc.dll
MOD - [2008/04/13 23:20:37 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\profmap.dll
MOD - [2008/04/13 23:20:37 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfdisk.dll
MOD - [2008/04/13 23:20:37 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfos.dll
MOD - [2008/04/13 23:20:37 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcbcp.dll
MOD - [2008/04/13 23:20:37 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\psapi.dll
MOD - [2008/04/13 23:20:37 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\qmgrprxy.dll
MOD - [2008/04/13 23:20:37 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfnet.dll
MOD - [2008/04/13 23:20:37 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\powrprof.dll
MOD - [2008/04/13 23:20:37 | 000,015,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pjlmon.dll
MOD - [2008/04/13 23:20:37 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ntlsapi.dll
MOD - [2008/04/13 23:20:37 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasadhlp.dll
MOD - [2008/04/13 23:20:36 | 001,710,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netshell.dll
MOD - [2008/04/13 23:20:36 | 000,245,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui1.dll
MOD - [2008/04/13 23:20:36 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui0.dll
MOD - [2008/04/13 23:20:34 | 000,629,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netcfgx.dll
MOD - [2008/04/13 23:20:34 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp60.dll
MOD - [2008/04/13 23:20:34 | 000,407,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netlogon.dll
MOD - [2008/04/13 23:20:34 | 000,343,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcrt.dll
MOD - [2008/04/13 23:20:34 | 000,199,168 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msutb.dll
MOD - [2008/04/13 23:20:34 | 000,198,144 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netman.dll
MOD - [2008/04/13 23:20:34 | 000,159,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimtf.dll
MOD - [2008/04/13 23:20:34 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mstlsapi.dll
MOD - [2008/04/13 23:20:34 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\ncprov.dll
MOD - [2008/04/13 23:20:34 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ncobjapi.dll
MOD - [2008/04/13 23:20:34 | 000,018,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\nddeapi.dll
MOD - [2008/04/13 23:20:34 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netrap.dll
MOD - [2008/04/13 23:20:34 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msimg32.dll
MOD - [2008/04/13 23:20:33 | 001,000,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msgina.dll
MOD - [2008/04/13 23:20:33 | 000,539,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msftedit.dll
MOD - [2008/04/13 23:20:33 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/13 23:20:32 | 000,297,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctf.dll
MOD - [2008/04/13 23:20:32 | 000,155,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\modemui.dll
MOD - [2008/04/13 23:20:32 | 000,087,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprapi.dll
MOD - [2008/04/13 23:20:32 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008/04/13 23:20:32 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mpr.dll
MOD - [2008/04/13 23:20:31 | 000,586,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mlang.dll
MOD - [2008/04/13 23:20:31 | 000,018,944 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\midimap.dll
MOD - [2008/04/13 23:20:30 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\linkinfo.dll
MOD - [2008/04/13 23:20:30 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ksuser.dll
MOD - [2008/04/13 23:20:28 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hnetcfg.dll
MOD - [2008/04/13 23:20:28 | 000,331,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipnathlp.dll
MOD - [2008/04/13 23:20:28 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ipsecsvc.dll
MOD - [2008/04/13 23:20:28 | 000,110,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\imm32.dll
MOD - [2008/04/13 23:20:28 | 000,095,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\iphlpapi.dll
MOD - [2008/04/13 23:20:28 | 000,075,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\inetpp.dll
MOD - [2008/04/13 23:20:28 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\icaapi.dll
MOD - [2008/04/13 23:20:27 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hid.dll
MOD - [2008/04/13 23:20:26 | 001,092,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\esent.dll
MOD - [2008/04/13 23:20:26 | 000,367,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dsound.dll
MOD - [2008/04/13 23:20:26 | 000,304,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\duser.dll
MOD - [2008/04/13 23:20:26 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\esscli.dll
MOD - [2008/04/13 23:20:26 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wbem\framedyn.dll
MOD - [2008/04/13 23:20:26 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappcfg.dll
MOD - [2008/04/13 23:20:26 | 000,080,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\faultrep.dll
MOD - [2008/04/13 23:20:26 | 000,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
MOD - [2008/04/13 23:20:26 | 000,040,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eappprxy.dll
MOD - [2008/04/13 23:20:26 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eapolqec.dll
MOD - [2008/04/13 23:20:26 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ersvc.dll
MOD - [2008/04/13 23:20:26 | 000,014,336 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drprov.dll
MOD - [2008/04/13 23:20:25 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3api.dll
MOD - [2008/04/13 23:20:25 | 000,023,552 | ---- | M] (Microsoft Corp.) -- C:\WINDOWS\system32\dmserver.dll
MOD - [2008/04/13 23:20:25 | 000,019,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dimsntfy.dll
MOD - [2008/04/13 23:20:25 | 000,009,216 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dot3dlg.dll
MOD - [2008/04/13 23:20:24 | 001,689,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3d9.dll
MOD - [2008/04/13 23:20:24 | 001,267,200 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comsvcs.dll
MOD - [2008/04/13 23:20:24 | 001,025,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browseui.dll
MOD - [2008/04/13 23:20:24 | 000,824,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3dim700.dll
MOD - [2008/04/13 23:20:24 | 000,821,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comres.dll
MOD - [2008/04/13 23:20:24 | 000,640,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dbghelp.dll
MOD - [2008/04/13 23:20:24 | 000,528,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptui.dll
MOD - [2008/04/13 23:20:24 | 000,498,688 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clbcatq.dll
MOD - [2008/04/13 23:20:24 | 000,331,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscui.dll
MOD - [2008/04/13 23:20:24 | 000,279,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ddraw.dll
MOD - [2008/04/13 23:20:24 | 000,275,968 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\comdlg32.dll
MOD - [2008/04/13 23:20:24 | 000,199,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\certcli.dll
MOD - [2008/04/13 23:20:24 | 000,164,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\credui.dll
MOD - [2008/04/13 23:20:24 | 000,126,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dhcpcsvc.dll
MOD - [2008/04/13 23:20:24 | 000,102,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cscdll.dll
MOD - [2008/04/13 23:20:24 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptnet.dll
MOD - [2008/04/13 23:20:24 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptsvc.dll
MOD - [2008/04/13 23:20:24 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\authz.dll
MOD - [2008/04/13 23:20:24 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\colbact.dll
MOD - [2008/04/13 23:20:24 | 000,060,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cabinet.dll
MOD - [2008/04/13 23:20:24 | 000,059,904 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\devenum.dll
MOD - [2008/04/13 23:20:24 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\clusapi.dll
MOD - [2008/04/13 23:20:24 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cnbjmon.dll
MOD - [2008/04/13 23:20:24 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\audiosrv.dll
MOD - [2008/04/13 23:20:24 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cryptdll.dll
MOD - [2008/04/13 23:20:24 | 000,029,184 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\batmeter.dll
MOD - [2008/04/13 23:20:24 | 000,027,136 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\ddrawex.dll
MOD - [2008/04/13 23:20:24 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\davclnt.dll
MOD - [2008/04/13 23:20:24 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dciman32.dll
MOD - [2008/04/13 23:20:24 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\d3d8thk.dll
MOD - [2008/04/13 23:20:23 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
MOD - [2008/04/13 23:20:23 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\activeds.dll
MOD - [2008/04/13 23:20:23 | 000,143,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\adsldpc.dll
MOD - [2008/04/13 23:20:23 | 000,125,952 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\apphelp.dll
MOD - [2008/04/13 23:20:23 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\actxprxy.dll
MOD - [2008/04/13 23:20:22 | 000,039,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acadproc.dll
MOD - [2008/04/13 23:19:55 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\wmi.dll
MOD - [2008/04/13 23:19:05 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2008/04/13 23:18:53 | 000,177,152 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msctfime.ime
MOD - [2008/04/13 23:18:31 | 000,545,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\hhctrl.ocx
MOD - [2008/04/13 23:18:05 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cfgmgr32.dll
MOD - [2008/04/13 22:55:59 | 000,563,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\shdoclc.dll
MOD - [2008/04/13 22:53:30 | 000,067,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\browselc.dll
MOD - [2008/04/13 19:20:42 | 000,995,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\setupapi.dll
MOD - [2008/04/13 15:35:38 | 002,945,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\xpsp2res.dll
MOD - [2008/04/13 14:37:57 | 000,208,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsaenh.dll
MOD - [2008/04/13 14:37:57 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\dssenh.dll
MOD - [2008/04/13 13:23:31 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msprivs.dll
MOD - [2007/10/24 12:56:42 | 000,737,280 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetpkss1.dll
MOD - [2007/10/18 13:06:18 | 000,077,824 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetsprov.dll
MOD - [2007/10/17 15:28:24 | 000,023,552 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aettask.dll
MOD - [2007/10/17 13:17:08 | 000,163,840 | ---- | M] (A.E.T. Europe B.V.) -- C:\WINDOWS\system32\aetcrss1.exe
MOD - [2007/08/29 16:06:10 | 000,106,496 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZSPOOL.DLL
MOD - [2007/07/13 18:39:24 | 000,057,344 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\ZIMFPRNT.DLL
MOD - [2007/07/13 18:39:24 | 000,053,248 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZTAG.DLL
MOD - [2007/07/13 18:39:22 | 000,061,440 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZIMF.DLL
MOD - [2007/07/13 18:39:00 | 000,135,168 | ---- | M] (Marvell Semiconductor, Inc.) -- C:\WINDOWS\system32\CP1215LM.DLL
MOD - [2007/04/09 13:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
MOD - [2007/04/09 13:23:54 | 000,028,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mdimon.dll
MOD - [2007/03/28 09:54:29 | 000,098,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\odbcint.dll
MOD - [2006/03/02 09:00:00 | 000,310,784 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netui2.dll
MOD - [2006/03/02 09:00:00 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\netmsg.dll
MOD - [2006/03/02 09:00:00 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mapi32.dll
MOD - [2006/03/02 09:00:00 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mui\0016\hhctrlui.dll
MOD - [2006/03/02 09:00:00 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mfc42loc.dll
MOD - [2006/03/02 09:00:00 | 000,047,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\mprui.dll
MOD - [2006/03/02 09:00:00 | 000,031,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\traffic.dll
MOD - [2006/03/02 09:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\utildll.dll
MOD - [2006/03/02 09:00:00 | 000,020,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.drv
MOD - [2006/03/02 09:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rasctrs.dll
MOD - [2006/03/02 09:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\perfts.dll
MOD - [2006/03/02 09:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\pschdprf.dll
MOD - [2006/03/02 09:00:00 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\rsvpperf.dll
MOD - [2006/03/02 09:00:00 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\tapiperf.dll
MOD - [2005/03/18 10:18:56 | 000,086,016 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZLhp1020.dll
MOD - [2005/03/18 10:18:56 | 000,049,152 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\IMFPRINT.DLL
MOD - [2005/03/18 10:18:56 | 000,028,672 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\zlm.dll
MOD - [2005/03/18 10:18:56 | 000,028,672 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\IMF32.DLL
MOD - [2005/03/18 10:18:56 | 000,024,576 | ---- | M] (Zenographics, Inc.) -- C:\WINDOWS\system32\ZTAG32.DLL
MOD - [2004/08/04 01:45:28 | 001,483,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\shdocvw.dll
MOD - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE
MOD - [2003/06/11 15:21:38 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\1046\MDMUI.DLL
MOD - [2003/03/18 20:14:52 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll
MOD - [2003/02/21 04:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll
MOD - [2003/02/21 04:42:22 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\msvcr71.dll
MOD - [2002/01/05 15:05:48 | 000,180,224 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\PDM.DLL
MOD - [2001/12/18 01:00:00 | 000,233,472 | ---- | M] (Hewlett-Packard) -- C:\Arquivos de programas\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\hpgwiamd.dll
MOD - [2001/12/18 01:00:00 | 000,040,960 | ---- | M] (Hewlett-Packard) -- C:\Arquivos de programas\Hewlett-Packard\HP PrecisionScan\PrecisionScan LTX\hpgcollab.dll
MOD - [2001/08/21 06:02:20 | 000,032,768 | ---- | M] (Hewlett-Packard) -- C:\WINDOWS\system32\hpgdtuu.dll
 
