Ir para conteúdo
Entre para seguir isso  
sagatti

Solicitação de análise de log

Mensagem Recomendada

Boa noite Joram!

Fiz o que você orientou. Executei agora na opção "supression". Tenho quase certeza que está certo. Essa versão do AdwCleaner está em inglês, então creio que suppression = delete.

Segue abaixo o relatório. Muito obrigado!

# AdwCleaner v1.408 - Logfile created 02/03/2012 at 21:58:02

# Updated 29/01/2012 by Xplode

# Operating system : Windows 7 Ultimate (32 bits)

# User : Dario Jr - DARIOJR-PC (Administrator)

# Running from : C:\Users\Dario Jr\Desktop\virus\adwcleaner.exe

# Option [Delete]

***** [services] *****

***** [Files / Folders] *****

Folder Deleted : C:\Users\Dario Jr\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

File Deleted : C:\Users\Dario Jr\AppData\Roaming\Mozilla\Firefox\Profiles\p3l8ikjt.default\searchplugins\Askcom.xml

***** [Registry] *****

Key Deleted : HKLM\SOFTWARE\Babylon

Key Deleted : HKLM\SOFTWARE\eRightSoft\OpenCandy

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Deleted : HKLM\SOFTWARE\Microsoft\RFC1156Agent

Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4

Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8856F961-340A-11D0-A96B-00C04FD705A2}

***** [internet Browsers] *****

-\\ Internet Explorer v8.0.7600.16385

[OK] Registry is clean.

-\\ Mozilla Firefox v9.0.1 (pt-BR)

Profile : p3l8ikjt.default

File : C:\Users\Dario Jr\AppData\Roaming\Mozilla\Firefox\Profiles\p3l8ikjt.default\prefs.js

C:\Users\Dario Jr\AppData\Roaming\Mozilla\Firefox\Profiles\p3l8ikjt.default\user.js ... Deleted !

Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");

Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=108298");

Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "321ea8a20000000000001c4bd62a340c");

Deleted : user_pref("extensions.BabylonToolbar_i.id", "321ea8a20000000000001c4bd62a340c");

Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15352");

Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");

Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1711:09:51");

Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

-\\ Google Chrome v16.0.912.77

File : C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [3430 octets] - [03/02/2012 02:11:37]

AdwCleaner[R2].txt - [3384 octets] - [03/02/2012 16:49:47]

AdwCleaner[s1].txt - [3253 octets] - [03/02/2012 21:58:02]

*************************

Temporary folder : : 1 folder(s) and 0 file(s) deleted

########## EOF - C:\AdwCleaner[s1].txt - [3469 octets] ##########

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! sagatti

Fiz o que você orientou. Executei agora na opção "supression". Tenho quase certeza que está certo. Essa versão do AdwCleaner está em inglês, então creio que suppression = delete.

|- Sim! Está correta sua interpretação! (Y)

///°°°///

|- Desabilite seu antivírus!

|- Vá em Iniciar --> Executar --> Digite ou cole: combofix.exe /uninstall --> Clique OK.

|- < 92674490.jpg >

|- Clique em Executar --> Aguarde!

|- Surgirá,finalmente,a mensagem: "ComboFix está desinstalado" --> Clique OK.

|- Caso encontre,apague: C:\ComboFix <-- A pasta! + C:\ComboFix.txt <-- Relatório!

|- Ou,vá em Iniciar --> Executar --> Digite ou cole ( Paste ):

|- CFuninstall.gif

"%userprofile%\desktop\combofix" /uninstall

|- Clique OK.

|- Aguarde a desinstalação,e clique OK na mensagem.

|- Ps: Outra opção,seria renomear o Combofix.exe para uninstall.exe e executá-lo.

///°°°///

|- Baixe: < ToolbarShooter > ( ... de 2011N2 )

|- Salve-o no desktop!

|- Desabilite seu antivírus.

|- Execute a ferramenta,e escolha a opção 1. ( Recherche )

|- Ps: Para Windows Vista ou 7,execute-o como administrador!

|- Aperte o 1 -> Enter!

|- Ao concluir,aperte Enter,para dispormos do relatório.

|- Busque-o na pasta: C:\Rapport ToolbarShooter

|- Poste-o na sua resposta!

///°°°///

|- Baixe: < 37ae6cbade5b149987c311d9597676e05d7fd887dbd3c7eff70cdbb46a8368c36g.jpg > < NicolasCoolman.jpg > ( ...par Nicolas Coolman )

|- Estando na página,clique em: < Tlcharger_ZHPDiag.jpg >

|- Salve-o em Arquivos de programas.

f275ef34005c23a087af2e8ec43f12a3a83b20f2d86fa52748e34ecd064fe90b6g.jpg

|- Ps: Descompacte-o em Arquivos de programas.

|- Abra a ferramenta ZHPDiag e habilite todas as opções de diagnóstico,clicando em ZHPDiag_Opes_Update.jpg ( Ícone da chave de fenda )

ZHPDiag_All.jpg

|- Clique em All.

|- Dê início ao diagnóstico ( Diag ),clicando no ícone da lupa.

ZHPDiag_Save_Report2.jpg

|- Ao concluir,clique em "Save Report",para dispormos do relatório.

|- Salve-o em um local conveniente!

|- Poste-o,na sua resposta: ZHPDiag.txt

|- Ps: Caso tenha problemas ao postar esse relatório,acesse < Cjoint_Logo.jpg >

|- Maiores informações: |Aqui!| ou |pjjoint.malekal.com|

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Fala Joram! Boa noite.

Seguem anexos os relatórios conforme você orientou. Cara, uma dúvida que eu tive aqui. Essa infecção que está no meu computador é muito grave?

Obrigado. abrs.

================================== Informations ==================================

Rapport de recherche de ToolbarShooter.

Outil développé par 2011N2

Contact : lot12@hotmail.fr

Site : http://2011n2.forumgratuit.fr/

Mis à jour le : 20/01/2012 à 19h45 par 2011N2

Début du scan de recherche : 0:04:56

Nom du PC : DARIOJR-PC

Système d'exploitation : Windows 7 Ultimate

Internet Explorer : 8.0.7600.16385

Mozilla Firefox : 9.0.1 (pt-BR)

Mozilla Firefox : version 5

Mozilla Firefox : version 6

############################# Toolbars, pups et adwares néfastes détéctés #############################

Clé présente : HKLM\Software\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}

Clé présente : HKLM\Software\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}

Clé présente : HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}

Clé présente : HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}

Clé présente : HKLM\Software\Classes\AppID\NCTAudioCompress3.DLL

Clé présente : HKLM\Software\Classes\AppID\NCTAudioFile3.DLL

Clé présente : HKLM\Software\Classes\AppID\NCTAudioFileWMA3.DLL

Clé présente : HKLM\Software\Classes\AppID\NCTAudioFormatSettings3.DLL

Clé présente : HKLM\Software\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}

Clé présente : HKLM\Software\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}

Clé présente : HKLM\Software\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}

Clé présente : HKLM\Software\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}

Clé présente : HKLM\Software\Classes\AppID\{5e50ae1d-bc76-418b-94c4-efeac0cef80c}

Clé présente : HKLM\Software\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}

Clé présente : HKLM\Software\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}

Clé présente : HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}

Clé présente : HKLM\Software\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}

Clé présente : HKLM\Software\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}

Clé présente : HKLM\Software\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}

Clé présente : HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}

===============================================

Fin du scan de recherche de ToolbarShooter à 0:07:08 par DARIOJR-PC

############### EOF ###############

Merci d'envoyer le rapport à cette adresse, en précisant la raison d'emploi de cet outil. Cela permettera au développeur d'effectuer d'éventuelles modifications : lot12@hotmail.fr

Merci de votre contribution !

Rapport de ZHPDiag v1.28.315 par Nicolas Coolman, Update du 22/01/2012

Run by Dario Jr at 05/02/2012 00:26:23

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

Web site : http://nicolascoolman.skyrock.com/

State : Your version is update.

---\\ Web Browser

MSIE: Internet Explorer v8.0.7600.16385 (Defaut)

MFIE: Mozilla Firefox 9.0.1 v9.0.1

GCIE: Google Chrome v16.0.912.77

---\\ Windows Product Information

~ Langage: Anglais

Windows 7 Ultimate Edition, 32-bit (Build 7600)

Windows Server License Manager Script : Absent (Not found)

Windows ID Activation : Inconnue (Unknown)

Windows Licence : Inconnue (Unknown)

Software Protection Service (Protection logicielle) : KO

Windows Automatic Updates : OK

Windows Activation Technologies : OK

---\\ System Information

~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3032 MB (61% free)

System Restore: Activé (Enable)

System drive C: has 121 GB (40%) free of 298 GB

---\\ Logged in mode

~ Computer Name: DARIOJR-PC

~ User Name: Dario Jr

~ All Users Names: HomeGroupUser$, Dario Jr, Convidado, Administrador,

~ Unselected Option: None

Logged in as Administrator

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\Dario Jr\AppData\Roaming\

~ %Desktop% : C:\Users\Dario Jr\Desktop\

~ %Favorites% : C:\Users\Dario Jr\Favorites\

~ %LocalAppData% : C:\Users\Dario Jr\AppData\Local\

~ %StartMenu% : C:\Users\Dario Jr\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 121 Go of 298 Go)

D:\ CD-ROM drive (Not Inserted)

F:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date

~ Scan Security Center in 00mn 00s

---\\ Search Generic System Files

[MD5.2626FC9755BE22F805D3CFA0CE3EE727] - (.Microsoft Corporation - Windows Explorer.) (.31/10/2009 - 02:45:39.) -- C:\Windows\Explorer.exe [2614272]

[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Processo de host do Windows (Rundll32).) (.13/07/2009 - 22:14:31.) -- C:\Windows\system32\rundll32.exe [44544]

[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.13/07/2009 - 22:14:45.) -- C:\Windows\system32\Wininit.exe [96256]

[MD5.F1C359CE656BD76F90E0E6C4BC04A4BE] - (.Microsoft Corporation - Internet Extensions para Win32.) (.19/12/2009 - 06:02:55.) -- C:\Windows\system32\wininet.dll [977920]

[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.28/10/2009 - 03:17:59.) -- C:\Windows\system32\Winlogon.exe [285696]

[MD5.D41D8CD98F00B204E9800998ECF8427E] - (....) (.13/07/2009 - 00:00:00.) -- C:\Windows\system32\sppcomapi.dll [193024]

[MD5.DDC040FDB01EF1712A6B13E52AFB104C] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.13/07/2009 - 20:12:38.) -- C:\Windows\system32\drivers\AFD.sys [338944]

[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.13/07/2009 - 22:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584]

[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 20:11:15.) -- C:\Windows\system32\drivers\Cdfs.sys [70656]

[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.13/07/2009 - 20:11:26.) -- C:\Windows\system32\drivers\Cdrom.sys [108544]

[MD5.8E09E52EE2E3CEB199EF3DD99CF9E3FB] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.13/07/2009 - 20:14:17.) -- C:\Windows\system32\drivers\DfsC.sys [78336]

[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.13/07/2009 - 20:50:56.) -- C:\Windows\system32\drivers\HDAudBus.sys [108544]

[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Driver de porta i8042.) (.13/07/2009 - 20:11:24.) -- C:\Windows\system32\drivers\i8042prt.sys [80896]

[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 20:54:29.) -- C:\Windows\system32\drivers\IpNat.sys [101888]

[MD5.9E5DD4EF01AED723ABF5342EF23FF012] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.08/01/2010 - 00:17:36.) -- C:\Windows\system32\drivers\MRxSmb.sys [123392]

[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.13/07/2009 - 20:12:21.) -- C:\Windows\system32\drivers\netBT.sys [187904]

[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.13/07/2009 - 22:20:44.) -- C:\Windows\system32\drivers\ntfs.sys [1210432]

[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Driver de porta paralela.) (.13/07/2009 - 20:45:35.) -- C:\Windows\system32\drivers\Parport.sys [79360]

[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 20:54:34.) -- C:\Windows\system32\drivers\Rasl2tp.sys [78848]

[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/07/2009 - 21:02:58.) -- C:\Windows\system32\drivers\rdpdr.sys [133120]

[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 20:53:41.) -- C:\Windows\system32\drivers\smb.sys [71168]

[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.13/07/2009 - 20:12:11.) -- C:\Windows\system32\drivers\tdx.sys [74240]

[MD5.58DF9D2481A56EDDE167E51B334D44FD] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.13/07/2009 - 22:19:10.) -- C:\Windows\system32\drivers\volsnap.sys [245328]

~ Scan Generic Processes in 00mn 00s

---\\ Hidden files state (Hidden/Total)

~ Mes images (My Pictures) : 1/2

~ Mes musiques (My Musics) : 3/113

~ Mes Favoris (My Favorites) : Non accessible (Not found)

~ Mes Documents (My Documents) : 5/209

~ Mon Bureau (My Desktop) : 172/14698

~ Menu demarrer (Programs) : 7/32

~ Scan Hidden Files in 00mn 14s

---\\ Running Processes

[MD5.272DD72EC76077C7D37B3056C5CD8224] - (.mychat - BisonHK.) -- C:\Program Files\BisonCam\BisonHK.exe [81920] [PID.1924]

[MD5.22206C8921E91BF457FC70C1531D143D] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6281760] [PID.1932]

[MD5.ED42244DCCCF367BAD825680274D6FD7] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [174104] [PID.1996]

[MD5.8AE8B7F7A5D433E222CE07231BECD099] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [151064] [PID.2020]

[MD5.A6E68C1552D032A32DB73555E2506564] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [252952] [PID.2044]

[MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [PID.716]

[MD5.C7EB8548D194FF5185FE781415F7782C] - (.TOSHIBA CORPORATION. - Bluetooth Manager.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2680160] [PID.1440]

[MD5.A1091A01468D5CF18BBE39A9A1749EDB] - (.TOSHIBA CORPORATION. - TosBtHid.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe [83272] [PID.2612]

[MD5.DD47DE39FB6CBB009AC14D86CB02C1E0] - (.TOSHIBA CORPORATION. - TosHdpProc.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosHdpProc.exe [354128] [PID.3388]

[MD5.F7226AA410954185160067D5FA82F3F2] - (.AVAST Software - avast! antivírus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3744552] [PID.17500]

[MD5.7B2D61A81906852CE38A46D09EFEEE9D] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2210816] [PID.32664]

~ Scan Processes Running in 00mn 00s

---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)

C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Preferences

G1 - GCS: Preference [user Data\Default] None

G0 - GCSP: Preference [user Data\Default][HomePage] http://www.google.com

~ Scan Google Browser in 00mn 00s

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)

C:\Users\Dario Jr\AppData\Roaming\Mozilla\Firefox\Profiles\p3l8ikjt.default\prefs.js

M3 - MFPP: Plugins - [Dario Jr] -- C:\Program Files\Mozilla FireFox\searchplugins\buscape.xml

M3 - MFPP: Plugins - [Dario Jr] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [Dario Jr] -- C:\Program Files\Mozilla FireFox\searchplugins\mercadolivre.xml

M3 - MFPP: Plugins - [Dario Jr] -- C:\Program Files\Mozilla FireFox\searchplugins\twitter.xml

M3 - MFPP: Plugins - [Dario Jr] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-br.xml

M3 - MFPP: Plugins - [Dario Jr] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-br.xml

M0 - MFSP: prefs.js [Dario Jr - p3l8ikjt.default] http://www.google.com

M2 - MFEP: prefs.js [Dario Jr - p3l8ikjt.default\anttoolbar@ant.com] [] Ant Video Downloader v2.4.5 (.Ant.com.)