 
[color=#E56717]========== Services (All) ==========[/color]
 
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/08/01 21:13:06 | 000,051,992 | ---- | M] (cake bake) [Auto | Running] -- C:\Arquivos de programas\Web Cake\WebCakeDesktop.Updater.exe -- (WebCakeUpdater)
SRV - [2013/07/25 09:40:44 | 000,162,672 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Arquivos de programas\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [On_Demand | Stopped] -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe -- (dealplylivem)
SRV - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [Auto | Stopped] -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe -- (dealplylive)
SRV - [2013/07/15 11:23:42 | 000,409,640 | ---- | M] (GAS Tecnologia) [Auto | Running] -- C:\Arquivos de programas\GbPlugin\gbpsv.exe -- (GbpSv)
SRV - [2013/04/18 19:45:12 | 000,754,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2012/09/22 08:56:30 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/06 10:58:41 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2011/05/07 15:29:08 | 000,182,768 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Arquivos de programas\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe -- (gupdatem)
SRV - [2011/05/07 15:28:03 | 000,136,176 | ---- | M] (Google Inc.) [Auto | Stopped] -- C:\Arquivos de programas\Google\Update\GoogleUpdate.exe -- (gupdate)
SRV - [2010/08/27 02:53:36 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srvsvc.dll -- (lanmanserver)
SRV - [2010/08/17 10:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2010/03/18 16:47:22 | 000,035,160 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe -- (aspnet_state)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 13:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2009/07/27 20:17:42 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2009/07/27 20:17:42 | 000,135,168 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/07/27 20:17:42 | 000,135,168 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2009/07/24 18:38:50 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Arquivos de programas\Arquivos comuns\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/06/10 03:15:45 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wkssvc.dll -- (lanmanworkstation)
SRV - [2009/04/20 14:19:39 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2009/02/09 08:25:05 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2009/02/09 07:53:26 | 000,683,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2009/02/09 07:53:26 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs)
SRV - [2009/02/09 07:53:26 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
SRV - [2008/07/29 20:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/07/29 18:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/25 10:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/07 17:28:46 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008/06/20 13:03:40 | 000,247,808 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\mswsock.dll -- (Nla)
SRV - [2008/05/19 00:57:42 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/13 23:21:24 | 000,126,464 | ---- | M] (Microsoft Corporation) [Boot | Stopped] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2008/04/13 23:21:22 | 000,292,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/13 23:21:21 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2008/04/13 23:21:21 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ups.exe -- (UPS)
SRV - [2008/04/13 23:21:18 | 000,090,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008/04/13 23:21:17 | 000,142,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2008/04/13 23:21:17 | 000,099,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2008/04/13 23:21:11 | 000,113,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/13 23:21:11 | 000,113,664 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/13 23:21:09 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2008/04/13 23:21:07 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2008/04/13 23:21:05 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/13 23:21:04 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator)
SRV - [2008/04/13 23:21:02 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/13 23:20:56 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand | Stopped] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/13 23:20:55 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/13 23:20:55 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2008/04/13 23:20:51 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008/04/13 23:20:51 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
SRV - [2008/04/13 23:20:46 | 000,483,840 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008/04/13 23:20:46 | 000,129,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2008/04/13 23:20:46 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/13 23:20:45 | 000,006,656 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/13 23:20:44 | 000,080,896 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2008/04/13 23:20:43 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/13 23:20:42 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc)
SRV - [2008/04/13 23:20:41 | 000,176,128 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2008/04/13 23:20:41 | 000,068,096 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2008/04/13 23:20:41 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/13 23:20:40 | 000,296,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/13 23:20:40 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/13 23:20:40 | 000,193,536 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/13 23:20:40 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2008/04/13 23:20:40 | 000,171,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/13 23:20:40 | 000,090,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks)
SRV - [2008/04/13 23:20:40 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008/04/13 23:20:40 | 000,039,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008/04/13 23:20:40 | 000,018,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/13 23:20:38 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2008/04/13 23:20:38 | 000,059,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2008/04/13 23:20:37 | 000,437,248 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/13 23:20:37 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2008/04/13 23:20:37 | 000,292,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent)
SRV - [2008/04/13 23:20:37 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/13 23:20:37 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/13 23:20:34 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/04/13 23:20:34 | 000,052,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN)
SRV - [2008/04/13 23:20:34 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/13 23:20:32 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/13 23:20:30 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc)
SRV - [2008/04/13 23:20:30 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/13 23:20:28 | 000,331,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/13 23:20:26 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2008/04/13 23:20:26 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008/04/13 23:20:25 | 000,133,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc)
SRV - [2008/04/13 23:20:25 | 000,023,552 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/13 23:20:24 | 000,126,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/04/13 23:20:24 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/13 23:20:24 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/13 23:20:23 | 000,172,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
SRV - [2008/04/13 23:20:23 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2007/06/28 13:43:00 | 000,155,716 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\WINDOWS\system32\nvsvc32.exe -- (NVSvc)
SRV - [2006/03/02 09:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)
SRV - [2003/07/28 20:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003/06/19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
 
 
[color=#E56717]========== Driver Services (All) ==========[/color]
 