M2 - MFEP: prefs.js [Dario Jr - p3l8ikjt.default\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}] [] Forecastfox v2.0.21 (.Jon Stritar.)

M2 - MFEP: prefs.js [Dario Jr - p3l8ikjt.default\{87F8774F-B485-47E2-A755-A40A8A5E886C}] [] Modulo de Seguranca - Banco do Brasil v2.8.0.2.36 (.Jon Stritar.)

M2 - MFEP: prefs.js [Dario Jr - p3l8ikjt.default\{87F8774F-B485-47E2-A755-A40A8A5E886D}] [] Adicional de Seguranca CAIXA® v2.8.0.2.36 (.Caixa Economica Federal.)

M2 - MFEP: prefs.js [Dario Jr - p3l8ikjt.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.8 (.Michel Gutierrez.)

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - 2.0.0048.0.) -- C:\Program Files\Mozilla Firefox\Plugins\npOGAPlugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_30 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/wpi,version=1.4] - (.Microsoft Corp - wpidetector.) -- C:\Program Files\Microsoft\Web Platform Installer\NPWPIDetector.dll

P2 - FPN: [HKLM] [@playstation.com/PsndlCheck,version=1.00] - (.Sony Computer Entertainment Inc. - PlayStation®Network Downloader Check Plug-in.) -- C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll

P2 - FPN: [HKLM] [@SonyCreativeSoftware.com/Media Go,version=1.0] - (.Sony Network Entertainment International LL - 2.0.) -- C:\Program Files\Sony\Media Go\npmediago.dll

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Dario Jr\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Dario Jr\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll

~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navegador da Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

---\\ Changed inifile Value, Mapped to Registry (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

---\\ Hosts file redirection (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

~ Nombre de lignes (Lines number): 1

---\\ Browser Helper Objects (O2)

O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} . (.Orbitdownloader.com - Orbitcth.) -- C:\Program Files\Orbitdownloader\orbitcth.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: LinkAirBrowserHelper HistoryTriggerBHO - {21A88CB9-84D2-4020-A2D1-B25A21034884} . (.LG Electronics - No comment.) -- C:\Program Files\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: G-Buster Browser Defense - {C41A1C0E-EA6C-11D4-B1B8-444553540000} . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files\GbPlugin\gbieh.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

~ Scan BHO in 00mn 00s

---\\ Internet Explorer toolbars (O3)

O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} . (.Unknown owner - Grab Pro.) -- C:\Program Files\Orbitdownloader\GrabPro.dll

~ Scan Toolbar in 00mn 00s

---\\ Auto loading programs from Registry and folders (O4)

O4 - HKLM\..\Run: [bisonHK] . (.mychat - BisonHK.) -- C:\Program Files\BisonCam\BisonHK.exe

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe

O4 - HKLM\..\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

O4 - HKLM\..\Run: [Chrome3] ;;; C:\Program Files\s3graphics\chrome3\Chrome3.exe (.not file.)

O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

O4 - HKLM\..\Run: [iTSecMng] . (.TOSHIBA CORPORATION - IT Security Manager for Toshiba Stack.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\ItSecMng.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-21-2014276812-2303388161-280020652-1000\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets da Área de Trabalho do Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

~ Scan Application in 00mn 00s

---\\ Other User Links (O4)

O4 - Global Startup: C:\Users\Dario Jr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Dario Jr\Desktop\Desktop1.lnk . (...) -- C:\Pastas.area.de.trabalho\Desktop1

O4 - Global Startup: C:\Users\Dario Jr\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\Dario Jr\AppData\Local\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\Dario Jr\Desktop\Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe

O4 - Global Startup: C:\Users\Dario Jr\Desktop\Pastas.area.de.trabalho - Atalho.lnk . (...) -- C:\Pastas.area.de.trabalho

O4 - Global Startup: C:\Users\Dario Jr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ConvertXtoDVD 4.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\ConvertX\4\ConvertXtoDvd.exe

O4 - Global Startup: C:\Users\Dario Jr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Dario Jr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\LG PC Suite IV.lnk . (.Mobile Leader Co.,Ltd..) -- C:\Program Files\LG Electronics\LG PC Suite IV\LGUX.exe

O4 - Global Startup: C:\Users\Dario Jr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\Dario Jr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk . (.Mozilla Messaging.) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe

O4 - Global Startup: C:\Users\Dario Jr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk . (.Nero AG.) -- C:\Program Files\Nero\Nero 9\Nero StartSmart\NeroStartSmart.exe

O4 - Global Startup: C:\Users\Dario Jr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Orbit.lnk . (.Orbitdownloader.com.) -- C:\Program Files\Orbitdownloader\orbitdm.exe

O4 - Global Startup: C:\Users\Dario Jr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VDownloader.lnk . (...) -- C:\Program Files\VDownloader 1.13\VDownloader.exe

O4 - Global Startup: C:\Users\Dario Jr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VideoDVDMaker FREE.lnk . (...) -- C:\Program Files\Video DVD Maker\dvd.exe

~ Scan Global Startup in 00mn 00s

---\\ IE Options icon not visible in Control Panel (O5)

O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no

~ Scan IE Control Panel in 00mn 00s

---\\ Extra items in the IE right-click menu (O8)

O8 - Extra context menu item: &Download by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll

O8 - Extra context menu item: &Grab video by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll

O8 - Extra context menu item: Do&wnload selected by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll

O8 - Extra context menu item: Down&load all by Orbit . (.Orbitdownloader.com - Orbitmxt.) -- C:\Program Files\Orbitdownloader\orbitmxt.dll

O8 - Extra context menu item: E&xportar para o Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files\MICROS~3\Office12\EXCEL.exe

~ Scan IE Menu Contextuel in 00mn 00s

---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO

~ Scan IE Extra Buttons in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\System32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\System32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\System32\NapiNSP.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\System32\pnrpnsp.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\System32\pnrpnsp.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\System32\wshbth.dll

~ Scan Winsock in 00mn 00s

---\\ Site in Trusted Zone (O15)

O15 - Trusted Zone: [HKCU\...\Domains\www] *.bancobrasil.com.br

O15 - Trusted Zone: [HKCU\...\Domains\www] *.bb.com.br

~ Scan IE Zone Confiance in 00mn 00s

---\\ ActiveX Objects (Downloaded Program Files) (O16)

O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.microsoft.com/sites/production/ieawsdc32.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

~ Scan Objets ActiveX in 00mn 00s

---\\ Lop.com/Domain Hijackers (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{13A1F423-73A3-4CE8-8ADA-D37E2022AD0D}: DhcpNameServer = 192.168.1.1 172.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{13A1F423-73A3-4CE8-8ADA-D37E2022AD0D}: DhcpNameServer = 192.168.1.1 172.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{13A1F423-73A3-4CE8-8ADA-D37E2022AD0D}: DhcpNameServer = 192.168.1.1 172.168.1.1

~ Scan Domain in 00mn 00s

---\\ Extra protocols (O18)

O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\MSVidCtl.dll

O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll

O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll

O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\microsoft shared\Help\hxds.dll

O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll

O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\MSVidCtl.dll

O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll

~ Scan Protocole Additionnel in 00mn 00s

---\\ AppInit_DLLs Registry value Autorun (O20)

O20 - Winlogon Notify: GbPluginBb . (.Banco do Brasil - Gbieh Module.) -- C:\Program Files\GbPlugin\gbieh.dll

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\system32\igfxdev.dll

~ Scan Winlogon in 00mn 00s

---\\ ShellServiceObjectDelayLoad (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Monitor de Sites.) -- C:\Windows\system32\webcheck.dll

~ Scan SSODL in 00mn 00s

---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! antivírus (avast! antivírus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Gbp Service (GbpSv) . (.Unknown owner - G-Buster Browser Defense - Service.) - C:\Program Files\GbPlugin\gbpsv.exe

O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: (S3Funkey) . (.S3 Graphics Co., Ltd. - s3funkey.) - C:\Program Files\s3graphics\chrome3\S3Funkey.svc

O23 - Service: (S3LoadSv) . (.S3 Graphics Co., Inc. - Service and HPD loader.) - C:\Program Files\s3graphics\chrome3\s3loadsv.svc

O23 - Service: StarWind AE Service (StarWindServiceAE) . (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

~ Scan Services in 00mn 00s

---\\ Windows Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

---\\

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s

---\\ Task Planned Automatically(039)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2014276812-2303388161-280020652-1000Core.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2014276812-2303388161-280020652-1000UA.job

[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskUserS-1-5-21-2014276812-2303388161-280020652-1000Core] (.Google Inc..) -- C:\Users\Dario Jr\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskUserS-1-5-21-2014276812-2303388161-280020652-1000UA] (.Google Inc..) -- C:\Users\Dario Jr\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.00000000000000000000000000000000] [APT] [RealUpgradeLogonTaskS-1-5-21-2014276812-2303388161-280020652-1000] (...) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [RealUpgradeScheduledTaskS-1-5-21-2014276812-2303388161-280020652-1000] (...) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe (.not file.)

[MD5.52962EBA97805B3819D2A2A8C84FF879] [APT] [RNUpgradeHelperResumePrompt_Dario Jr] (.RealNetworks, Inc..) -- C:\Users\Dario Jr\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.00\rnupgagent.exe

[MD5.2E3CD4B7B42D5D231F8DA2EBC3988121] [APT] [{192F381E-ECC5-4514-B239-D8F782E55363}] (...) -- C:\Program Files\LG Electronics\LG Bluetooth Drivers\UninstallShld.exe

[MD5.1648893C7E21C4BCFB451F5BD985A8B4] [APT] [{1E9937AF-7A5F-4FA7-A960-2A3B23730CB0}] (.Rovio Mobile.) -- C:\Program Files\Rovio\Angry Birds Seasons\AngryBirdsSeasons.exe

~ Scan Scheduled Task in 00mn 03s

---\\ ActiveSetup Installed Components (O40)

O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Identidade visual IEAK.) -- C:\Windows\System32\iedkcs32.dll

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll

O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\system32\wmp.dll

O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll

O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.3 r181.) -- C:\Windows\System32\Macromed\Flash\Flash10t.ocx

~ Scan Active Setup in 00mn 00s

---\\ Drivers launched at startup (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\system32\drivers\csc.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Driver do Subsistema de Buffer da Unidade R.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys

O41 - Driver: (Tosrfcom) . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) - C:\Windows\system32\Drivers\tosrfcom.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys

O41 - Driver: C:\Windows\system32\drivers\ws2ifsl.sys (ws2ifsl) . (.Microsoft Corporation - Winsock2 IFS Layer.) - C:\Windows\system32\drivers\ws2ifsl.sys

~ Scan Drivers in 00mn 00s

---\\ Software installed (O42)

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-0416-0000-0000000FF1CE}_PROPLUS_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-0416-0000-0000000FF1CE}_PROPLUS_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-0416-0000-0000000FF1CE}_PROPLUS_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-0416-0000-0000000FF1CE}_PROPLUS_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE}_PROPLUS_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE}_PROPLUS_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0416-0000-0000000FF1CE}_PROPLUS_{75EBE365-7FC5-4720-A7D3-804BF550D1BC}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-0416-0000-0000000FF1CE}_PROPLUS_{02A880E2-B8B9-4BF5-8822-EA1374734E2E}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-0416-0000-0000000FF1CE}_PROPLUS_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- {0483BE07-260D-4E4D-815E-F737C0A72E40}

O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Reader 9.3 - Português - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1046-7B44-A93000000001}

O42 - Logiciel: Angry Birds Seasons - (.Rovio.) [HKLM] -- {9E4F7DD0-C596-4501-AE16-77F18F7EE694}

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {B3575D00-27EF-49C2-B9E0-14B3D954E992}

O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {C23CD6DA-1958-43A5-ADD0-59396572E02E}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

O42 - Logiciel: Assistente de Conexão do Windows Live - (.Microsoft Corporation.) [HKLM] -- {51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}

O42 - Logiciel: Atualização do produto Microsoft Office Word 2007 Help (KB963665) - (.Microsoft.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE}_PROPLUS_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3}

O42 - Logiciel: Audacity 1.3.12 (Unicode) - (.Audacity Team.) [HKLM] -- Audacity 1.3 Beta (Unicode)_is1

O42 - Logiciel: Auslogics BoostSpeed - (.Auslogics Software Pty Ltd.) [HKLM] -- {7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1

O42 - Logiciel: Auslogics Disk Defrag - (.Auslogics Software Pty Ltd.) [HKLM] -- {DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1

O42 - Logiciel: Bison WebCam AP - (.Bison.) [HKLM] -- {5AB0B30D-4EBF-4897-894A-6B8865954694}

O42 - Logiciel: Bluetooth Stack for Windows by Toshiba - (.TOSHIBA CORPORATION.) [HKLM] -- {CEBB6BFB-D708-4F99-A633-BC2600E01EF6}

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: CD/DVD-ROM Generator 1.50 - (.Unknown owner.) [HKLM] -- CD/DVD-ROM Generator

O42 - Logiciel: ConvertXtoDVD 4.1.10.348 - (.Unknown owner.) [HKLM] -- {DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1

O42 - Logiciel: CoreAAC - (.Unknown owner.) [HKLM] -- CoreAAC

O42 - Logiciel: CorelDRAW Graphics SUite X4 - ICA - (.Corel Corporation.) [HKLM] -- {7F05E704-30A6-421A-97A7-8EEB1C7FF010}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - (.Corel Corporation.) [HKLM] -- {44A27085-0616-4181-A0C3-81C7ECA17F73}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - Capture - (.Corel Corporation.) [HKLM] -- {7F05E704-30A6-421A-97A7-8EEB1C7FF012}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - Content - (.Corel Corporation.) [HKLM] -- {7F05E704-30A6-421A-97A7-8EEB1C7FF016}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - Draw - (.Corel Corporation.) [HKLM] -- {7F05E704-30A6-421A-97A7-8EEB1C7FF013}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - Filters - (.Corel Corporation.) [HKLM] -- {7F05E704-30A6-421A-97A7-8EEB1C7FF017}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - FontNav - (.Corel Corporation.) [HKLM] -- {7F05E704-30A6-421A-97A7-8EEB1C7FF019}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - IPM - (.Corel Corporation.) [HKLM] -- {9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - Lang BR - (.Corel Corporation.) [HKLM] -- {1A9DAB4D-46CD-4CBF-A9FC-28D8AA8D2FCF}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - PP - (.Corel Corporation.) [HKLM] -- {7F05E704-30A6-421A-97A7-8EEB1C7FF014}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - VBA - (.Corel Corporation.) [HKLM] -- {BF439B41-0252-48DE-8B8B-0430CB26A181}

O42 - Logiciel: CorelDRAW® Graphics Suite X4 - (.Corel Corporation.) [HKLM] -- _{7F05E704-30A6-421A-97A7-8EEB1C7FF010}

O42 - Logiciel: CorelDRAW® Graphics Suite X4 - Windows Shell Extension - (.Corel Corporation.) [HKLM] -- _{CE2DA11A-917F-4CF5-AB55-755EC115DD10}

O42 - Logiciel: CorelDRAW® Graphics Suite X4 - Windows Shell Extension - (.Corel Corporation.) [HKLM] -- {CE2DA11A-917F-4CF5-AB55-755EC115DD10}

O42 - Logiciel: DVD Decrypter (Remove Only) - (.Unknown owner.) [HKLM] -- DVD Decrypter

O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1

O42 - Logiciel: Ferramenta de Carregamento do Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: FormatFactory 2.60 - (.Free Time.) [HKLM] -- FormatFactory

O42 - Logiciel: Foxit Reader - (.Foxit Software Company.) [HKLM] -- Foxit Reader

O42 - Logiciel: Free Screen Video Capture by Topviewsoft 4.1.7 - (.Topviewsoft, Inc..) [HKLM] -- {180CAD6C-B0ED-42A9-8C4A-CF49C6682A06}_is1

O42 - Logiciel: FreeRIP v3.6 - (.MGShareware.) [HKLM] -- {501451DE-5808-4599-B544-8BD0915B6B24}_is1

O42 - Logiciel: GIMP 2.6.8 - (.Unknown owner.) [HKLM] -- WinGimp-2.0_is1

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome

O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI

O42 - Logiciel: IsoBuster 2.7 - (.Smart Projects.) [HKLM] -- IsoBuster_is1

O42 - Logiciel: Java 6 Update 30 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216030FF}

O42 - Logiciel: K-Lite Codec Pack 4.2.5 (Full) - (.Unknown owner.) [HKLM] -- KLiteCodecPack_is1

O42 - Logiciel: LAME v3.98.2 for Audacity - (.Unknown owner.) [HKLM] -- LAME for Audacity_is1

O42 - Logiciel: LG Bluetooth Drivers - (.LG Electronics.) [HKLM] -- {AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}

O42 - Logiciel: LG PC Suite IV - (.LG Electronics.) [HKLM] -- LG PC Suite IV

O42 - Logiciel: LG United Mobile Drivers - (.LG Electronics.) [HKLM] -- {74EAA5ED-7DDF-4647-8F90-C746BEB246F8}

O42 - Logiciel: MIKSOFT Mobile AMR converter - (.MIKSOFT.) [HKLM] -- MIKSOFT Mobile AMR converter_is1

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC}

O42 - Logiciel: MV RegClean 5.9 - (.Unknown owner.) [HKLM] -- MV RegClean 5.9_is1

O42 - Logiciel: Malwarebytes Anti-Malware versão 1.60.0.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Media Go - (.Sony.) [HKLM] -- {167A1F6A-9BF2-4B24-83DB-C6D659F680EA}

O42 - Logiciel: Media Go Video Playback Engine 1.84.109.07010 - (.Sony.) [HKLM] -- {34EF7358-ABC7-8469-5FB6-C5C0146F099E}

O42 - Logiciel: Megacubo 8.0.0 - (.www.megacubo.net.) [HKLM] -- Megacubo_is1

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM] -- {1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}

O42 - Logiciel: Microsoft Office Access MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (Portuguese (Brazil)) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {a0fe116e-9a8a-466f-aee0-625cb7c207e3}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {196BB40D-1578-3D01-B289-BEFC77A11A1E}

O42 - Logiciel: Microsoft Web Platform Installer 3.0 - (.Microsoft Corporation.) [HKLM] -- {CC4878C0-4A6A-49CD-AAA7-DD3FCB06CC84}

O42 - Logiciel: Mozilla Firefox 9.0.1 (x86 pt-BR) - (.Mozilla.) [HKLM] -- Mozilla Firefox 9.0.1 (x86 pt-BR)

O42 - Logiciel: Mozilla Thunderbird 10.0 (x86 pt-BR) - (.Mozilla.) [HKLM] -- Mozilla Thunderbird 10.0 (x86 pt-BR)

O42 - Logiciel: MyPhoneExplorer - (.F.J. Wechselberger.) [HKLM] -- MPE

O42 - Logiciel: Nero 9 - (.Nero AG.) [HKLM] -- {5975f669-8f16-4c54-aaed-2d48c19f9103}

O42 - Logiciel: OGA Notifier 2.0.0048.0 - (.Microsoft Corporation.) [HKLM] -- {B2544A03-10D0-4E5E-BA69-0362FFC20D18}

O42 - Logiciel: Orban/Coding Technologies AAC/aacPlus Player Plugin™ 1.0 - (.Orban, Inc..) [HKLM] -- {DB0A8A2A-4EA7-4FE3-802E-8A6DEE32696C}_is1

O42 - Logiciel: Orbit Downloader - (.www.orbitdownloader.com.) [HKLM] -- Orbit_is1

O42 - Logiciel: Paragon Partition Manager™ 11 Free Edition - (.Paragon Software.) [HKLM] -- {45F4941E-5E77-11DF-A71D-005056C00008}

O42 - Logiciel: PlayStation®Network Downloader - (.Sony Computer Entertainment Inc..) [HKLM] -- {B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}

O42 - Logiciel: PlayStation®Store - (.Sony Computer Entertainment Inc..) [HKLM] -- {0E532C84-4275-41B3-9D81-D4A1A20D8EE7}

O42 - Logiciel: PrimoPDF -- brought to you by Nitro PDF Software - (.Nitro PDF Software.) [HKLM] -- PrimoPDF

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}

O42 - Logiciel: REALTEK RTL8187B Wireless LAN Driver - (.REALTEK Semiconductor Corp..) [HKLM] -- {7095FD27-37F0-4750-9DE8-D37DC0043706}

O42 - Logiciel: Real Alternative 1.7.5 - (.Unknown owner.) [HKLM] -- RealAlt_is1

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}

O42 - Logiciel: Rosetta Stone V3 - (.Rosetta Stone.) [HKLM] -- {7210BCFE-ED8D-4261-8537-81B5A4BDFA2A}

O42 - Logiciel: S3 Graphics Utilities - (.S3 Graphics Co., Ltd..) [HKLM] -- S3 Graphics Utilities

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB978380) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{667A88D1-0369-4070-A62A-70672D68A9BF}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB978382) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6DE3DABF-0203-426B-B330-7287D1003E86}

O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB972363) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{120BE9A0-9B09-4855-9E0C-7DEE45CB03C0}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB957789) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7559E742-FF9F-4FAE-B279-008ED296CB4D}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB980470) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{34573F17-DADE-4D0D-835F-A54A1DE8AC1F}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB969613) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Skype™ 5.3 - (.Skype Technologies S.A..) [HKLM] -- {5335DADB-34BA-4AE8-A519-648D78498846}

O42 - Logiciel: Sony Ericsson PC Companion 2.02.015 - (.Sony Ericsson.) [HKLM] -- {F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}

O42 - Logiciel: Sony Ericsson Update Service - (.Sony Ericsson Mobile Communications AB.) [HKLM] -- Update Service

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB981715) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{661B3F32-FFE4-4606-AE3A-DFA11DCC0D79}

O42 - Logiciel: Update for Microsoft Office InfoPath 2007 (KB976416) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{432C5EE4-8096-4FF1-95E1-65219365DFF7}

O42 - Logiciel: Update for Microsoft Office Word 2007 (KB974561) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0CDDBAA2-2111-4A0E-A1B0-76C40C635331}

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (kb981433) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A6859A6-042D-4DF7-84E2-79F8DEFB5D48}

O42 - Logiciel: VDownloader 1.13 - (.Vitzo Limited.) [HKLM] -- {CA567AD5-33A4-403D-86D1-EE2D38251951}_is1

O42 - Logiciel: Video DVD Maker v3.32.0.80 - (.Unknown owner.) [HKLM] -- {1A3E23D7-7A1E-43EC-B35D-EB2A31BED943}

O42 - Logiciel: Vivo 3G - (.Unknown owner.) [HKLM] -- {93D34EE3-99B3-4DB1-8B0A-0A657466F90D}

O42 - Logiciel: WinRAR archiver - (.Unknown owner.) [HKLM] -- WinRAR archiver

O42 - Logiciel: WinZip 12.0 - (.WinZip Computing, S.L. .) [HKLM] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240B7}

O42 - Logiciel: Windows Driver Package - First International Computer, Inc. (UPCDRV) System (07/06/2009 1.00.00) - (.First International Computer, Inc..) [HKLM] -- 65598B62062AF73D52DE409AF9970494193D0B8E

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {590035D9-BFA0-406A-A7F0-479C72C0DDB2}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- {0FFEA8EE-7BC7-4C9D-8CC6-5B8C891BA3F2}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {9ADC3E4F-34DA-48CD-8727-BB26D90257BD}

O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- Windows Live OneCare safety scanner

O42 - Logiciel: Windows Live OneCare safety scanner - (.Microsoft Corporation.) [HKLM] -- {FE0646A7-19D0-41B4-A2BB-2C35D644270D}

O42 - Logiciel: aTube Catcher - (.DsNET Corp.) [HKLM] -- aTube Catcher

O42 - Logiciel: avast! Free antivírus - (.AVAST Software.) [HKLM] -- avast

O42 - Logiciel: iPhone Explorer 2.111 - (.Macroplant, LLC.) [HKLM] -- {7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1

O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {C73CA646-73B3-4AEF-A136-C37505745174}

O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

O42 - Logiciel: ratDVD 0.78.1444 - (.ratDVD.) [HKLM] -- ratDVD

O42 - Logiciel: µTorrent - (.Unknown owner.) [HKLM] -- uTorrent

---\\ HKCU & HKLM Software Keys

[HKCU\Software\AC3filter]

[HKCU\Software\ALWIL Software]

[HKCU\Software\AVAST Software]

[HKCU\Software\AWSoftware]

[HKCU\Software\Adobe]

[HKCU\Software\Afinador_XX]

[HKCU\Software\Alcohol Soft]

[HKCU\Software\AppDataLow\RealNetworks]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\Armand_Morin]

[HKCU\Software\Audacity]

[HKCU\Software\Auslogics]

[HKCU\Software\AutoHelpDesk]

[HKCU\Software\BisonCam]

[HKCU\Software\BitDefender]

[HKCU\Software\BitTorrent]

[HKCU\Software\CDDB]

[HKCU\Software\Caphyon]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Connectix]

[HKCU\Software\Corel]

[HKCU\Software\DAMN]

[HKCU\Software\DT Soft]

[HKCU\Software\DVD Decrypter]

[HKCU\Software\DVD Shrink]

[HKCU\Software\DacIChobr_YY]