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ViaIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (perc2)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (mraid35x)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (i2omp)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (hpn)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (dac960nt)
DRV - File not found [Kernel | Disabled | Unknown] --  -- (dac2w2k)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (CmdIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (cd20xrnt)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Atdisk)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (AliIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Abiosdsk)
DRV - [2013/08/21 07:20:19 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (NdisrdMP)
DRV - [2013/08/21 07:20:19 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GbpNdisrd.sys -- (Ndisrd)
DRV - [2013/07/01 08:37:46 | 000,046,904 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\gbpkm.sys -- (GbpKm)
DRV - [2012/07/04 11:05:20 | 000,139,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2011/08/17 10:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\afd.sys -- (AFD)
DRV - [2011/07/15 10:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2011/07/08 11:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2011/04/21 10:37:43 | 000,105,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2011/02/17 10:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2011/01/14 04:06:40 | 000,277,352 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2010/11/02 12:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2010/11/02 08:36:26 | 006,188,648 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2010/01/13 12:18:36 | 001,730,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\igxpmp32.sys -- (ialm)
DRV - [2009/11/17 20:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/17 20:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/10/20 13:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/06/24 08:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2008/12/13 11:26:38 | 000,102,400 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008/06/20 08:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/04/13 23:21:49 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/13 23:21:49 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/13 23:21:48 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/13 23:02:36 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)
DRV - [2008/04/13 23:02:31 | 000,120,320 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/13 23:02:29 | 000,068,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008/04/13 23:02:24 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008/04/13 22:59:07 | 000,153,984 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/13 22:59:00 | 000,800,000 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/13 22:58:35 | 000,025,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/13 22:58:03 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/04/13 22:57:13 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\intelppm.sys -- (intelppm)
DRV - [2008/04/13 22:55:20 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2008/04/13 22:55:19 | 000,053,504 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/13 22:53:17 | 000,058,240 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/13 22:53:00 | 000,053,248 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/13 22:52:42 | 000,044,672 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/13 22:50:10 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/13 22:50:05 | 000,188,416 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008/04/13 22:50:05 | 000,030,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/13 16:28:39 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 16:21:00 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/13 16:20:42 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 16:20:37 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/13 16:19:48 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport)
DRV - [2008/04/13 16:19:43 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp)
DRV - [2008/04/13 16:19:42 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/13 16:17:18 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 16:15:55 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 16:15:53 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Running] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 16:14:29 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 16:14:21 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 15:57:32 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 15:57:27 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 15:57:21 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 15:57:15 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/13 15:57:07 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 15:56:38 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/13 15:56:32 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/13 15:56:02 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 15:55:58 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/13 15:54:28 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/13 15:53:34 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008/04/13 15:51:25 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 15:47:37 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/13 15:46:26 | 000,085,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NABTSFEC.sys -- (NABTSFEC)
DRV - [2008/04/13 15:46:24 | 000,019,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\WSTCODEC.SYS -- (WSTCODEC)
DRV - [2008/04/13 15:46:24 | 000,017,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CCDECODE.sys -- (CCDECODE)
DRV - [2008/04/13 15:46:24 | 000,011,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SLIP.sys -- (SLIP)
DRV - [2008/04/13 15:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StreamIP.sys -- (streamip)
DRV - [2008/04/13 15:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/04/13 15:46:22 | 000,010,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NdisIP.sys -- (NdisIP)
DRV - [2008/04/13 15:46:20 | 000,121,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbvideo.sys -- (usbvideo)
DRV - [2008/04/13 15:45:40 | 000,032,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2008/04/13 15:45:38 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - [2008/04/13 15:45:37 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/13 15:45:35 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/04/13 15:45:35 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/04/13 15:45:34 | 000,015,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2008/04/13 15:45:27 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (hidusb)
DRV - [2008/04/13 15:45:13 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 15:45:12 | 000,060,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBAUDIO.sys -- (usbaudio)
DRV - [2008/04/13 15:45:09 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/13 15:45:09 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/13 15:45:07 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/13 15:45:01 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dmusic.sys -- (DMusic)
DRV - [2008/04/13 15:44:40 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 15:40:58 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/13 15:40:49 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 15:40:48 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 15:40:47 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008/04/13 15:40:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 15:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008/04/13 15:40:25 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/13 15:40:25 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 15:40:12 | 000,015,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum)
DRV - [2008/04/13 15:39:53 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/13 15:39:52 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mskssrv.sys -- (MSKSSRV)
DRV - [2008/04/13 15:39:51 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspqm.sys -- (MSPQM)
DRV - [2008/04/13 15:39:50 | 000,005,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MSTEE.sys -- (MSTEE)
DRV - [2008/04/13 15:39:50 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mspclock.sys -- (MSPCLOCK)
DRV - [2008/04/13 15:39:46 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/13 15:39:46 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 15:36:46 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/13 15:32:59 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\fltmgr.sys -- (FltMgr)
DRV - [2008/04/13 15:32:51 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 15:32:44 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 15:32:39 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/13 15:32:39 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/13 15:32:36 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 13:39:23 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008/04/13 13:39:16 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008/04/13 13:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/10/25 13:50:26 | 000,062,848 | ---- | M] (ASICEN) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AsicenUSBDTVBDA_DM011.sys -- (AsicenUSBDTV_DM011)
DRV - [2007/06/28 13:43:00 | 006,807,328 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2006/12/01 13:48:22 | 000,020,992 | ---- | M] (ASICEN) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AS11Loader.sys -- (AS11Loader)
DRV - [2006/03/02 09:00:00 | 000,125,824 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2006/03/02 09:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2006/03/02 09:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2006/03/02 09:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2006/03/02 09:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2006/03/02 09:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti)
DRV - [2006/03/02 09:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2006/03/02 09:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2006/03/02 09:00:00 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2006/03/02 09:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2006/03/02 09:00:00 | 000,011,904 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2006/03/02 09:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2006/03/02 09:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2006/03/02 09:00:00 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2006/03/02 09:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2006/03/02 09:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2006/03/02 09:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2006/03/02 09:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2006/03/02 09:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2006/03/02 09:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2006/03/02 09:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)
DRV - [2004/06/28 10:06:26 | 000,061,840 | ---- | M] (Gemplus) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GTwinUSB.sys -- (GTwinUSB)
DRV - [2003/12/05 06:46:36 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2003/10/16 10:44:04 | 000,082,704 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cyg_ser.sys -- (cyg_ser)
DRV - [2003/10/16 10:43:20 | 000,051,040 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cyg_bus.sys -- (cyg_bus)
DRV - [2001/09/05 23:17:14 | 000,003,456 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2001/08/17 18:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
 
 
[color=#E56717]========== Standard Registry (All) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = <a href="http://search.live.com/results.aspx?q={searchTerms}&amp;src={referrer:source">http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}: "URL" = <a href="http://www.google.com/search?q={searchTerms}&amp;rls=com.microsoft:{language}:{referrer:source?}&amp;ie={inputEncoding}&amp;oe={outputEncoding}&amp;sourceid=ie7">http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ [binary data]
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes,DefaultScope = {FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;src=IE-SearchBox&amp;FORM=IE8SRC">http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;FORM=IE8SRC">http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{B3FD69ED-2469-4493-9F02-38212A7C3E72}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;form=MSNIE8&amp;pc=MSNIE8&amp;src=IE-SearchBox">http://www.bing.com/search?q={searchTerms}&form=MSNIE8&pc=MSNIE8&src=IE-SearchBox
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}: "URL" = <a href="http://www.google.pt/search?q={searchTerms}&amp;rls=com.microsoft:{language}:{referrer:source?}&amp;ie={inputEncoding}&amp;oe={outputEncoding}&amp;sourceid=ie7&amp;rlz=1I7GGHP_pt-BR">http://www.google.pt/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_pt-BR
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Arquivos de programas\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3: C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9: C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Arquivos de programas\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Arquivos de programas\Google\Update\1.3.21.53\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Dados de aplicativos\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/05/07 15:29:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2012/11/06 02:25:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Arquivos de programas\Web Assistant\Firefox [2012/06/04 15:39:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[hidden email]: C:\Arquivos de programas\LyriXeeker\125.xpi [2013/07/23 17:25:42 | 000,007,064 | ---- | M] ()
 
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\Application\28.0.1500.95\pdf.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\npbrowserext.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Arquivos de programas\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Update\1.3.21.53\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Arquivos de programas\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: Bejeweled = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Radio Do Brasil = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\agljkoinmcdnopnlbhhjibjiablccgoh\1.0.56_0\
CHR - Extension: Play Parole = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dfigpchbljbamamhkecemhceioapljbn\1.0_0\
CHR - Extension: Web Assistant = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\
CHR - Extension: Fruit Ninja = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\eofdejdahdbbmnibkpgbfknnpbhpbcad\1.6_0\
CHR - Extension: Web Cake = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0\
CHR - Extension: Voicenote - fala em texto. = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\hfknjgplnkgjihghcidajejfmldhibfm\2.4.22_0\
CHR - Extension: Bubble Shooter-HD = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\hpakbhbnhkbghdcejiiangcefallmaln\2.2.0_0\
CHR - Extension: Pursuit of Hat = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\jepniedfbdhmplhbjffedeomcaopopob\1.1_0\
CHR - Extension: Hatsune Miku = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\kigfdicgjnpjkhbnngdfgjfffmdaonfg\2_0\
CHR - Extension: Super Stacker 2 = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\klemmckdcnieolllgjgbniaeehggmano\3.0_0\
CHR - Extension: Crackle Brazil = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\lflobbippdgfecmbdgjdejahlimggpef\1.0.0_0\
CHR - Extension: Poppit = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\2.2_0\
CHR - Extension: Editor de HQs = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mhfajnocemhaofoiejdekipegedfeeni\1.4_0\
CHR - Extension: DealPly  Shopping = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.5.0.0_0\
CHR - Extension: Mahjong Solitaire = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\neojceinbonpjjcokpokpeobkhcpiloc\1.0.0.2_0\
CHR - Extension: Gomoku = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nhhdgipkbgjblbgjlbakfffjbffpdblo\1.0.11_0\
CHR - Extension: LyricXeeker = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\odnofacmifkjndflfmmplhckcbfjckhj\1.125_0\
CHR - Extension: Psykopaint = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\
CHR - Extension: Psykopaint = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pgjchkcfmigkkhedgjedmffdepgmpfil\0.0.0.10_0\.bak
 