[HKCU\Software\DivXNetworks]

[HKCU\Software\Elcom]

[HKCU\Software\Foxit Software]

[HKCU\Software\FreeTime]

[HKCU\Software\Freeware]

[HKCU\Software\GNU]

[HKCU\Software\GSpot Appliance Corp]

[HKCU\Software\Gabest]

[HKCU\Software\GbAs]

[HKCU\Software\GbPlugin]

[HKCU\Software\Google]

[HKCU\Software\Haali]

[HKCU\Software\IM Providers]

[HKCU\Software\Image Power]

[HKCU\Software\Intel]

[HKCU\Software\JavaSoft]

[HKCU\Software\LG Electronics Inc]

[HKCU\Software\LG Electronics]

[HKCU\Software\Licenses]

[HKCU\Software\LowRegistry]

[HKCU\Software\MGShareware]

[HKCU\Software\MLSync]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MediaInfo]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\MyPhoneExplorer]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\Nico Mak Computing]

[HKCU\Software\ODBC]

[HKCU\Software\Orbit]

[HKCU\Software\PS2Eplugin]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\ProgSense]

[HKCU\Software\RealNetworks]

[HKCU\Software\Realtek]

[HKCU\Software\S3]

[HKCU\Software\SecuROM]

[HKCU\Software\Skype]

[HKCU\Software\Smart Projects]

[HKCU\Software\SoftVTU]

[HKCU\Software\Softonic]

[HKCU\Software\Sony Computer Entertainment]

[HKCU\Software\Sony Corporation]

[HKCU\Software\Sony Ericsson]

[HKCU\Software\StarSynergy]

[HKCU\Software\Sysinternals]

[HKCU\Software\Toshiba]

[HKCU\Software\Trolltech]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\VSO]

[HKCU\Software\Video DVD Maker FREE]

[HKCU\Software\VideoGrabber]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\WinZip Computing]

[HKCU\Software\iSilo]

[HKCU\Software\ratDVD]

[HKCU\Software\sYk0]

[HKLM\Software\<company>]

[HKLM\Software\A-Patch]

[HKLM\Software\ALWIL Software]

[HKLM\Software\ATI Technologies]

[HKLM\Software\AVAST Software]

[HKLM\Software\Adobe]

[HKLM\Software\AdwCleaner]

[HKLM\Software\Ahead]

[HKLM\Software\Alcohol Soft]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\AviSynth]

[HKLM\Software\BVRP Software]

[HKLM\Software\CDDB]

[HKLM\Software\Caphyon]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Codec Tweak Tool]

[HKLM\Software\Corel]

[HKLM\Software\DAMN]

[HKLM\Software\DT Soft]

[HKLM\Software\Elcom]

[HKLM\Software\Foxit Software]

[HKLM\Software\GEAR Software]

[HKLM\Software\GNU]

[HKLM\Software\Google]

[HKLM\Software\HaaliMkx]

[HKLM\Software\HighCriteria]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\KLCodecPack]

[HKLM\Software\LG Electronics]

[HKLM\Software\Lame for Audacity]

[HKLM\Software\Licenses]

[HKLM\Software\MGShareware]

[HKLM\Software\Macromedia]

[HKLM\Software\Macrovision]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\Megacubo]

[HKLM\Software\MessPatch]

[HKLM\Software\Motorola]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Nero]

[HKLM\Software\Nico Mak Computing]

[HKLM\Software\ODBC]

[HKLM\Software\On2 Technologies]

[HKLM\Software\Orbit]

[HKLM\Software\Osen Kusnadi]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Protexis]

[HKLM\Software\RealAlternative]

[HKLM\Software\RealNetworks]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\RichFX]

[HKLM\Software\S3R521]

[HKLM\Software\S3]

[HKLM\Software\Skype]

[HKLM\Software\Sonic]

[HKLM\Software\Sony Corporation]

[HKLM\Software\Sony Creative Software]

[HKLM\Software\Sony Ericsson]

[HKLM\Software\Sony Media Software]

[HKLM\Software\Sony]

[HKLM\Software\Swearware]

[HKLM\Software\Toshiba]

[HKLM\Software\TrendMicro]

[HKLM\Software\Trolltech]

[HKLM\Software\VSO]

[HKLM\Software\Volatile]

[HKLM\Software\WinRAR]

[HKLM\Software\Xing Technology Corp.]

[HKLM\Software\ZTEUSBDriverFlag]

[HKLM\Software\mozilla.org]

~ Scan Softwares in 00mn 00s

---\\ Contents of the Common Files folders (O43)

O43 - CFD: 16/04/2010 - 02:48:38 - [219,650] ----D- C:\Program Files\Adobe

O43 - CFD: 24/05/2010 - 17:02:46 - [10,656] ----D- C:\Program Files\Alcohol Soft

O43 - CFD: 13/02/2010 - 15:23:02 - [251,042] ----D- C:\Program Files\Alwil Software

O43 - CFD: 14/04/2011 - 17:45:10 - [5,798] ----D- C:\Program Files\AML Products

O43 - CFD: 27/07/2011 - 23:55:06 - [2,316] ----D- C:\Program Files\Apple Software Update

O43 - CFD: 13/02/2010 - 02:12:28 - [0] -SH-D- C:\Program Files\Arquivos Comuns

O43 - CFD: 07/07/2010 - 15:43:00 - [0,199] ----D- C:\Program Files\Audacity

O43 - CFD: 07/07/2010 - 15:43:50 - [32,781] ----D- C:\Program Files\Audacity 1.3 Beta (Unicode)

O43 - CFD: 13/06/2010 - 18:31:34 - [32,845] ----D- C:\Program Files\Auslogics

O43 - CFD: 09/02/2011 - 00:13:38 - [0,140] ----D- C:\Program Files\AviSynth 2.5

O43 - CFD: 13/02/2010 - 02:43:24 - [0,295] ----D- C:\Program Files\BisonCam

O43 - CFD: 23/11/2011 - 12:38:34 - [4,037] ----D- C:\Program Files\CCleaner

O43 - CFD: 24/04/2010 - 20:02:04 - [2,465] ----D- C:\Program Files\CD_DVD-ROM Generator 1.50

O43 - CFD: 03/02/2012 - 17:02:52 - [624,084] ----D- C:\Program Files\Common Files

O43 - CFD: 04/12/2010 - 21:47:56 - [0,349] ----D- C:\Program Files\CoreAAC

O43 - CFD: 01/11/2009 - 01:28:54 - [740,103] ----D- C:\Program Files\Corel

O43 - CFD: 17/02/2010 - 19:02:46 - [9,902] ----D- C:\Program Files\DAEMON Tools Lite

O43 - CFD: 24/04/2010 - 14:05:36 - [0,196] ----D- C:\Program Files\DAMN NFO Viewer

O43 - CFD: 13/02/2010 - 02:38:34 - [0,520] ----D- C:\Program Files\DIFX

O43 - CFD: 29/12/2011 - 01:48:04 - [34,810] ----D- C:\Program Files\DsNET Corp

O43 - CFD: 13/12/2010 - 03:41:52 - [0,902] ----D- C:\Program Files\DVD Decrypter

O43 - CFD: 14/07/2009 - 06:53:56 - [79,367] ----D- C:\Program Files\DVD Maker

O43 - CFD: 13/12/2010 - 03:44:34 - [0,926] ----D- C:\Program Files\DVD Shrink

O43 - CFD: 13/12/2010 - 11:11:52 - [0] ----D- C:\Program Files\Elaborate Bytes

O43 - CFD: 16/08/2010 - 01:24:30 - [0] ----D- C:\Program Files\ElcomSoft

O43 - CFD: 14/02/2010 - 11:40:52 - [9,179] ----D- C:\Program Files\Foxit Software

O43 - CFD: 18/07/2011 - 14:43:24 - [3,661] ----D- C:\Program Files\Free Screen Video Capture by Topviewsoft

O43 - CFD: 23/06/2011 - 12:17:04 - [5,896] ----D- C:\Program Files\FreeRIP3

O43 - CFD: 03/12/2010 - 20:39:12 - [112,602] ----D- C:\Program Files\FreeTime

O43 - CFD: 31/12/2011 - 15:01:10 - [3,356] ----D- C:\Program Files\GbPlugin

O43 - CFD: 24/03/2010 - 00:10:54 - [94,621] ----D- C:\Program Files\GIMP-2.0

O43 - CFD: 05/12/2010 - 14:30:52 - [0] ----D- C:\Program Files\GRETECH

O43 - CFD: 18/07/2011 - 17:52:48 - [0,388] ----D- C:\Program Files\IDoser v4

O43 - CFD: 13/01/2012 - 10:37:28 - [28,299] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 17/09/2011 - 19:47:12 - [0] ----D- C:\Program Files\Intel

O43 - CFD: 08/10/2010 - 02:27:16 - [5,905] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 30/07/2011 - 01:00:40 - [2,939] ----D- C:\Program Files\iPhone Explorer

O43 - CFD: 27/07/2011 - 23:57:22 - [1,782] ----D- C:\Program Files\iPod

O43 - CFD: 27/07/2011 - 23:58:06 - [119,254] ----D- C:\Program Files\iTunes

O43 - CFD: 31/12/2011 - 17:21:08 - [84,980] ----D- C:\Program Files\Java

O43 - CFD: 14/02/2010 - 03:30:10 - [29,264] ----D- C:\Program Files\K-Lite Codec Pack

O43 - CFD: 08/09/2010 - 21:38:46 - [0,084] ----D- C:\Program Files\KeyNote

O43 - CFD: 07/07/2010 - 15:45:42 - [1,170] ----D- C:\Program Files\Lame for Audacity

O43 - CFD: 30/01/2012 - 16:27:36 - [119,076] ----D- C:\Program Files\LG Electronics

O43 - CFD: 08/01/2012 - 12:30:56 - [11,462] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 16/03/2010 - 17:50:34 - [2,341] ----D- C:\Program Files\Marcos Velasco Security

O43 - CFD: 25/05/2011 - 01:09:34 - [19,679] ----D- C:\Program Files\Megacubo

O43 - CFD: 18/06/2011 - 15:46:26 - [5,603] ----D- C:\Program Files\Microsoft

O43 - CFD: 14/07/2009 - 06:53:54 - [140,936] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 17/02/2010 - 21:55:40 - [276,153] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 18/06/2011 - 15:59:46 - [36,632] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 17/02/2010 - 21:55:40 - [0,014] ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD: 17/02/2010 - 21:54:18 - [1,204] ----D- C:\Program Files\Microsoft Visual Studio 8

O43 - CFD: 17/02/2010 - 21:57:30 - [3,554] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 17/02/2010 - 21:55:30 - [7,774] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 09/02/2011 - 00:18:56 - [0,747] ----D- C:\Program Files\MIKSOFT

O43 - CFD: 23/12/2011 - 11:39:54 - [38,451] ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 01/02/2012 - 14:33:02 - [37,315] ----D- C:\Program Files\Mozilla Thunderbird

O43 - CFD: 17/02/2010 - 21:55:42 - [0,025] ----D- C:\Program Files\MSBuild

O43 - CFD: 14/03/2010 - 06:27:48 - [0] ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 13/01/2012 - 11:09:40 - [11,649] ----D- C:\Program Files\MyPhoneExplorer

O43 - CFD: 16/03/2010 - 19:13:40 - [829,842] ----D- C:\Program Files\Nero

O43 - CFD: 11/10/2011 - 11:08:02 - [12,400] ----D- C:\Program Files\Nitro PDF

O43 - CFD: 16/03/2010 - 17:59:44 - [1,762] ----D- C:\Program Files\Orban

O43 - CFD: 08/11/2011 - 19:30:22 - [13,535] ----D- C:\Program Files\Orbitdownloader

O43 - CFD: 02/11/2010 - 15:11:36 - [36,764] ----D- C:\Program Files\Paragon Software

O43 - CFD: 08/10/2010 - 02:26:42 - [0] ----D- C:\Program Files\Primal Pictures

O43 - CFD: 27/07/2011 - 23:55:26 - [72,787] ----D- C:\Program Files\QuickTime

O43 - CFD: 17/08/2011 - 00:16:44 - [8,075] ----D- C:\Program Files\ratDVD

O43 - CFD: 04/01/2012 - 20:55:22 - [0,480] ----D- C:\Program Files\Real

O43 - CFD: 14/02/2010 - 03:32:22 - [19,049] ----D- C:\Program Files\Real Alternative

O43 - CFD: 06/12/2011 - 18:19:50 - [7,912] ----D- C:\Program Files\Realtek

O43 - CFD: 13/02/2010 - 02:40:20 - [0,698] ----D- C:\Program Files\REALTEK RTL8187B Wireless LAN Driver

O43 - CFD: 14/07/2009 - 02:52:32 - [36,727] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 23/08/2010 - 15:11:32 - [136,196] ----D- C:\Program Files\Rosetta Stone

O43 - CFD: 26/11/2011 - 12:34:16 - [28,149] ----D- C:\Program Files\Rovio

O43 - CFD: 06/12/2011 - 17:21:38 - [15,363] ----D- C:\Program Files\s3graphics

O43 - CFD: 14/04/2011 - 21:54:34 - [14,444] R---D- C:\Program Files\Skype

O43 - CFD: 24/04/2010 - 17:10:12 - [10,065] ----D- C:\Program Files\Smart Projects

O43 - CFD: 17/10/2011 - 15:26:08 - [105,327] ----D- C:\Program Files\Sony

O43 - CFD: 17/10/2011 - 15:19:34 - [240,410] ----D- C:\Program Files\Sony Ericsson

O43 - CFD: 17/10/2011 - 15:26:02 - [99,743] ----D- C:\Program Files\Sony Media Go Install