O1 HOSTS File: ([2013/08/12 13:48:41 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (ssh2 Class) - {2E3C3651-B19C-4DD9-A979-901EC3E930AF} - C:\Arquivos de programas\Scpad\scpsssh2.dll (Scopus Tecnologia Ltda)
O2 - BHO: (no name) - {336D0C35-8A85-403a-B9D2-65C292C39087} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Arquivos de programas\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540007} - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {DF89BC70-AC87-4A31-ACD5-7417E2CF1209} - No CLSID value found.
O3 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\Toolbar\ShellBrowser: (E&ndereço) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Arquivos de programas\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [CertificateRegistration] C:\WINDOWS\System32\aetcrss1.exe (A.E.T. Europe B.V.)
O4 - HKLM..\Run: [gemstrmw] C:\WINDOWS\System32\gemstrmw.exe (Gemplus)
O4 - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe (Intel Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.)
O4 - HKU\S-1-5-21-527237240-562591055-839522115-1003..\Run: [Facebook Update] C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-527237240-562591055-839522115-1003..\Run: [SpybotSD TeaTimer] C:\Arquivos de programas\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [SymInstallStub] C:\WINDOWS\System32\Adobe\Shockwave 11\SymInstallStub.exe (Symantec Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-527237240-562591055-839522115-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de programas\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Google Sidewiki... - C:\Arquivos de programas\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll (Google Inc.)
O9 - Extra Button: Pesquisar - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de programas\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www14] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancobrasil.com.br ([www2] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancoreal.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancosantander.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bancosantander.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: bb.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([imagem] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([internetbanking] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([internetbanking] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: caixa.gov.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([bankline] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([guardiao] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: itau.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([www2] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([wwws] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: realsecureweb.com.br ([wwws] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santander.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santander.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santanderempresarial.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santanderempresarial.com.br ([www] http in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws2] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernet.com.br ([wwws2] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernetibe.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: santandernetibe.com.br ([www] https in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: secureweb.com.br ([www] * in Sites confiáveis)
O15 - HKU\S-1-5-21-527237240-562591055-839522115-1003\..Trusted Domains: secureweb.com.br ([www] https in Sites confiáveis)
O16 - DPF: {2DEF4530-8CE6-41C9-84B6-A54536C90213} http://cob.bancovw.com.br/viewer9/activeXViewer/activexviewer.cab (Crystal Report Viewer Control 9)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1304768064948 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1307534482359 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DB6BF2CD-4F59-4F1C-AA9C-D08C0B61A931} https://imagem.caixa.gov.br/cab/GBPDIST2K.CAB (GbpDistObj Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39F8FD3D-2667-4A1F-94A7-26E219669948}: NameServer = 192.168.1.254
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\ GbPluginAbn: DllName - (C:\Arquivos de programas\GbPlugin\gbiehAbn.dll) - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Arquivos de programas\GbPlugin\gbieh.dll) - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\Arquivos de programas\GbPlugin\gbiehCef.dll) - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\Arquivos de programas\GbPlugin\gbiehUni.dll) - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O20 - Winlogon\Notify\crypt32chain: DllName - (crypt32.dll) - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - (cryptnet.dll) - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - (cscdll.dll) - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - (%SystemRoot%\System32\dimsntfy.dll) - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\System32\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - (sclgntfy.dll) - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - (WlNotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - (wlnotify.dll) - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: CompIBBrd - {A3717295-941D-416F-9384-ED1736729F1C} - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Pré-carregador Browseui - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Daemon de cache de categorias de componente - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {A3717295-941D-416F-9384-ED1736729F1C} - scpLIB - C:\Arquivos de programas\Scpad\scpLIB.dll (Scopus Tecnologia Ltda)
O24 - Desktop WallPaper: C:\Documents and Settings\Financeir\Meus documentos\Minhas imagens\mhb.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Financeir\Meus documentos\Minhas imagens\mhb.bmp
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - C:\Arquivos de programas\GbPlugin\gbiehcef.dll (Caixa Economica Federal)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399007} - C:\Arquivos de programas\GbPlugin\gbiehabn.dll (Banco Real)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\Arquivos de programas\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Arquivos de programas\GbPlugin\gbieh.dll (Banco do Brasil)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/03/08 12:19:42 | 000,000,021 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 360 Days ==========[/color]
 
[2013/08/14 08:46:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\PCHealth
[2013/08/14 08:06:28 | 000,000,000 | ---D | C] -- C:\8e6272f23157f7be5aa526432a2642
[2013/08/13 08:33:47 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[2013/08/13 08:33:46 | 000,012,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013/08/12 13:42:36 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/08/12 13:37:22 | 000,012,568 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP113.SYS
[2013/08/12 13:37:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Financeir\Meus documentos\Meus vídeos
[2013/08/12 13:37:13 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\Ferramentas administrativas
[2013/08/12 13:36:57 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013/08/07 14:48:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Skype
[2013/08/07 14:48:04 | 000,000,000 | R--D | C] -- C:\Arquivos de programas\Skype
[2013/08/07 14:48:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Skype
[2013/08/07 14:48:04 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Skype
[2013/08/07 14:47:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Skype
[2013/08/07 09:52:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Web Cake
[2013/08/07 09:52:29 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Web Cake
[2013/08/07 09:51:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer
[2013/08/05 12:44:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook
[2013/08/05 11:36:49 | 002,349,096 | ---- | C] (Banco do Brasil SA) -- C:\Documents and Settings\Financeir\Meus documentos\DiagnosticoBB.exe
[2013/08/02 08:07:08 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Plus-HD-2.3
[2013/07/25 16:02:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL (1).exe
[2013/07/25 11:23:44 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Financeir\Recent
[2013/07/23 17:25:42 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\LyriXeeker
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DealPlyLive
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\DealPlyLive
[2013/07/23 17:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Dealply
[2013/07/23 17:25:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\DealPly
[2013/07/23 17:21:42 | 000,060,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usbaudio.sys
[2013/07/23 17:21:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax
[2013/07/23 17:21:30 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax
[2013/05/24 12:23:40 | 000,024,576 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\gemstrmw.exe
[2013/05/24 12:23:21 | 000,061,840 | ---- | C] (Gemplus) -- C:\WINDOWS\System32\drivers\GTwinUSB.sys
[2013/05/24 12:23:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Gemplus
[2013/05/24 12:09:41 | 000,000,000 | ---D | C] -- C:\database
[2013/05/22 09:43:22 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Lucano
[2013/05/21 08:11:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\Escaneamentos
[2013/05/04 10:27:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\cielo extratos
[2013/04/26 15:05:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Cao
[2013/04/15 09:03:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\trix.therebels.tonybennett.duets2.2012
[2013/03/05 09:56:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\GAS Tecnologia
[2013/01/28 14:22:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\CATALOGOS
[2013/01/28 14:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Desktop\Atalhos para produtos em vidro temperado
[2013/01/18 11:55:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\appmgmt
[2013/01/18 11:51:16 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2013/01/18 11:07:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2013/01/16 13:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\IDM
[2012/11/07 15:44:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\TeamViewer
[2012/11/06 02:04:20 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\MSXML 4.0
[2012/11/06 02:04:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Microsoft Silverlight
[2012/11/05 09:15:11 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012/11/01 23:04:06 | 000,375,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2012/11/01 15:45:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Documentos\PopCap Games
[2012/10/27 08:23:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCap Games
[2012/10/25 15:01:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012/10/13 14:42:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Newsoft
[2012/10/13 14:39:09 | 000,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys
[2012/10/13 14:39:07 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\MPE.sys
[2012/10/13 14:39:07 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpe.sys
[2012/10/13 14:39:04 | 000,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys
[2012/10/13 14:39:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax
[2012/10/13 14:39:02 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax
[2012/10/13 14:39:02 | 000,015,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys
[2012/10/13 14:38:59 | 000,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys
[2012/10/13 14:38:56 | 000,019,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys
[2012/10/13 14:38:54 | 000,085,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys
[2012/10/13 14:38:51 | 000,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys
[2012/10/13 14:38:36 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll
[2012/10/13 14:38:36 | 000,054,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll
[2012/10/13 14:38:35 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax
[2012/10/13 14:38:35 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax
[2012/10/13 14:38:35 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax
[2012/10/13 14:38:35 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax
[2012/10/13 14:38:35 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax
[2012/10/13 14:38:35 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax
[2012/10/13 14:38:35 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\BdaSup.sys
[2012/10/13 14:38:35 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdasup.sys
[2012/10/13 14:38:34 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bdaplgin.ax
[2012/10/13 14:38:34 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\BdaPlgIn.ax
[2012/10/13 14:36:21 | 000,020,992 | ---- | C] (ASICEN) -- C:\WINDOWS\System32\drivers\AS11Loader.sys
[2012/10/13 14:36:11 | 000,062,848 | ---- | C] (ASICEN) -- C:\WINDOWS\System32\drivers\AsicenUSBDTVBDA_DM011.sys
[2012/10/13 14:36:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\InstallShield
[2012/10/13 14:35:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\NewSoft
[2012/10/13 14:35:36 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\NewSoft
[2012/10/13 14:35:32 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\NewSoft
[2012/10/02 15:04:32 | 000,058,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\synceng.dll
[2012/09/28 11:14:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\FORMULARIO MHB
[2012/09/25 16:00:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\Max Impressão
[2012/09/25 16:00:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Maxprint
[2012/09/22 08:57:00 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Arquivos comuns\Java
[2012/09/21 14:10:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Sun
[2012/09/20 13:25:49 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Microsoft Silverlight
[2012/09/20 08:42:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\HP PrecisionScan LTX
[2012/09/19 17:18:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\EurekaLog
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Menu Iniciar\Programas\Oi
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Oi
[2012/09/17 12:51:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Lightcomm
[2012/09/17 12:51:41 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Oi
[2012/09/08 16:54:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\CyberLink
[2012/09/08 16:54:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Meus documentos\CyberLink
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Arquivos de programas\*.tmp files -> C:\Arquivos de programas\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 360 Days ==========[/color]
 
[2013/08/21 07:27:30 | 000,002,315 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/08/21 07:20:22 | 000,000,634 | ---- | M] () -- C:\WINDOWS\tasks\Norton Product Installer.job
[2013/08/21 07:20:19 | 000,031,088 | ---- | M] (GbPlugin NDIS Device Driver) -- C:\WINDOWS\System32\drivers\GbpNdisrd.sys
[2013/08/21 07:19:35 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/08/20 09:54:12 | 000,001,080 | ---- | M] () -- C:\WINDOWS\AUTOLNCH.REG
[2013/08/19 07:45:20 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/08/15 07:32:27 | 000,209,696 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/08/14 08:21:40 | 000,537,104 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat
[2013/08/14 08:21:40 | 000,502,374 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/08/14 08:21:40 | 000,098,102 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat
[2013/08/14 08:21:40 | 000,087,810 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/08/14 08:19:56 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/08/13 17:07:39 | 000,000,412 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\spider.sav
[2013/08/12 13:48:41 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/08/12 13:42:40 | 000,000,355 | RHS- | M] () -- C:\boot.ini
[2013/08/12 13:37:22 | 000,012,568 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\WINDOWS\System32\drivers\PROCEXP113.SYS
[2013/08/12 08:43:11 | 000,001,997 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Norton Product Installer.lnk
[2013/08/10 20:50:26 | 000,000,642 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Product InstallerIdle.job
[2013/08/09 16:13:38 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013/08/05 11:36:49 | 002,349,096 | ---- | M] (Banco do Brasil SA) -- C:\Documents and Settings\Financeir\Meus documentos\DiagnosticoBB.exe
[2013/08/05 10:56:42 | 000,666,633 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\adwcleaner.exe
[2013/08/02 08:07:10 | 000,001,924 | ---- | M] () -- C:\WINDOWS\tasks\Plus-HD-2.3-chromeinstaller.job
[2013/08/01 19:11:45 | 000,002,444 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Google Chrome.lnk
[2013/07/25 23:48:57 | 006,017,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2013/07/25 23:48:57 | 001,215,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2013/07/25 23:48:57 | 000,920,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2013/07/25 23:48:57 | 000,759,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vgx.dll
[2013/07/25 23:48:57 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2013/07/25 23:48:57 | 000,630,272 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2013/07/25 23:48:57 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2013/07/25 23:48:57 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2013/07/25 23:48:57 | 000,522,240 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/07/25 23:48:57 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2013/07/25 23:48:57 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\url.dll
[2013/07/25 23:48:57 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\url.dll
[2013/07/25 23:48:57 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtmled.dll
[2013/07/25 23:48:57 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2013/07/25 23:48:57 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2013/07/25 23:48:57 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\licmgr10.dll
[2013/07/25 23:48:57 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\licmgr10.dll
[2013/07/25 23:48:57 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2013/07/25 23:48:57 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2013/07/25 23:48:56 | 011,113,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2013/07/25 23:48:56 | 002,005,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2013/07/25 23:48:56 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2013/07/25 23:48:56 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2013/07/25 23:48:56 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/07/25 23:48:56 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2013/07/25 23:48:56 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2013/07/25 23:48:56 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2013/07/25 23:48:56 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2013/07/25 21:28:18 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2013/07/25 21:28:18 | 000,174,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2013/07/25 16:02:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Financeir\Desktop\OTL (1).exe
[2013/07/25 12:58:11 | 000,385,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\html.iec
[2013/07/23 17:25:15 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2013/07/23 17:25:03 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\LyricXeeker Update.job
[2013/07/11 14:21:01 | 000,000,020 | ---- | M] () -- C:\WINDOWS\hppsapp.INI
[2013/07/10 07:37:49 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usp10.dll
[2013/07/04 04:34:02 | 002,074,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2013/07/04 04:34:01 | 002,197,760 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2013/07/04 04:34:00 | 002,153,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2013/07/04 04:34:00 | 002,153,984 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2013/07/04 04:33:59 | 002,032,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2013/07/04 04:33:59 | 002,032,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2013/07/01 08:37:46 | 000,046,904 | ---- | M] (GAS Tecnologia) -- C:\WINDOWS\System32\drivers\gbpkm.sys
[2013/06/08 09:16:14 | 000,000,192 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\HP LaserJet P1005.lnk
[2013/05/27 22:59:29 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2013/04/25 17:41:22 | 000,810,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wmvdmod.dll
[2013/04/25 17:41:22 | 000,810,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmvdmod.dll
[2013/04/10 10:15:31 | 000,006,779 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\carta.pdf
[2013/04/09 13:09:42 | 000,031,744 | ---- | M] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/04/06 10:51:38 | 000,036,924 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Itau.pdf
[2013/04/04 11:14:11 | 000,000,421 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2013/04/04 09:27:50 | 000,117,287 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\Portalex 2.jpg
[2013/04/04 09:26:12 | 000,462,353 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\portalex.png
[2013/04/03 11:16:41 | 000,056,410 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\pagam.pdf
[2013/04/02 10:20:24 | 000,208,406 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Temperminas.pdf
[2013/04/01 12:27:44 | 000,531,165 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\cielo.pdf
[2013/03/12 08:28:02 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio4.bmp
[2013/03/08 05:36:13 | 000,293,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winsrv.dll
[2013/03/08 05:36:13 | 000,293,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsrv.dll
[2013/03/07 17:32:01 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio3.bmp
[2013/03/07 17:31:15 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio2.bmp
[2013/03/07 17:30:23 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio1.bmp
[2013/03/07 17:28:55 | 001,123,262 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\aloisio.bmp
[2013/02/27 04:58:25 | 002,067,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lhmstscx.dll
[2013/02/11 21:32:23 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023x.sys
[2013/02/11 21:32:23 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys
[2013/02/11 21:32:23 | 000,012,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usb8023.sys
[2013/02/05 13:19:32 | 000,104,107 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\orc2.jpg
[2013/02/05 13:14:33 | 000,138,445 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\orc1.jpg
[2013/01/29 09:34:28 | 000,013,467 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\caixa hoje.pdf
[2012/12/07 13:39:05 | 000,111,595 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\PortaGenilson.pdf
[2012/11/23 07:44:31 | 000,458,136 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\tela tablet.pdf
[2012/11/13 08:55:14 | 001,866,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2012/11/13 08:55:14 | 001,866,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2012/11/12 08:07:05 | 000,078,583 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\santander.pdf
[2012/11/12 07:07:41 | 000,129,828 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\156797.pdf
[2012/11/10 14:30:10 | 000,053,699 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\EXTRATO DIGISAT ATE JULHO 2012.pdf
[2012/11/09 14:09:52 | 011,934,054 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\CompEndeço.bmp
[2012/11/07 16:17:58 | 000,084,852 | ---- | M] () -- C:\Documents and Settings\Financeir\Meus documentos\Relatório.pdf
[2012/11/05 23:00:50 | 001,371,648 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll
[2012/11/03 13:11:43 | 000,000,025 | ---- | M] () -- C:\WINDOWS\popcinfot.dat
[2012/11/01 23:04:06 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dpnet.dll
[2012/11/01 23:04:06 | 000,375,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpnet.dll
[2012/10/27 06:57:41 | 002,105,132 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\COMPROVANTE.pdf
[2012/10/13 14:35:55 | 000,001,705 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Presto! PVR.lnk
[2012/10/03 01:57:56 | 001,029,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kernel32.dll
[2012/10/02 15:04:32 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\synceng.dll
[2012/10/02 15:04:32 | 000,058,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\synceng.dll
[2012/09/26 15:26:33 | 000,050,120 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL SETEMBRO.pdf
[2012/09/26 15:25:46 | 000,051,354 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL AGOSTO.pdf
[2012/09/26 15:18:39 | 000,050,298 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JULHO.pdf
[2012/09/26 15:12:33 | 000,050,311 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JUNHO.pdf
[2012/09/26 14:56:30 | 000,050,804 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\BRASIL MAIO.pdf
[2012/09/25 16:00:13 | 000,000,907 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Max Impressão.lnk
[2012/09/22 08:37:30 | 000,002,206 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\Emissor de Nota Fiscal Eletrônica (NF-e) 2.0.lnk
[2012/09/21 15:31:17 | 000,019,462 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil jul.pdf
[2012/09/21 15:30:27 | 000,020,737 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil ago.pdf
[2012/09/21 15:29:45 | 000,019,180 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil set.pdf
[2012/09/20 08:42:00 | 000,001,015 | ---- | M] () -- C:\Documents and Settings\Financeir\Desktop\HP PrecisionScan LTX.lnk
[2012/09/03 19:32:40 | 000,010,265 | ---- | M] () -- C:\Documents and Settings\All Users\Documentos\brasil.pdf
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\Arquivos de programas\*.tmp files -> C:\Arquivos de programas\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2013/08/14 07:41:16 | 000,001,374 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013/08/12 13:42:40 | 000,000,245 | ---- | C] () -- C:\Boot.bak
[2013/08/12 13:42:36 | 000,261,856 | RHS- | C] () -- C:\cmldr
[2013/08/12 08:43:11 | 000,002,003 | ---- | C] () -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\Norton Product Installer.lnk
[2013/08/12 08:43:11 | 000,001,997 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Norton Product Installer.lnk
[2013/08/07 14:48:04 | 000,002,315 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
[2013/08/05 10:56:29 | 000,666,633 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\adwcleaner.exe
[2013/08/02 08:07:10 | 000,001,924 | ---- | C] () -- C:\WINDOWS\tasks\Plus-HD-2.3-chromeinstaller.job
[2013/07/23 17:25:15 | 000,000,912 | ---- | C] () -- C:\WINDOWS\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2013/07/23 17:25:03 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\LyricXeeker Update.job
[2013/06/08 09:16:14 | 000,000,192 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\HP LaserJet P1005.lnk
[2013/05/24 13:15:48 | 001,674,683 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.cpa
[2013/05/24 13:15:48 | 000,001,023 | ---- | C] () -- C:\WINDOWS\System32\igxpxa32.vp
[2013/04/10 11:25:00 | 000,006,779 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\carta.pdf
[2013/04/06 10:51:32 | 000,036,924 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Itau.pdf
[2013/04/04 09:27:50 | 000,117,287 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Portalex 2.jpg
[2013/04/04 09:26:09 | 000,462,353 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\portalex.png
[2013/04/03 11:16:40 | 000,056,410 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\pagam.pdf
[2013/04/02 10:20:21 | 000,208,406 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Temperminas.pdf
[2013/04/01 12:27:38 | 000,531,165 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\cielo.pdf
[2013/03/12 08:28:02 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio4.bmp
[2013/03/07 17:32:01 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio3.bmp
[2013/03/07 17:31:15 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio2.bmp
[2013/03/07 17:30:23 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio1.bmp
[2013/03/07 17:28:54 | 001,123,262 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\aloisio.bmp
[2013/02/07 11:51:24 | 000,000,481 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Notepad  IMPRESSO.lnk
[2013/02/05 13:19:03 | 000,104,107 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\orc2.jpg
[2013/02/05 13:14:04 | 000,138,445 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\orc1.jpg
[2013/01/29 09:34:27 | 000,013,467 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\caixa hoje.pdf
[2013/01/18 11:09:40 | 000,000,642 | -H-- | C] () -- C:\WINDOWS\tasks\Norton Product InstallerIdle.job
[2013/01/18 11:09:40 | 000,000,634 | ---- | C] () -- C:\WINDOWS\tasks\Norton Product Installer.job
[2012/12/07 13:40:38 | 000,111,595 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\PortaGenilson.pdf
[2012/11/23 07:44:29 | 000,458,136 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\tela tablet.pdf
[2012/11/12 08:17:48 | 000,129,828 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\156797.pdf
[2012/11/12 08:17:39 | 000,078,583 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\santander.pdf
[2012/11/10 14:35:24 | 000,051,354 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL AGOSTO.pdf
[2012/11/10 14:35:24 | 000,050,298 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JULHO.pdf
[2012/11/10 14:35:24 | 000,050,120 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL SETEMBRO.pdf
[2012/11/10 14:35:24 | 000,020,737 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil ago.pdf
[2012/11/10 14:35:24 | 000,019,462 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil jul.pdf
[2012/11/10 14:35:24 | 000,019,180 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil set.pdf
[2012/11/10 14:35:24 | 000,010,265 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\brasil.pdf
[2012/11/10 14:35:23 | 000,050,804 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL MAIO.pdf
[2012/11/10 14:35:23 | 000,050,311 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\BRASIL JUNHO.pdf
[2012/11/10 14:30:07 | 000,053,699 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\EXTRATO DIGISAT ATE JULHO 2012.pdf
[2012/11/09 14:09:51 | 011,934,054 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\CompEndeço.bmp
[2012/11/09 14:07:20 | 000,025,823 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\comprovante_insc_KeD.pdf
[2012/11/07 16:17:57 | 000,084,852 | ---- | C] () -- C:\Documents and Settings\Financeir\Meus documentos\Relatório.pdf
[2012/11/05 08:48:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/11/05 08:48:10 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012/10/27 08:32:43 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2012/10/27 06:57:37 | 002,105,132 | ---- | C] () -- C:\Documents and Settings\All Users\Documentos\COMPROVANTE.pdf
[2012/10/13 14:38:36 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\PsisRndr.ax
[2012/10/13 14:38:36 | 000,033,280 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisrndr.ax
[2012/10/13 14:38:35 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2012/10/13 14:38:35 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\dllcache\psisdecd.dll
[2012/10/13 14:38:35 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\MSDvbNP.ax
[2012/10/13 14:38:35 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msdvbnp.ax
[2012/10/13 14:35:55 | 000,001,705 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Presto! PVR.lnk
[2012/09/25 16:00:13 | 000,000,907 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\Max Impressão.lnk
[2012/09/20 09:09:29 | 000,001,015 | ---- | C] () -- C:\Documents and Settings\Financeir\Desktop\HP PrecisionScan LTX.lnk
[2012/09/20 08:41:55 | 000,095,232 | ---- | C] () -- C:\WINDOWS\System32\Lfkodak.dll
[2012/09/20 08:41:54 | 000,306,688 | ---- | C] () -- C:\WINDOWS\System32\Lffpx7.dll
[2012/02/13 20:02:07 | 000,004,096 | -H-- | C] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\keyfile3.drm
[2011/08/31 17:25:28 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\HPPLVS.dll
[2011/08/23 13:17:17 | 000,000,020 | ---- | C] () -- C:\WINDOWS\hppsapp.INI
[2011/05/09 13:06:35 | 000,031,744 | ---- | C] () -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/05/08 09:19:04 | 000,040,960 | ---- | C] () -- C:\Arquivos de programas\Uninstall_CDS.exe
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2011/08/31 17:24:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008/04/13 23:20:40 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/02/09 07:53:26 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008/04/13 23:20:41 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/09/19 13:24:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Big Fish Games
[2013/07/23 17:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
[2013/03/06 13:24:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GAS Tecnologia
[2013/08/21 13:28:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\GbPlugin
[2011/05/09 09:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IM
[2011/05/09 09:04:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\IncrediMail
[2012/09/17 13:17:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Lightcomm
[2012/09/17 12:51:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Oi
[2012/10/27 08:23:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCap Games
[2012/08/20 17:03:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\PopCapY
[2013/08/07 09:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer
[2012/07/02 12:15:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\3M
[2013/07/23 17:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Dealply
[2012/09/19 17:18:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\EurekaLog
[2011/05/07 11:56:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Foxit
[2011/05/08 08:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Foxit Software
[2013/01/18 11:55:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\IDM
[2011/05/08 08:38:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Mikrotik
[2012/11/07 15:44:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\TeamViewer
[2013/08/07 16:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Web Cake
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 463 bytes -> C:\WINDOWS\System32\drivers:GbpKmAp.lst