O43 - CFD: 19/04/2011 - 02:09:10 - [102,896] ----D- C:\Program Files\Sony Setup

O43 - CFD: 03/12/2010 - 20:41:04 - [2,039] ----D- C:\Program Files\sub2divX

O43 - CFD: 12/03/2010 - 00:19:12 - [25,398] ----D- C:\Program Files\Sun

O43 - CFD: 29/05/2011 - 03:26:26 - [4,649] ----D- C:\Program Files\SupportInfo

O43 - CFD: 15/12/2011 - 00:03:54 - [65,561] ----D- C:\Program Files\Toshiba

O43 - CFD: 06/03/2010 - 02:35:14 - [0,058] ----D- C:\Program Files\UltraISO

O43 - CFD: 14/07/2009 - 02:53:24 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 05/12/2010 - 14:30:14 - [0] ----D- C:\Program Files\URUSoft

O43 - CFD: 03/04/2011 - 01:34:22 - [0,381] ----D- C:\Program Files\uTorrent

O43 - CFD: 16/05/2010 - 21:55:12 - [6,411] ----D- C:\Program Files\VDownloader 1.13

O43 - CFD: 18/07/2011 - 15:29:58 - [27,180] ----D- C:\Program Files\Video DVD Maker

O43 - CFD: 29/05/2011 - 18:28:52 - [24,576] ----D- C:\Program Files\Vivo 3G

O43 - CFD: 26/12/2010 - 21:01:28 - [65,129] ----D- C:\Program Files\VSO

O43 - CFD: 14/07/2009 - 06:31:04 - [2,896] ----D- C:\Program Files\Windows Defender

O43 - CFD: 14/07/2009 - 06:53:50 - [6,685] ----D- C:\Program Files\Windows Journal

O43 - CFD: 29/01/2011 - 15:02:56 - [59,491] ----D- C:\Program Files\Windows Live

O43 - CFD: 15/10/2011 - 21:05:24 - [56,467] ----D- C:\Program Files\Windows Live Safety Center

O43 - CFD: 29/01/2011 - 15:02:44 - [0,234] ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD: 14/07/2009 - 06:31:04 - [5,869] ----D- C:\Program Files\Windows Mail

O43 - CFD: 14/03/2010 - 06:36:48 - [6,289] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 13/02/2010 - 02:12:28 - [11,627] ----D- C:\Program Files\Windows NT

O43 - CFD: 14/07/2009 - 06:31:04 - [4,210] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 14/07/2009 - 02:52:34 - [0,181] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 14/07/2009 - 06:31:04 - [25,779] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 13/04/2010 - 23:10:24 - [4,719] ----D- C:\Program Files\WinRAR

O43 - CFD: 24/03/2010 - 00:34:00 - [14,235] ----D- C:\Program Files\WinZip

O43 - CFD: 05/02/2012 - 00:26:40 - [10,098] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 16/04/2010 - 02:48:42 - [5,980] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 27/07/2011 - 23:57:22 - [88,874] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 01/11/2009 - 01:29:12 - [18,160] ----D- C:\Program Files\Common Files\Corel

O43 - CFD: 17/02/2010 - 21:55:40 - [0,089] ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 19/04/2011 - 02:32:18 - [0] ----D- C:\Program Files\Common Files\DVDVideoSoft

O43 - CFD: 13/02/2010 - 02:41:46 - [3,632] ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 31/12/2011 - 17:21:54 - [1,201] ----D- C:\Program Files\Common Files\Java

O43 - CFD: 23/08/2010 - 15:11:42 - [0,628] ----D- C:\Program Files\Common Files\Macrovision Shared

O43 - CFD: 29/01/2011 - 15:02:50 - [206,286] ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 16/03/2010 - 19:26:50 - [196,087] ----D- C:\Program Files\Common Files\Nero

O43 - CFD: 01/11/2009 - 01:30:40 - [1,577] ----D- C:\Program Files\Common Files\Protexis

O43 - CFD: 14/07/2009 - 00:37:06 - [0,003] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 13/02/2010 - 02:12:28 - [0] -SH-D- C:\Program Files\Common Files\Sistema

O43 - CFD: 17/10/2011 - 15:30:52 - [20,404] ----D- C:\Program Files\Common Files\Sony Shared

O43 - CFD: 14/07/2009 - 00:37:06 - [39,200] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 14/07/2009 - 06:31:04 - [41,965] ----D- C:\Program Files\Common Files\System

O43 - CFD: 13/02/2010 - 03:51:38 - [0] ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 16/04/2010 - 02:59:06 - [11,302] ----D- C:\ProgramData\Adobe

O43 - CFD: 13/02/2010 - 15:23:02 - [32,447] ----D- C:\ProgramData\Alwil Software

O43 - CFD: 30/07/2011 - 01:01:38 - [39,897] ----D- C:\ProgramData\Apple

O43 - CFD: 28/07/2011 - 02:19:04 - [64,071] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 14/07/2009 - 02:53:56 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 22/11/2010 - 21:18:36 - [0,000] ----D- C:\ProgramData\Avanquest Bluetooth SDK

O43 - CFD: 25/01/2012 - 19:27:32 - [0,045] ----D- C:\ProgramData\BlueStacks

O43 - CFD: 22/11/2010 - 18:32:12 - [0] ----D- C:\ProgramData\BVRP Software

O43 - CFD: 01/11/2009 - 01:30:42 - [63,347] ----D- C:\ProgramData\Corel

O43 - CFD: 13/02/2010 - 02:12:28 - [0] -SH-D- C:\ProgramData\Dados de aplicativos

O43 - CFD: 17/02/2010 - 19:01:42 - [0,001] ----D- C:\ProgramData\DAEMON Tools Lite

O43 - CFD: 14/07/2009 - 02:53:56 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 13/02/2010 - 02:12:28 - [0] -SH-D- C:\ProgramData\Documentos

O43 - CFD: 14/07/2009 - 02:53:56 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 13/12/2010 - 03:46:12 - [0,012] ----D- C:\ProgramData\DVD Shrink

O43 - CFD: 02/11/2010 - 15:12:38 - [0] ----D- C:\ProgramData\explauncher

O43 - CFD: 14/07/2009 - 02:53:56 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 13/02/2010 - 02:12:28 - [0] -SH-D- C:\ProgramData\Favoritos

O43 - CFD: 23/08/2010 - 15:30:36 - [0,001] ----D- C:\ProgramData\FLEXnet

O43 - CFD: 23/06/2011 - 12:16:26 - [0,013] ----D- C:\ProgramData\FreeRIP

O43 - CFD: 09/08/2011 - 11:01:42 - [7,181] ----D- C:\ProgramData\gas

O43 - CFD: 31/12/2011 - 15:01:12 - [0,085] ----D- C:\ProgramData\GbPlugin

O43 - CFD: 17/09/2011 - 19:47:12 - [0,002] ----D- C:\ProgramData\Intel

O43 - CFD: 02/11/2010 - 15:12:38 - [0] ----D- C:\ProgramData\launcher

O43 - CFD: 28/04/2010 - 18:17:42 - [16,267] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 13/02/2010 - 02:12:28 - [0] -SH-D- C:\ProgramData\Menu Iniciar

O43 - CFD: 29/01/2011 - 13:42:50 - [897,265] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 28/04/2010 - 11:38:26 - [0,057] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 13/02/2010 - 02:12:28 - [0] -SH-D- C:\ProgramData\Modelos

O43 - CFD: 16/03/2010 - 19:50:48 - [10,201] ----D- C:\ProgramData\Nero

O43 - CFD: 08/10/2010 - 02:27:00 - [0,009] ----D- C:\ProgramData\QuickTime

O43 - CFD: 03/11/2011 - 00:37:22 - [0,068] ----D- C:\ProgramData\Real

O43 - CFD: 06/09/2011 - 00:28:32 - [1671,341] ----D- C:\ProgramData\Rosetta Stone

O43 - CFD: 14/04/2011 - 21:54:28 - [19,315] ----D- C:\ProgramData\Skype

O43 - CFD: 17/10/2011 - 15:30:52 - [0,028] ----D- C:\ProgramData\Sony Corporation

O43 - CFD: 17/10/2011 - 15:13:02 - [6,836] ----D- C:\ProgramData\Sony Ericsson

O43 - CFD: 14/07/2009 - 02:53:56 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 31/12/2011 - 17:21:54 - [0,000] ----D- C:\ProgramData\Sun

O43 - CFD: 01/11/2009 - 01:54:00 - [0] ---AD- C:\ProgramData\TEMP

O43 - CFD: 14/07/2009 - 02:53:56 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 15/12/2011 - 00:16:30 - [0,012] ----D- C:\ProgramData\TOSHIBA

O43 - CFD: 09/04/2011 - 16:42:16 - [0,000] ----D- C:\ProgramData\vsosdk

O43 - CFD: 24/03/2010 - 00:35:06 - [0,000] ----D- C:\ProgramData\WinZip

O43 - CFD: 27/07/2011 - 23:58:06 - [0,517] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}

O43 - CFD: 23/06/2011 - 12:09:50 - [0] ----D- C:\Users\Dario Jr\AppData\Roaming\AccurateRip

O43 - CFD: 16/04/2010 - 02:49:10 - [4,939] ----D- C:\Users\Dario Jr\AppData\Roaming\Adobe

O43 - CFD: 30/07/2011 - 01:05:12 - [439,864] ----D- C:\Users\Dario Jr\AppData\Roaming\Apple Computer

O43 - CFD: 06/01/2012 - 19:24:08 - [0,024] ----D- C:\Users\Dario Jr\AppData\Roaming\Audacity

O43 - CFD: 11/11/2011 - 23:51:32 - [0,408] ----D- C:\Users\Dario Jr\AppData\Roaming\Auslogics

O43 - CFD: 01/11/2009 - 01:32:04 - [1,057] ----D- C:\Users\Dario Jr\AppData\Roaming\Corel

O43 - CFD: 23/11/2011 - 12:39:40 - [0] ----D- C:\Users\Dario Jr\AppData\Roaming\DAEMON Tools Lite

O43 - CFD: 23/06/2011 - 12:09:48 - [0,145] ----D- C:\Users\Dario Jr\AppData\Roaming\EAC

O43 - CFD: 14/02/2010 - 11:41:32 - [0,033] ----D- C:\Users\Dario Jr\AppData\Roaming\Foxit

O43 - CFD: 08/11/2011 - 19:31:56 - [0,000] ----D- C:\Users\Dario Jr\AppData\Roaming\GrabPro

O43 - CFD: 26/12/2011 - 18:39:18 - [0,000] ----D- C:\Users\Dario Jr\AppData\Roaming\gtk-2.0

O43 - CFD: 13/02/2010 - 02:12:54 - [0] ----D- C:\Users\Dario Jr\AppData\Roaming\Identities

O43 - CFD: 13/02/2010 - 02:40:08 - [0] ----D- C:\Users\Dario Jr\AppData\Roaming\InstallShield

O43 - CFD: 28/03/2010 - 18:59:22 - [0,004] ----D- C:\Users\Dario Jr\AppData\Roaming\iSilo

O43 - CFD: 08/10/2010 - 03:07:28 - [0,003] ----D- C:\Users\Dario Jr\AppData\Roaming\Macromedia

O43 - CFD: 28/04/2010 - 18:17:52 - [8,306] ----D- C:\Users\Dario Jr\AppData\Roaming\Malwarebytes

O43 - CFD: 14/07/2009 - 06:52:56 - [0] ----D- C:\Users\Dario Jr\AppData\Roaming\Media Center Programs

O43 - CFD: 13/02/2010 - 21:28:36 - [0,000] ----D- C:\Users\Dario Jr\AppData\Roaming\Media Player Classic

O43 - CFD: 30/07/2011 - 01:01:24 - [5,574] -S--D- C:\Users\Dario Jr\AppData\Roaming\Microsoft

O43 - CFD: 30/01/2012 - 18:20:34 - [0] ----D- C:\Users\Dario Jr\AppData\Roaming\ML

O43 - CFD: 13/02/2010 - 03:11:28 - [29,297] ----D- C:\Users\Dario Jr\AppData\Roaming\Mozilla

O43 - CFD: 13/01/2012 - 11:26:54 - [67,512] ----D- C:\Users\Dario Jr\AppData\Roaming\MyPhoneExplorer

O43 - CFD: 16/03/2010 - 19:49:58 - [1,312] ----D- C:\Users\Dario Jr\AppData\Roaming\Nero

O43 - CFD: 02/01/2012 - 23:10:46 - [5,566] ----D- C:\Users\Dario Jr\AppData\Roaming\Orbit

O43 - CFD: 03/02/2012 - 23:54:44 - [0,002] ----D- C:\Users\Dario Jr\AppData\Roaming\PrimoPDF

O43 - CFD: 18/07/2011 - 14:52:26 - [0,000] ----D- C:\Users\Dario Jr\AppData\Roaming\ProgSense

O43 - CFD: 16/01/2012 - 10:23:22 - [0,029] ----D- C:\Users\Dario Jr\AppData\Roaming\QuickScan

O43 - CFD: 04/01/2012 - 20:55:12 - [2,584] ----D- C:\Users\Dario Jr\AppData\Roaming\Real

O43 - CFD: 26/11/2011 - 12:36:50 - [0,006] ----D- C:\Users\Dario Jr\AppData\Roaming\Rovio

O43 - CFD: 23/11/2011 - 12:39:40 - [1,319] ----D- C:\Users\Dario Jr\AppData\Roaming\Skype

O43 - CFD: 18/07/2011 - 14:49:56 - [0] ----D- C:\Users\Dario Jr\AppData\Roaming\Solveig Multimedia

O43 - CFD: 24/03/2010 - 22:21:24 - [2,730] ----D- C:\Users\Dario Jr\AppData\Roaming\Sonic Solutions

O43 - CFD: 17/10/2011 - 15:27:28 - [25,176] ----D- C:\Users\Dario Jr\AppData\Roaming\Sony

O43 - CFD: 01/02/2012 - 14:33:08 - [2,070] ----D- C:\Users\Dario Jr\AppData\Roaming\Thunderbird

O43 - CFD: 15/12/2011 - 00:23:18 - [0] ----D- C:\Users\Dario Jr\AppData\Roaming\Toshiba

O43 - CFD: 04/02/2012 - 01:03:54 - [5,045] ----D- C:\Users\Dario Jr\AppData\Roaming\uTorrent

O43 - CFD: 18/07/2011 - 15:31:06 - [0] ----D- C:\Users\Dario Jr\AppData\Roaming\Video DVD Maker FREE

O43 - CFD: 18/07/2011 - 17:54:56 - [0,035] ----D- C:\Users\Dario Jr\AppData\Roaming\Vso

O43 - CFD: 13/02/2010 - 12:30:18 - [0] ----D- C:\Users\Dario Jr\AppData\Roaming\WinRAR

O43 - CFD: 16/04/2010 - 02:59:48 - [0,182] ----D- C:\Users\Dario Jr\AppData\Local\Adobe

O43 - CFD: 13/02/2010 - 03:23:40 - [0] ----D- C:\Users\Dario Jr\AppData\Local\Apple

O43 - CFD: 28/07/2011 - 02:18:06 - [77,066] ----D- C:\Users\Dario Jr\AppData\Local\Apple Computer

O43 - CFD: 13/04/2010 - 01:08:10 - [0,029] ----D- C:\Users\Dario Jr\AppData\Local\Ares

O43 - CFD: 25/01/2012 - 19:27:32 - [0,044] ----D- C:\Users\Dario Jr\AppData\Local\BlueStacks

O43 - CFD: 13/02/2010 - 02:12:36 - [0] -SH-D- C:\Users\Dario Jr\AppData\Local\Dados de aplicativos

O43 - CFD: 30/01/2012 - 12:40:26 - [0] ----D- C:\Users\Dario Jr\AppData\Local\Diagnostics

O43 - CFD: 17/10/2011 - 15:25:42 - [8,421] ----D- C:\Users\Dario Jr\AppData\Local\Downloaded Installations

O43 - CFD: 15/01/2012 - 02:50:14 - [0] ----D- C:\Users\Dario Jr\AppData\Local\ElevatedDiagnostics

O43 - CFD: 13/02/2010 - 03:20:26 - [274,215] ----D- C:\Users\Dario Jr\AppData\Local\Google

O43 - CFD: 13/02/2010 - 02:12:36 - [0] -SH-D- C:\Users\Dario Jr\AppData\Local\Histórico

O43 - CFD: 30/01/2012 - 16:27:54 - [25,692] ----D- C:\Users\Dario Jr\AppData\Local\LG Electronics

O43 - CFD: 30/07/2011 - 01:01:14 - [0,001] ----D- C:\Users\Dario Jr\AppData\Local\Macroplant

O43 - CFD: 15/10/2011 - 21:02:34 - [1171,319] ----D- C:\Users\Dario Jr\AppData\Local\Microsoft

O43 - CFD: 28/03/2010 - 21:31:42 - [0,518] ----D- C:\Users\Dario Jr\AppData\Local\Microsoft Games

O43 - CFD: 29/11/2011 - 17:45:20 - [0,187] ----D- C:\Users\Dario Jr\AppData\Local\Microsoft Help

O43 - CFD: 13/02/2010 - 03:11:20 - [42,010] ----D- C:\Users\Dario Jr\AppData\Local\Mozilla

O43 - CFD: 24/04/2011 - 21:39:36 - [0,097] ----D- C:\Users\Dario Jr\AppData\Local\optBeruby

O43 - CFD: 24/04/2011 - 21:39:34 - [0,024] ----D- C:\Users\Dario Jr\AppData\Local\QuickStores

O43 - CFD: 16/08/2011 - 23:19:14 - [0,002] ----D- C:\Users\Dario Jr\AppData\Local\ratDVD

O43 - CFD: 14/02/2010 - 03:32:18 - [0] ----D- C:\Users\Dario Jr\AppData\Local\Real

O43 - CFD: 17/10/2011 - 15:31:00 - [0,020] ----D- C:\Users\Dario Jr\AppData\Local\Sony

O43 - CFD: 03/11/2011 - 23:07:34 - [0,058] ----D- C:\Users\Dario Jr\AppData\Local\Sony Ericsson

O43 - CFD: 05/02/2012 - 00:21:20 - [0,086] ----D- C:\Users\Dario Jr\AppData\Local\temp

O43 - CFD: 13/02/2010 - 02:12:36 - [0] -SH-D- C:\Users\Dario Jr\AppData\Local\Temporary Internet Files

O43 - CFD: 01/02/2012 - 14:33:08 - [0,851] ----D- C:\Users\Dario Jr\AppData\Local\Thunderbird

O43 - CFD: 13/02/2010 - 03:37:28 - [0,006] ----D- C:\Users\Dario Jr\AppData\Local\Toshiba

O43 - CFD: 16/05/2010 - 21:55:14 - [0,000] ----D- C:\Users\Dario Jr\AppData\Local\vdownloader

O43 - CFD: 14/12/2011 - 23:27:04 - [3,761] ----D- C:\Users\Dario Jr\AppData\Local\VirtualStore

O43 - CFD: 28/01/2011 - 20:08:38 - [0,035] ----D- C:\Users\Dario Jr\AppData\Local\Windows Live

O43 - CFD: 24/03/2010 - 00:35:08 - [0,061] ----D- C:\Users\Dario Jr\AppData\Local\WinZip

O43 - CFD: 28/01/2011 - 19:06:14 - [0] ----D- C:\Users\Dario Jr\AppData\Local\{DA2145F5-136E-4FBC-8491-9A80D45D3CE2}

~ Scan Program Folder in 00mn 05s

---\\ Last modified or created files under Windows and System32 (O44)

O44 - LFC:[MD5.F82BFA47E8FC8B467EC495CAEB7D1122] - 04/02/2012 - 23:16:46 ---A- . (...) -- C:\Windows\WindowsUpdate.log [61880]

O44 - LFC:[MD5.7CC762AD28B3A345CF440A4DE9F2083D] - 04/02/2012 - 23:07:08 ---A- . (...) -- C:\Rapport ToolbarShooter.txt [2669]

O44 - LFC:[MD5.D74E3C688AA4F552EB9F55CB8EA67170] - 04/02/2012 - 15:03:34 ---A- . (...) -- C:\Windows\setupact.log [56]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 04/02/2012 - 15:03:34 ---A- . (...) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.22739BD4911D25FFD85C424F2BC5E483] - 04/02/2012 - 15:03:26 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.69BB7541337F6B995268C0AE62C761DB] - 04/02/2012 - 00:04:27 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1491932]

O44 - LFC:[MD5.5C44FF27BD6075D8847862E56B3E6281] - 04/02/2012 - 00:04:27 ---A- . (...) -- C:\Windows\system32\perfc009.dat [103568]

O44 - LFC:[MD5.444C7A1B32839A2454353F3F1342DB5D] - 04/02/2012 - 00:04:27 ---A- . (...) -- C:\Windows\system32\perfh009.dat [607190]

O44 - LFC:[MD5.A472EE22E6D4FCFF90C6BD9F0D417B14] - 04/02/2012 - 00:04:27 ---A- . (...) -- C:\Windows\system32\prfc0416.dat [124922]

O44 - LFC:[MD5.FE33B06460EDF19FF01241DEC7E0A1AA] - 04/02/2012 - 00:04:27 ---A- . (...) -- C:\Windows\system32\prfh0416.dat [654470]

O44 - LFC:[MD5.1BA4E9ADB8FA5BC39AB549E5E13B06F3] - 03/02/2012 - 20:58:15 ---A- . (...) -- C:\AdwCleaner[s1].txt [3470]

O44 - LFC:[MD5.F41E5DED39AFCE993B9E44EFF06FAB67] - 03/02/2012 - 16:18:53 ---A- . (...) -- C:\ComboFix.txt [19566]

O44 - LFC:[MD5.A33584CD1E47A9E43D3DD053B57C865E] - 03/02/2012 - 16:12:19 ---A- . (...) -- C:\Windows\system.ini [272]

O44 - LFC:[MD5.37598CDB7A685878CD2EE6799D5416E7] - 03/02/2012 - 15:49:48 ---A- . (...) -- C:\AdwCleaner[R2].txt [3384]

O44 - LFC:[MD5.EF3874729B9948C64325918118FD9AF5] - 03/02/2012 - 15:48:59 ---A- . (...) -- C:\Gabkiller_supp.txt [1120]

O44 - LFC:[MD5.97DE7307A1CBA8BFFDA15D66356AF1F6] - 03/02/2012 - 01:11:38 ---A- . (...) -- C:\AdwCleaner[R1].txt [3430]

O44 - LFC:[MD5.54D48C29DB77588161F7E6839A475668] - 01/02/2012 - 12:08:58 ---A- . (...) -- C:\Windows\system32\drivers\gas.cer [1398]

O44 - LFC:[MD5.A2410FD14DD6D0274429FCEC75AE1250] - 01/02/2012 - 12:08:58 ---A- . (...) -- C:\Windows\system32\drivers\ndisrd.cat [8524]

O44 - LFC:[MD5.E3626AB6E571F7CF8ADDAC2A6621B39E] - 01/02/2012 - 12:08:58 ---A- . (...) -- C:\Windows\system32\drivers\ndisrd.inf [3633]

O44 - LFC:[MD5.16F95DB8488D196C323B2C09C09F658B] - 01/02/2012 - 12:08:58 ---A- . (...) -- C:\Windows\system32\drivers\ndisrd_m.inf [1814]

O44 - LFC:[MD5.C4A2EC41DFB9619FA3B792EA1E7A4B46] - 01/02/2012 - 12:08:58 ---A- . (.GAS Tecnologia - GbPlugin NDIS Device Driver.) -- C:\Windows\system32\drivers\gbpndisrd.sys [42192]

~ Scan Files in 00mn 02s

---\\ Last files created in Windows Prefetcher (O45)

O45 - LFCP:[MD5.536280BFDBB4E612E91A858AD9786FF7] - 01/02/2012 - 12:05:00 ---A- - C:\Windows\Prefetch\GOOGLECRASHHANDLER.EXE-6EDA53FB.pf

O45 - LFCP:[MD5.7B290524A9A312DB85FE002F1917DD11] - 01/02/2012 - 12:09:09 ---A- - C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf

O45 - LFCP:[MD5.24F56A481DC9FA22E9ABEE334793C9EA] - 01/02/2012 - 13:18:02 ---A- - C:\Windows\Prefetch\JAVA.EXE-E27B75C2.pf

O45 - LFCP:[MD5.E2B21993B54781EA751EAD1E72F807AB] - 02/02/2012 - 21:19:57 ---A- - C:\Windows\Prefetch\MSNMSGR.EXE-9974F251.pf

O45 - LFCP:[MD5.76E1021776F2DFE8E3B55840808057BB] - 02/02/2012 - 21:20:18 ---A- - C:\Windows\Prefetch\WLCOMM.EXE-272FF9F7.pf

O45 - LFCP:[MD5.D66F19A53F1E7E15B1D066F894F969AC] - 03/02/2012 - 12:07:21 ---A- - C:\Windows\Prefetch\MPLAYERC.EXE-AAF9E605.pf

O45 - LFCP:[MD5.47725B472573BC4D0905D62F3426BF70] - 03/02/2012 - 14:05:45 ---A- - C:\Windows\Prefetch\AGCP.EXE-E9B1E8E1.pf

O45 - LFCP:[MD5.5C4408DA28BC2C9775991D003FF68576] - 03/02/2012 - 15:33:41 ---A- - C:\Windows\Prefetch\Layout.ini

O45 - LFCP:[MD5.AD51862F707CC75D1BC3377414695963] - 03/02/2012 - 15:48:45 ---A- - C:\Windows\Prefetch\SEARCHINDEXER.EXE-4A6353B9.pf

O45 - LFCP:[MD5.D46D0B8A5CF5A65868CE5016698330E7] - 03/02/2012 - 16:12:15 ---A- - C:\Windows\Prefetch\DEFMGR.EXE-D7F1B97C.pf

O45 - LFCP:[MD5.E3AA50EBEA6AC186B04DC25E078E31C2] - 03/02/2012 - 16:12:17 ---A- - C:\Windows\Prefetch\BISONHK.EXE-F53ECE98.pf

O45 - LFCP:[MD5.191BBEFD03101E386AC9E6EE9DD2CF7B] - 03/02/2012 - 16:12:19 ---A- - C:\Windows\Prefetch\RTHDVCPL.EXE-B116E9FD.pf

O45 - LFCP:[MD5.E43292D69D616317FE88B20DA6A4E595] - 03/02/2012 - 16:12:26 ---A- - C:\Windows\Prefetch\ITSECMNG.EXE-E90CEC34.pf

O45 - LFCP:[MD5.8EB5E30C8E5B47AA5C350B1FA2755957] - 03/02/2012 - 16:12:28 ---A- - C:\Windows\Prefetch\TOSBTMNG.EXE-0F82C6A8.pf

O45 - LFCP:[MD5.BDE9624A99F2B35D2908A1950B95FDD2] - 03/02/2012 - 16:12:29 ---A- - C:\Windows\Prefetch\SIDEBAR.EXE-FA75EA61.pf

O45 - LFCP:[MD5.60D1971E5003424AC9A0EF8F9F4E8E3E] - 03/02/2012 - 16:12:39 ---A- - C:\Windows\Prefetch\WMPNETWK.EXE-D9F2A96F.pf