< End of report >



EXTRAS


OTL Extras logfile created on: 21/8/2013 13:38:14 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Financeir\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: d/M/yyyy
 
1013,42 Mb Total Physical Memory | 723,32 Mb Available Physical Memory | 71,37% Memory free
2,40 Gb Paging File | 1,81 Gb Available in Paging File | 75,51% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas
Drive C: | 149,04 Gb Total Space | 107,21 Gb Free Space | 71,94% Space Free | Partition Type: NTFS
 
Computer Name: FINANCEIRO | User Name: Financeir | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
[color=#E56717]========== Extra Registry (All) ==========[/color]
 
 
[color=#E56717]========== File Associations ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- "%1" %*
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cmd [@ = cmdfile] -- "%1" %*
.com [@ = ComFile] -- "%1" %*
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.exe [@ = exefile] -- "%1" %*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.pif [@ = piffile] -- "%1" %*
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.scr [@ = scrfile] -- "%1" /S
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
 
[color=#E56717]========== Shell Spawning ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Arquivos de programas\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- regedit.exe "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)
 
[color=#E56717]========== Security Center Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
[color=#E56717]========== System Restore Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
[color=#E56717]========== Firewall Settings ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
[color=#E56717]========== Authorized Applications List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Arquivos de programas\Java\jre6\bin\javaw.exe" = C:\Arquivos de programas\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Documents and Settings\Financeir\Meus documentos\winbox.exe" = C:\Documents and Settings\Financeir\Meus documentos\winbox.exe:*:Enabled:winbox -- ()
"C:\Arquivos de programas\Google\Google Earth\client\googleearth.exe" = C:\Arquivos de programas\Google\Google Earth\client\googleearth.exe:*:Disabled:Google Earth -- (Google)
"C:\Arquivos de programas\Intelbras\Programador Modulare I e Corp\ProgramadorMC.exe" = C:\Arquivos de programas\Intelbras\Programador Modulare I e Corp\ProgramadorMC.exe:*:Enabled:ProgramadorMC -- ()
"C:\Arquivos de programas\Skype\Phone\Skype.exe" = C:\Arquivos de programas\Skype\Phone\Skype.exe:*:Enabled:Skype  -- (Skype Technologies S.A.)
 