O45 - LFCP:[MD5.3A167B8E1CB0F0684EC08A1AC353CBF5] - 03/02/2012 - 16:12:41 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-007FEA55.pf

O45 - LFCP:[MD5.E2DC0CA35080305ED551C7C549ECEC83] - 03/02/2012 - 21:02:14 ---A- - C:\Windows\Prefetch\APPLEMOBILEDEVICESERVICE.EXE-CCCE4FAC.pf

O45 - LFCP:[MD5.B1BBB695FDA30ADC9922313749275B1E] - 03/02/2012 - 22:18:49 ---A- - C:\Windows\Prefetch\SNDVOL.EXE-5D4CC7D6.pf

O45 - LFCP:[MD5.2667A2303ABB86CC997CB243669CABC9] - 03/02/2012 - 22:54:10 ---A- - C:\Windows\Prefetch\JAVAWS.EXE-5FA6EB7C.pf

O45 - LFCP:[MD5.9BA24D359284E6457A5F006EA7BA6A52] - 03/02/2012 - 22:54:53 ---A- - C:\Windows\Prefetch\PRIMORUN.EXE-AF7E1DD9.pf

O45 - LFCP:[MD5.13737D000EBAC295C93F5839504F0D96] - 03/02/2012 - 22:54:56 ---A- - C:\Windows\Prefetch\PRIMOPDF.EXE-5637A63A.pf

O45 - LFCP:[MD5.79609D52D6F5F64780DA9C9AAE94C31D] - 03/02/2012 - 22:55:10 ---A- - C:\Windows\Prefetch\ACRORD32.EXE-172CF576.pf

O45 - LFCP:[MD5.8C20A46AF97D59BFA13B01252942F5B7] - 03/02/2012 - 22:56:47 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-4F28A26F.pf

O45 - LFCP:[MD5.0C0A341FD4458ECECB79565FDDDE278C] - 04/02/2012 - 00:02:06 ---A- - C:\Windows\Prefetch\WUDFHOST.EXE-AFFEF87C.pf

O45 - LFCP:[MD5.6B0504551D27A2261C5D835F6178AE64] - 04/02/2012 - 00:02:33 ---A- - C:\Windows\Prefetch\AXSHLEXHLPER.EXE-A70B8881.pf

O45 - LFCP:[MD5.F9DE0FB9A00CD2872352DAD49C65F48C] - 04/02/2012 - 00:05:54 ---A- - C:\Windows\Prefetch\PfSvPerfStats.bin

O45 - LFCP:[MD5.AD0F6A0D659F0CC42AA932A17592B4F2] - 04/02/2012 - 15:05:57 ---A- - C:\Windows\Prefetch\AVAST.SETUP-3DA1C849.pf

O45 - LFCP:[MD5.748AAB206874CD82387B6DBCB9CE5604] - 04/02/2012 - 15:05:57 ---A- - C:\Windows\Prefetch\SPOOLSV.EXE-D1F6B8B6.pf

O45 - LFCP:[MD5.0A7218152A8081AE3226AB6792EF1AE2] - 04/02/2012 - 15:05:57 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-FEDB32D0.pf

O45 - LFCP:[MD5.6C89964F67B7C5EAFE71B20FC714875B] - 04/02/2012 - 15:05:57 ---A- - C:\Windows\Prefetch\TOSBTAVAC.EXE-72B919D5.pf

O45 - LFCP:[MD5.E6AF0273F2EFC88FDA363458C8AA3082] - 04/02/2012 - 15:05:59 ---A- - C:\Windows\Prefetch\BTASSIST.EXE-13109403.pf

O45 - LFCP:[MD5.B109F375A84349C435EA4FA78143BFE3] - 04/02/2012 - 15:05:59 ---A- - C:\Windows\Prefetch\REMODEM.EXE-968D75EF.pf

O45 - LFCP:[MD5.1C5155B0C32DB5D02DA7704D8738C214] - 04/02/2012 - 15:06:08 ---A- - C:\Windows\Prefetch\TOSHDPPROC.EXE-D8889C48.pf

O45 - LFCP:[MD5.49884FB1A1B4EC26E2E9E547A1C196B0] - 04/02/2012 - 15:06:09 ---A- - C:\Windows\Prefetch\TOSBTHSP.EXE-33C4BF7D.pf

O45 - LFCP:[MD5.F6A4C5F4FF9DEFC3D29A91092F7C1975] - 04/02/2012 - 15:06:19 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-C871F054.pf

O45 - LFCP:[MD5.A937195C8D4BB578C8AFA1A40B62C75F] - 04/02/2012 - 15:07:41 ---A- - C:\Windows\Prefetch\MBAMSERVICE.EXE-447DC311.pf

O45 - LFCP:[MD5.4BC98B646992898A1EEA5A7BE487E6AD] - 04/02/2012 - 15:07:41 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-05F624AB.pf

O45 - LFCP:[MD5.4C7FA75629F6C77E461B8D10CB940A60] - 04/02/2012 - 15:09:07 ---A- - C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf

O45 - LFCP:[MD5.CF8F3829DD085799AF38B140399D8952] - 04/02/2012 - 15:13:03 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-DE9673F9.pf

O45 - LFCP:[MD5.DB1411409E4EA0F26F6D5DC65CFD1318] - 04/02/2012 - 15:14:48 ---A- - C:\Windows\Prefetch\TOSBTPSS.EXE-75C268B4.pf

O45 - LFCP:[MD5.EBB73614ECBA4A46985F727E869B7C22] - 04/02/2012 - 22:33:16 ---A- - C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf

O45 - LFCP:[MD5.6171A5FCC4FA74A65A553F2AB9EBDF57] - 04/02/2012 - 22:34:04 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-40DD444D.pf

O45 - LFCP:[MD5.6E9B546FCBF3FDBD78968385CCD043C0] - 04/02/2012 - 22:34:04 ---A- - C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf

O45 - LFCP:[MD5.2914594EBF1EB832937AD8E433E7F929] - 04/02/2012 - 22:34:08 ---A- - C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf

O45 - LFCP:[MD5.412609E9F2D3DA1D741E7EECE4C12037] - 04/02/2012 - 22:34:30 ---A- - C:\Windows\Prefetch\LongTermHist.db.bt

O45 - LFCP:[MD5.2A8E3990E191468615BB977CA48C8909] - 04/02/2012 - 22:34:30 ---A- - C:\Windows\Prefetch\LongTermHist.db.dx

O45 - LFCP:[MD5.1EF59B005E8FE2454274C9B70BC6740C] - 04/02/2012 - 22:34:31 ---A- - C:\Windows\Prefetch\LongTermHist.db

O45 - LFCP:[MD5.952CE5CE4397C76DFEB4C4A455CA6B2F] - 04/02/2012 - 22:35:17 ---A- - C:\Windows\Prefetch\AgCx_SC2.db

O45 - LFCP:[MD5.461E4B7D7E10ACCD335FC096AE5D994F] - 04/02/2012 - 22:39:44 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2014276812-2303388161-280020652-1000.db

O45 - LFCP:[MD5.06BA0B14C125026F2836E4EC4E444CD4] - 04/02/2012 - 22:39:44 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2014276812-2303388161-280020652-1000.db

O45 - LFCP:[MD5.BBE9C683950AB4095875DD54FDE0B85E] - 04/02/2012 - 22:52:58 ---A- - C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf

O45 - LFCP:[MD5.BC2D6BFB299CA8361D74A42225430304] - 04/02/2012 - 22:52:58 ---A- - C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf

O45 - LFCP:[MD5.DF74E0374846C36C9EEF72538703C867] - 04/02/2012 - 22:54:29 ---A- - C:\Windows\Prefetch\AVASTUI.EXE-6398125B.pf

O45 - LFCP:[MD5.38BE2F46DC8FC1ED1A1E6B46AF72BFFB] - 04/02/2012 - 22:58:16 ---A- - C:\Windows\Prefetch\CHROME.EXE-5CE23033.pf

O45 - LFCP:[MD5.540D34FE169D422AABF1E7E4A6D128F9] - 04/02/2012 - 23:01:06 ---A- - C:\Windows\Prefetch\CCLEANER.EXE-D4D76A60.pf

O45 - LFCP:[MD5.B15F4D6063694B470E4F95D42D8DBDE3] - 04/02/2012 - 23:03:34 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-BF41066B.pf

O45 - LFCP:[MD5.DB65889735D482352A149C3571024BB5] - 04/02/2012 - 23:19:01 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-1070971C.pf

O45 - LFCP:[MD5.AD66993C81B13FCF855A29A3E69194B5] - 04/02/2012 - 23:26:48 ---A- - C:\Windows\Prefetch\ACRORD32INFO.EXE-1C0557AA.pf

O45 - LFCP:[MD5.D421189060ADA2098AF31081A1C7FF05] - 04/02/2012 - 23:56:28 ---A- - C:\Windows\Prefetch\WINRAR.EXE-94E7D80C.pf

O45 - LFCP:[MD5.C547E60352C6A525BF3C0AB6CEBC71D3] - 04/02/2012 - 23:57:07 ---A- - C:\Windows\Prefetch\WMPSHARE.EXE-90B956F1.pf

O45 - LFCP:[MD5.9AB896AA89974973737D0CA86A8B09B1] - 04/02/2012 - 23:57:11 ---A- - C:\Windows\Prefetch\WMPLAYER.EXE-BAD6BD53.pf

O45 - LFCP:[MD5.51F3B5D100A37B1AA24941A59508E001] - 05/02/2012 - 23:05:09 ---A- - C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf

O45 - LFCP:[MD5.1DBA0516B114CB4E254D90D15864F819] - 05/02/2012 - 23:05:09 ---A- - C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf

O45 - LFCP:[MD5.13847BF3EDBF0F93CB1276BDD53C495F] - 05/02/2012 - 23:06:56 ---A- - C:\Windows\Prefetch\REG.EXE-E7E8BD26.pf

O45 - LFCP:[MD5.B5861E8EAA5CD5D900E9E08EE8A1F8FF] - 05/02/2012 - 23:07:19 ---A- - C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf

O45 - LFCP:[MD5.1231643E6AE51A60607D02050091C724] - 05/02/2012 - 23:08:15 ---A- - C:\Windows\Prefetch\WINWORD.EXE-C91725A1.pf

O45 - LFCP:[MD5.0EFB4A6B4961514C165E4CBAA195588D] - 05/02/2012 - 23:09:15 ---A- - C:\Windows\Prefetch\AgGlFaultHistory.db

O45 - LFCP:[MD5.1C72CDB97B68155D49DC89AD9EE45C2D] - 05/02/2012 - 23:09:15 ---A- - C:\Windows\Prefetch\AgGlFgAppHistory.db

O45 - LFCP:[MD5.BF8CC7B4515AA588901772ED2D53CCE5] - 05/02/2012 - 23:09:15 ---A- - C:\Windows\Prefetch\AgGlGlobalHistory.db

O45 - LFCP:[MD5.87DE3F3B038610A08AAF5AE5B9D353A6] - 05/02/2012 - 23:09:15 ---A- - C:\Windows\Prefetch\AgRobust.db

O45 - LFCP:[MD5.1E1172C41CA929F6375C49F70E7B02BE] - 05/02/2012 - 23:09:48 ---A- - C:\Windows\Prefetch\EXPLORER.EXE-A80E4F97.pf

O45 - LFCP:[MD5.DB39BF69FE563FFEA332E3CFF42661BF] - 05/02/2012 - 23:10:00 ---A- - C:\Windows\Prefetch\GOOGLEUPDATE.EXE-B5050E1E.pf

O45 - LFCP:[MD5.C0B0F800A329CCB1A91EBD459A073CE3] - 05/02/2012 - 23:10:10 ---A- - C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf

O45 - LFCP:[MD5.0D5B5FBF9655614F66D8022A831D2077] - 05/02/2012 - 23:10:56 ---A- - C:\Windows\Prefetch\FIREFOX.EXE-A606B53C.pf

O45 - LFCP:[MD5.B86B553A1B30A677BDF90FCB4E7CE2B2] - 05/02/2012 - 23:11:12 ---A- - C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-7226D1F8.pf

O45 - LFCP:[MD5.63677E4E20E3BB8860867D3CA02E010D] - 05/02/2012 - 23:13:40 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf

O45 - LFCP:[MD5.C5F6EFCC8F930220D8522CC8C51DEF3E] - 05/02/2012 - 23:13:43 ---A- - C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf

O45 - LFCP:[MD5.FBD89F22006AFECC0329837DDAE9F2A8] - 05/02/2012 - 23:13:43 ---A- - C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf

O45 - LFCP:[MD5.BF8052777A0E48F8CB1B7903E58FCFF2] - 05/02/2012 - 23:25:25 ---A- - C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf

O45 - LFCP:[MD5.7F6CF13F7753829A93727D7E75B3E9DE] - 05/02/2012 - 23:25:30 ---A- - C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf

O45 - LFCP:[MD5.7F9181AF8F19D5330D3C780379C364FA] - 05/02/2012 - 23:25:33 ---A- - C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf

O45 - LFCP:[MD5.4A98E491E8610DB9645A63C2A0365152] - 05/02/2012 - 23:26:09 ---A- - C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf

O45 - LFCP:[MD5.A8C564C204152F15A952D309340AC52C] - 05/02/2012 - 23:26:30 ---A- - C:\Windows\Prefetch\S3LOADSV.SVC-950C7BEF.pf

O45 - LFCP:[MD5.9DC3A506BAE60794DE539BDF6BC976B5] - 05/02/2012 - 23:26:31 ---A- - C:\Windows\Prefetch\S3FUNKEY.SVC-1075E5D4.pf