 
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW(R) Graphics Suite X5
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{1438B41C-658C-35B7-9253-780F2E0A0B8E}" = Microsoft .NET Framework 3.5 Language Pack SP1 - ptb
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Multimedia Launcher
"{20A15757-4AE4-3C82-9711-863C84AFE6AA}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24D9A3E0-D086-4B62-AF93-63CF6B05CB48}" = CorelDRAW Graphics Suite X5 - Custom Data
"{260ED378-2B8C-4831-ADAE-D0712D119AC5}" = CorelDRAW Graphics Suite X5 - VSTA
"{26945917-E053-45F6-AF98-309730CFC318}" = Visual Basic for Applications (R) Core
"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 7
"{299C0434-4F4E-341F-A916-4E07AEB35E79}" = Microsoft Visual Studio Tools for Applications 2.0 Runtime
"{2CCBABCB-6427-4A55-B091-49864623C43F}" = Google Toolbar for Firefox
"{32603085-C839-4226-A1FD-BF8FAE0185CB}" = IncrediMail
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.441
"{3472C84E-2FD0-439F-B27F-C290C1E4CD8B}" = CorelDRAW Graphics Suite X5 - Filters
"{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3F31F3B5-C1FF-3708-8611-869DE39C0CB6}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PTB
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.7
"{51DD370C-6690-424E-9674-5F14468B323F}" = Corel Graphics - Windows Shell Extension
"{54B8F4A1-02B0-4D32-8F37-925526C0EEC6}" = CorelDRAW Graphics Suite X5 - Connect
"{57400C1E-BC51-4ECE-AD2A-A6096204DDEC}" = CorelDRAW Graphics Suite X5 - VBA
"{59123CCF-FED2-46FF-9293-D1DC80042219}" = CorelDRAW Graphics Suite X5 - Redist
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62978C1C-FE2E-4A4E-851D-3EB406C9EBC2}" = CorelDRAW Graphics Suite X5 - Draw
"{6347401C-C260-4B30-9816-8F5A1419CC49}" = SafeSign
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6FBA74BD-149F-4521-B921-FFCC84876864}" = Assistente de Instalação Certisign
"{85E0BA25-A5DE-4499-82C2-B4CE4F513E80}" = Cliente do Windows Rights Management com Service Pack 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90110416-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edição 2003
"{90120000-0020-0416-0000-0000000FF1CE}" = Pacote de Compatibilidade para o sistema Office 2007
"{9244E956-5939-4B88-930C-0699D4AB2B95}" = CorelDRAW Graphics Suite X5 - WT
"{983F7145-CABF-4EDD-9F3D-E06B2F024BD3}" = CorelDRAW Graphics Suite X5 - FontNav
"{9856CFCC-6805-4567-8142-A68CF5B25F4C}" = MySQL Connector/ODBC 3.51
"{98ADF875-648F-3E73-8F3B-010C2464C948}" = Microsoft .NET Framework 4 Extended PTB Language Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A1B04B6B-25BB-48AD-8BD9-D31A86E89F3E}" = CorelDRAW Graphics Suite X5 - PHOTO-PAINT
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}" = Microsoft Visual Studio Tools for Applications 2.0 - ENU
"{B1FA73D8-AB79-3A2E-81AC-DBBAC155B2FE}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PTB
"{B399C91E-96F2-4265-9884-1C9A10E9FCF4}" = CorelDRAW Graphics Suite X5
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}" = Facebook Video Calling 1.2.0.287
"{B97CF5C3-0487-11D8-A36E-0050BAE317E1}" = DVD Solution
"{BC0DCD27-345B-4013-A6E0-67EC92DF32C8}" = Presto! PVR
"{BE06114F-559D-11E0-B5A1-001D0926B1BF}" = Google Earth
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}" = Web Cake 3.00
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CA3861BA-1D96-4D66-B577-318E1602C4F3}" = CorelDRAW Graphics Suite X5 - Common
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}" = CorelDRAW Graphics Suite X5 - Setup Files
"{D596EEA2-C6C8-45D3-89DF-FA2DBE99F829}" = Visual Basic for Applications (R) Core - English
"{D642FF8D-438D-4545-A1D5-2EDB4BCAE3BA}" = CorelDRAW Graphics Suite X5 - Photozoom Plugin
"{DE6CBC04-8673-4DBA-BA81-07F1639CEB5F}" = CorelDRAW Graphics Suite X5 - IPM
"{E29D8938-2E48-498C-832D-9663DCABD55F}" = Visual Basic for Applications (R) Core - Portuguese (Brazil)
"{EC905264-BCFE-423B-9C42-C3A106266790}" = Compatibilidade com Versões Anteriores do Cliente do Windows Rights Management SP2
"{EDB98D5A-A6FB-425C-BFB7-51A0924B762D}" = CorelDRAW Graphics Suite X5 - Capture
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FD8AE9E2-B61E-4826-9CE7-937E1E9A9EEC}" = CorelDRAW Graphics Suite X5 - BR
"{FE4B83DE-85CF-4DE5-90CE-A2735A0E1F21}" = CorelDRAW Graphics Suite X5 - VideoBrowser
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"BDE" = BDE
"CCleaner" = CCleaner
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Foxit PDF Editor" = Foxit PDF Editor
"Foxit Reader" = Foxit Reader
"Gemplus Smart Card Reader Tools" = Gemplus Smart Card Reader Tools
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP LaserJet P1000 series" = HP LaserJet P1000 series
"HP-LaserJet 1020 series" = LaserJet 1020 series
"ie8" = Windows Internet Explorer 8
"IncrediMail" = IncrediMail 2.0
"[hidden email]" = LyricXeeker
"Max Impressão" = Max Impressão 1.0
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - ptb" = Pacote de Idiomas do Microsoft .NET Framework 3.5 SP1 - PTB
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Extended - Português (Brasil)
"MiPony" = MiPony 1.5.0
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NVIDIA Drivers" = NVIDIA Drivers
"OrderReminder HP LaserJet 1020" = OrderReminder HP LaserJet 1020
"Plants vs. Zombies" = Plants vs. Zombies
"Plus-HD-2.3" = Plus-HD-2.3
"Programador Modulare I, Conecta, Corp 6000 e Corp 8000_is1" = Programador versão 2.53 para PABX Modulare I, Conecta, Corp 600
"programmeroi_is1" = Oi Velox
"PSN" = Post-it® Software Notes Lite
"VIVO INTERNET" = VIVO INTERNET
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR 4.00 (32-bit)
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
[color=#E56717]========== HKEY_USERS Uninstall List ==========[/color]
 
[HKEY_USERS\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dealply" = Dealply
"Emissor de Nota Fiscal Eletrônica (NF-e) 2.0" = Emissor de Nota Fiscal Eletrônica (NF-e) 2.0
"Google Chrome" = Google Chrome
"optimizer_chrome" = Widevine Media Optimizer Chrome 6.0.0
 
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
 
[ Application Events ]
Error - 7/5/2013 15:43:38 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha , versão 0.0.0.0, endereço com falha 0x00000000.
 
Error - 11/5/2013 10:05:49 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha spider.exe, versão 5.1.2600.5512, módulo com 
falha unknown, versão 0.0.0.0, endereço com falha 0xf90d5e65.
 
Error - 24/5/2013 11:39:38 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha kernel32.dll, versão 5.1.2600.6293, endereço com falha 0x000658c0.
 
Error - 24/5/2013 11:48:27 | Computer Name = FINANCEIRO | Source = Application Error | ID = 1000
Description = Aplicativo com falha explorer.exe, versão 6.0.2900.5512, módulo com
 falha kernel32.dll, versão 5.1.2600.6293, endereço com falha 0x000658c0.
 
[ System Events ]
Error - 15/8/2013 10:43:39 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 16/8/2013 06:27:43 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 16/8/2013 16:50:26 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 17/8/2013 06:37:11 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 19/8/2013 06:45:18 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 20/8/2013 06:23:33 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
Error - 20/8/2013 08:39:06 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 20/8/2013 10:39:06 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 20/8/2013 12:39:05 | Computer Name = FINANCEIRO | Source = DCOM | ID = 10010
Description = O servidor {4EB61BAC-A3B6-4760-9581-655041EF4D69} não se registrou
 com o DCOM dentro do tempo limite requerido.
 
Error - 21/8/2013 06:19:50 | Computer Name = FINANCEIRO | Source = sr | ID = 1
Description = O filtro da restauração do sistema encontrou o erro inesperado '0xC0000001'
 ao processar o arquivo '' no volume 'HarddiskVolume1'.  O monitoramento do volume
 foi interrompido.
 
 
< End of report >



Em 20 de agosto de 2013 19:46, Marcelo [via Fórum Tech Suporte] <[hidden email]> escreveu:
Oi, Diana

Nossa, peço perdão! Realmente havia me esquecido desse tópico.

Por favor, poste um novo log do OTL para eu conferir a situação atual do sistema.


Se você responder a este email, a sua mensagem será adicionada à discussão abaixo:
http://forum-tech-suporte.19081.x6.nabble.com/janelas-que-se-abrem-sozinhas-tp4983702p4983978.html
Para remover sua inscrição de janelas que se abrem sozinhas., clique aqui.
NAML

Responder | Em Árvore
Abra essa mensagem na visão em árvore
|  
Denunciar Conteúdo como Inapropriado

Re: janelas que se abrem sozinhas.

Marcelo
Administrador
Boa tarde, Diana!

Por favor, siga as instruções a seguir.

1ª Etapa


1) Dê um duplo clique no OTL para rodá-lo mais uma vez.
2) Clique no botãozinho azul chamado "Show rest of quote" (desse campo abaixo) para expandir o conteúdo do quote e copie todo o texto em vermelho (a partir de ":OTL" até "[emptytemp]"). Não deixe faltar nenhum caractere desse enorme script vermelho.

:OTL
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013/08/01 21:13:06 | 000,051,992 | ---- | M] (cake bake) [Auto | Running] -- C:\Arquivos de programas\Web Cake\WebCakeDesktop.Updater.exe -- (WebCakeUpdater)
SRV - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [On_Demand | Stopped] -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe -- (dealplylivem)
SRV - [2013/07/23 17:25:11 | 000,148,000 | ---- | M] (DealPly Technologies Ltd) [Auto | Stopped] -- C:\Arquivos de programas\DealPlyLive\Update\DealPlyLive.exe -- (dealplylive)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ViaIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ultra)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (TosIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (symc8xx)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (symc810)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (sym_u3)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (sym_hi)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Sparrow)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Simbad)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1280)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1240)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql12160)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Ql10wnt)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ql1080)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (perc2hib)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (perc2)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (mraid35x)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (IntelIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (ini910u)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (i2omp)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (hpn)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (dpti2o)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (dac960nt)
DRV - File not found [Kernel | Disabled | Unknown] --  -- (dac2w2k)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Cpqarray)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (CmdIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (cd20xrnt)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Atdisk)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc3550)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc3350p)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (asc)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (amsint)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (AliIde)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (aic78xx)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (aic78u2)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Aha154x)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (adpu160m)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (abp480n5)
DRV - File not found [Kernel | Disabled | Stopped] --  -- (Abiosdsk)
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = <a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\SearchScopes,DefaultScope = {FBFD6B55-AD47-4BB3-85EB-CF05FE06D012}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = <a href="http://search.live.com/results.aspx?q={searchTerms}&amp;src={referrer:source">http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.bing.com/ [binary data]
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;src=IE-SearchBox&amp;FORM=IE8SRC">http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;FORM=IE8SRC">http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\S-1-5-21-527237240-562591055-839522115-1003\..\SearchScopes\{B3FD69ED-2469-4493-9F02-38212A7C3E72}: "URL" = <a href="http://www.bing.com/search?q={searchTerms}&amp;form=MSNIE8&amp;pc=MSNIE8&amp;src=IE-SearchBox">http://www.bing.com/search?q={searchTerms}&form=MSNIE8&pc=MSNIE8&src=IE-SearchBox
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3: C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKLM\Software\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9: C:\Arquivos de programas\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll (DealPly Technologies Ltd)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\Documents and Settings\All Users\Dados de aplicativos\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2011/05/07 15:29:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[hidden email]: C:\Arquivos de programas\LyriXeeker\125.xpi [2013/07/23 17:25:42 | 000,007,064 | ---- | M] ()
CHR - homepage: http://www.baixaki.com.br/portal/?utm_source=core&utm_medium=ppi&utm_campaign=portal
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Documents and Settings\Financeir\Configura\u00E7\u00F5es locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\npbrowserext.dll
CHR - Extension: Web Assistant = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\
CHR - Extension: Web Cake = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh\1.0.3_0\
CHR - Extension: DealPly  Shopping = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf\3.5.0.0_0\
CHR - Extension: LyricXeeker = C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\odnofacmifkjndflfmmplhckcbfjckhj\1.125_0\
O2 - BHO: (no name) - {336D0C35-8A85-403a-B9D2-65C292C39087} - No CLSID value found.
O2 - BHO: (no name) - {DF89BC70-AC87-4A31-ACD5-7417E2CF1209} - No CLSID value found.
O4 - HKU\S-1-5-21-527237240-562591055-839522115-1003..\Run: [Facebook Update] C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
[2013/08/07 09:52:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Web Cake
[2013/08/07 09:52:29 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Web Cake
[2013/08/07 09:51:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer
[2013/08/05 12:44:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\Facebook
[2013/08/05 11:36:49 | 002,349,096 | ---- | C] (Banco do Brasil SA) -- C:\Documents and Settings\Financeir\Meus documentos\DiagnosticoBB.exe
[2013/08/02 08:07:08 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\Plus-HD-2.3
[2013/07/23 17:25:42 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\LyriXeeker
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Configurações locais\Dados de aplicativos\DealPlyLive
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
[2013/07/23 17:25:11 | 000,000,000 | ---D | C] -- C:\Arquivos de programas\DealPlyLive
[2013/07/23 17:25:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Dealply
[2013/07/23 17:25:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Financeir\Menu Iniciar\Programas\DealPly
[2013/08/02 08:07:10 | 000,001,924 | ---- | M] () -- C:\WINDOWS\tasks\Plus-HD-2.3-chromeinstaller.job
[2013/07/23 17:25:15 | 000,000,912 | ---- | M] () -- C:\WINDOWS\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2013/07/23 17:25:03 | 000,000,404 | ---- | M] () -- C:\WINDOWS\tasks\LyricXeeker Update.job
[2013/08/02 08:07:10 | 000,001,924 | ---- | C] () -- C:\WINDOWS\tasks\Plus-HD-2.3-chromeinstaller.job
[2013/07/23 17:25:15 | 000,000,912 | ---- | C] () -- C:\WINDOWS\tasks\DealPlyLiveUpdateTaskMachineCore.job
[2013/07/23 17:25:03 | 000,000,404 | ---- | C] () -- C:\WINDOWS\tasks\LyricXeeker Update.job
[2013/07/23 17:25:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\DealPlyLive
[2013/08/07 09:52:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Dados de aplicativos\Tarma Installer
[2013/07/23 17:25:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Dealply
[2013/08/07 16:16:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Financeir\Dados de aplicativos\Web Cake

:Files
C:\Arquivos de programas\Web Cake
C:\Arquivos de programas\DealPlyLive
C:\Arquivos de programas\Plus-HD-2.3
C:\Arquivos de programas\LyriXeeker

:Reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1"=-
"{B92C5909-1D37-4C51-8397-A28BB28E5DC3}"=-
"{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}"=-
"[hidden email]"=-
"Plus-HD-2.3"=-
[HKEY_USERS\S-1-5-21-527237240-562591055-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dealply"=-

:Commands
[CREATERESTOREPOINT]
[purity]
[emptyjava]
[emptytemp]
3) Cole o conteúdo copiado na área inferior azul do programa chamada "Exames Personalizados/Correções".
4) Clique em Consertar e aguarde a ferramenta gerar o novo relatório. Poste em sua próxima resposta.

2ª Etapa


1) Execute o programa AdwCleaner que já está salvo em seu PC e clique no botão DELETE e OK.
2) Se pedir para reiniciar o PC, reinicie-o.
3) Ele vai criar um relatório em seu desktop.
4) Poste aqui para mim.

3ª Etapa


1) Baixe o ComboFix e salve na área de trabalho.
2) Dê um duplo clique no arquivo para abrir o programa.
3) Efetue o scan em seu computador seguindo as instruções desse tutorial oficial.
4) Ao término do scan, ele vai gerar um log. O mesmo estará salvo, por padrão, em C:\ComboFix.txt.

Em sua próxima resposta, cole os três relatórios, por gentileza.

OBS: Caso não consiga colar tudo no post, zipe eles e anexe eles em seu post ou upe-os no Pastebin.
Carregando...