O45 - LFCP:[MD5.227EBC26C44D11D06F047C4566C1A166] - 05/02/2012 - 23:26:43 ---A- - C:\Windows\Prefetch\SCHTASKS.EXE-5CA45734.pf

O45 - LFCP:[MD5.079F1F77D6C64368D9FF0221465379E6] - 16/01/2012 - 07:25:04 ---A- - C:\Windows\Prefetch\SILVERLIGHT.CONFIGURATION.EXE-0E511FF1.pf

O45 - LFCP:[MD5.DA27650D78AC328C3C08BF3EC543E22D] - 16/01/2012 - 09:05:52 ---A- - C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf

O45 - LFCP:[MD5.4D457DEA3E44DE2766FF33307928A020] - 16/01/2012 - 09:06:00 ---A- - C:\Windows\Prefetch\MBAM.EXE-305FF92C.pf

O45 - LFCP:[MD5.8F2B7FBB47A5E187B05C289F70569907] - 18/01/2012 - 08:48:42 ---A- - C:\Windows\Prefetch\WINZIP32.EXE-C4F1E224.pf

O45 - LFCP:[MD5.2B46C4E8039E7DFB1C6E676FD012A574] - 18/01/2012 - 09:33:30 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-9E77C4DD.pf

O45 - LFCP:[MD5.A70FA1ACF88F1AC861F1BFDCE1A35C3A] - 19/01/2012 - 18:10:27 ---A- - C:\Windows\Prefetch\SF.BIN-95344F7B.pf

O45 - LFCP:[MD5.1270ECDE89131D644E01581B1F9C1DFE] - 19/01/2012 - 18:46:16 ---A- - C:\Windows\Prefetch\SOUNDRECORDER.EXE-9865DC1B.pf

O45 - LFCP:[MD5.BEF2BC2379A501889B8AB121DF9329CF] - 19/01/2012 - 18:48:06 ---A- - C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf

O45 - LFCP:[MD5.8A4AAF2E43959FFA0AD20DC4A52C31F3] - 19/01/2012 - 18:48:16 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-98A1AB93.pf

O45 - LFCP:[MD5.710FC8E9142FEBE2FDA286856570DD99] - 23/01/2012 - 07:02:36 ---A- - C:\Windows\Prefetch\SF.BIN-5D4F91EF.pf

O45 - LFCP:[MD5.B480A15CD3591DEE5FEAF800FEEB654C] - 23/01/2012 - 07:42:06 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-F8247785.pf

O45 - LFCP:[MD5.DD7A3D8E1B09101497ECA2DB8AC4A052] - 23/01/2012 - 11:26:00 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-D476F14D.pf

O45 - LFCP:[MD5.1EAA3E7A586060AC4B8C8F6B118CA837] - 24/01/2012 - 09:56:10 ---A- - C:\Windows\Prefetch\SF.BIN-20F37369.pf

O45 - LFCP:[MD5.10F9184856E2EDB98BE821FF6931D7F3] - 25/01/2012 - 18:01:55 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-AE64D343.pf

O45 - LFCP:[MD5.74706D95EC5228CED1C8CE8D243D22DA] - 25/01/2012 - 18:15:17 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-CE87A2CB.pf

O45 - LFCP:[MD5.32FD45B8CC63D13005C647DD8152C49D] - 25/01/2012 - 18:15:19 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B3BB4F66.pf

O45 - LFCP:[MD5.CCE9F470F50C5BB24A202983E933693E] - 25/01/2012 - 18:15:20 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-B884EADC.pf

O45 - LFCP:[MD5.3D5004D60A7C4DF5FF48D48C3E52641B] - 25/01/2012 - 18:15:21 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-7B33014B.pf

O45 - LFCP:[MD5.2480B4FA34CB17249B6E2668F50403FA] - 25/01/2012 - 18:15:21 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-9F8B10AE.pf

O45 - LFCP:[MD5.97BDF02C1CF163F20010840B457970FA] - 25/01/2012 - 18:15:22 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-66A660F3.pf

O45 - LFCP:[MD5.B8DCE0B088D4406A0182BEEB0A32FD21] - 25/01/2012 - 18:15:24 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-490823AF.pf

O45 - LFCP:[MD5.02F1C3019395AA0B72F38375B4C0C05C] - 25/01/2012 - 18:15:46 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-D77064F0.pf

O45 - LFCP:[MD5.A37CB7ECF2AA67BCE0B489A70CFA44F3] - 25/01/2012 - 18:15:50 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-ADCDFF5B.pf

O45 - LFCP:[MD5.CEC00A80C9908780014EC6F4845C4131] - 25/01/2012 - 18:15:52 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-7B20AA83.pf

O45 - LFCP:[MD5.109E511048F1AD48946CFFD2958F391D] - 25/01/2012 - 18:15:54 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-CC198D20.pf

O45 - LFCP:[MD5.4092275B3BCF44D505B545F422B1A3CD] - 25/01/2012 - 18:16:00 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-9F5D8018.pf

O45 - LFCP:[MD5.E79A20DE067985C49F810013460E760E] - 25/01/2012 - 18:16:06 ---A- - C:\Windows\Prefetch\HD-AGENT.EXE-2FDE746B.pf

O45 - LFCP:[MD5.C91B9EC5E0BA5F06E2BBCBF3FDE64A22] - 25/01/2012 - 18:16:09 ---A- - C:\Windows\Prefetch\HD-SERVICE.EXE-0A5B1B8D.pf

O45 - LFCP:[MD5.7B36CECB7F933AD01BBB4EB342997B1C] - 25/01/2012 - 18:16:11 ---A- - C:\Windows\Prefetch\HD-BLOCKDEVICE.EXE-45FF6CDF.pf

O45 - LFCP:[MD5.7D572CB602516A31312B5F9CA9693409] - 25/01/2012 - 18:16:13 ---A- - C:\Windows\Prefetch\HD-NETWORK.EXE-9B4EE6CA.pf

O45 - LFCP:[MD5.18C6FC996A7C599355B6D2CD5FC4D10F] - 25/01/2012 - 18:25:07 ---A- - C:\Windows\Prefetch\UNZIP.EXE-C84A41F1.pf

O45 - LFCP:[MD5.22BF67774708DD6FB264DD0DD887880E] - 25/01/2012 - 18:25:36 ---A- - C:\Windows\Prefetch\HD-FRONTEND.EXE-F4FA1040.pf

O45 - LFCP:[MD5.64E5A90D5D1D838DC1812B719165178C] - 25/01/2012 - 18:27:17 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-FBF4DE32.pf

O45 - LFCP:[MD5.E59A7AC260B894931D156C8E1B7AEA8D] - 25/01/2012 - 18:27:19 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-55C3C914.pf

O45 - LFCP:[MD5.791484EAC8ED3F067C25F9C506D58CFD] - 25/01/2012 - 18:27:22 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-EA48C804.pf

O45 - LFCP:[MD5.D9BA1D3E8619928EF0EB065C1AE8D79A] - 25/01/2012 - 18:27:23 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-F8F66BFB.pf

O45 - LFCP:[MD5.33A6905A472C60EDEBC956B5663A227B] - 25/01/2012 - 18:27:25 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-1CE458A3.pf

O45 - LFCP:[MD5.4A8FE9F42557E1FA68AA6FD17425E708] - 25/01/2012 - 18:27:26 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-BF2B422E.pf

O45 - LFCP:[MD5.C72AD9A5BE942CD3642C22F1C5559EA2] - 25/01/2012 - 18:27:26 ---A- - C:\Windows\Prefetch\SC.EXE-945D79AE.pf

O45 - LFCP:[MD5.E301E68AA0E3DDE325E77DA1D26084CA] - 25/01/2012 - 18:27:33 ---A- - C:\Windows\Prefetch\NGEN.EXE-3CFD6908.pf

O45 - LFCP:[MD5.098C1F9915FA828C0DFEA0295E8AA0F9] - 26/01/2012 - 18:26:28 ---A- - C:\Windows\Prefetch\MSCORSVW.EXE-90526FAC.pf

O45 - LFCP:[MD5.F2621C645952D457CF77EE1C2A4D556A] - 26/01/2012 - 23:03:35 ---A- - C:\Windows\Prefetch\SF.BIN-E99F1673.pf

O45 - LFCP:[MD5.9CD65F4A8910F0464E701FDA5E746E6F] - 29/01/2012 - 15:42:37 ---A- - C:\Windows\Prefetch\JP2LAUNCHER.EXE-7C1F11C1.pf

O45 - LFCP:[MD5.F321488617B18FFF43C1A5AFF5957447] - 29/01/2012 - 22:53:12 ---A- - C:\Windows\Prefetch\AgCx_SC1.db.trx

O45 - LFCP:[MD5.AEE3A39918665460D36A459856703D42] - 29/01/2012 - 22:54:12 ---A- - C:\Windows\Prefetch\AgCx_SC1.db

O45 - LFCP:[MD5.714472DDCD63EA02E51520F67613920C] - 30/01/2012 - 11:39:59 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf

O45 - LFCP:[MD5.666A48F2B9D0DEF42C2CCD766B58E485] - 30/01/2012 - 14:45:38 ---A- - C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf

O45 - LFCP:[MD5.481F7AC845D63B19E114B0EA9AFF19CC] - 30/01/2012 - 14:56:57 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6EB01457.pf

O45 - LFCP:[MD5.47A7ACD62C5CB66DA4B0D16E6C2BA7F9] - 30/01/2012 - 15:10:26 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-D2DE1108.pf

O45 - LFCP:[MD5.0BCE37D5C3AD8CC350B6A5602DE086A8] - 30/01/2012 - 16:42:13 ---A- - C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf

O45 - LFCP:[MD5.7149277DDEE494C98E1E56D66E96A076] - 30/01/2012 - 16:58:14 ---A- - C:\Windows\Prefetch\DINOTIFY.EXE-35A869D6.pf

O45 - LFCP:[MD5.CCDAF798B08AA7B1F616F1595A10C32F] - 30/01/2012 - 17:39:13 ---A- - C:\Windows\Prefetch\DEVICEDISPLAYOBJECTPROVIDER.E-17410B90.pf

O45 - LFCP:[MD5.5FF75B15CEE747EE78884C2B368D8110] - 31/01/2012 - 09:36:42 ---A- - C:\Windows\Prefetch\JUSCHED.EXE-D10FBD13.pf

O45 - LFCP:[MD5.9ABE32350B97B9907E483FBCADF033B0] - 31/01/2012 - 09:36:42 ---A- - C:\Windows\Prefetch\MBAMGUI.EXE-4FE652ED.pf

O45 - LFCP:[MD5.3F5517D49D3466E237D527E8E5A50872] - 31/01/2012 - 11:58:55 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf

O45 - LFCP:[MD5.E53021CFE42986B9CCD755BB6CE411E7] - 31/01/2012 - 12:50:33 ---A- - C:\Windows\Prefetch\MPLAYERC.EXE-9E5CA335.pf

O45 - LFCP:[MD5.507CFB7A7CD0DEA9776A70C10C943261] - 31/01/2012 - 13:06:00 ---A- - C:\Windows\Prefetch\RUNDLL32.EXE-6249C3D8.pf

~ Scan Prefetcher in 00mn 00s

---\\ Export authorized application key (O47)

O47 - AAKE:Key Export SP - "C:\Program Files\Orbitdownloader\orbitdm.exe" [Enabled] .(.Orbitdownloader.com - Orbit Downloader.) -- C:\Program Files\Orbitdownloader\orbitdm.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Orbitdownloader\orbitnet.exe" [Enabled] .(.Orbitdownloader.com - P2P service of Orbit Downloader.) -- C:\Program Files\Orbitdownloader\orbitnet.exe

~ Scan Keys in 00mn 00s

---\\ Local Security Authority-LSA Deny (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Mecanismo cliente do 'Editor de configuração de segurança Windows'.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pacote de Segurança Kerberos.) -- C:\Windows\System32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll

~ Scan Keys in 00mn 00s

---\\ Safe Boot Control (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Driver de Extensão do Gerenciador de Volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

---\\ MountPoints2 Shell Key (MPKS) (O51) (None)

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"vidc.i420"="i420vfw.dll" . (.www.helixcommunity.org - Helix I420 YUV Codec.) -- C:\Windows\System32\i420vfw.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"VIDC.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\Windows\System32\divx.dll

O52 - TDSD: \Drivers32\"VIDC.XVID"="xvidvfw.dll" . (...) -- C:\Windows\System32\xvidvfw.dll

O52 - TDSD: \Drivers32\"VIDC.YV12"="yv12vfw.dll" . (.www.helixcommunity.org - Helix YV12 YUV Codec.) -- C:\Windows\System32\yv12vfw.dll

O52 - TDSD: \Drivers32\"msacm.ac3acm"="ac3acm.acm" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm

O52 - TDSD: \Drivers32\"msacm.lameacm"="lameACM.acm" . (.http://www.mp3dev.org/ - Lame MP3 codec engine.) -- C:\Windows\System32\lameACM.acm

O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (...) -- C:\Windows\System32\ff_vfw.dll

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"msacm.msg723"="msg723.acm" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"msacm.msaudio1"="msaud32.acm" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"msacm.voxacm160"="vct3216.acm" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\System32\ir50_32.dll

O52 - TDSD: \Drivers32\"vidc.mp42"="MPG4C32.dll" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Intel® Corporation - No comment.) -- C:\Windows\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Intel® Corporation - No comment.) -- C:\Windows\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\Windows\System32\ir41_32.ax

O52 - TDSD: \Drivers32\"vidc.M263"="msh263.drv" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"vidc.M261"="msh261.drv" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"vidc.VP70"="vp7vfw.dll" . (.On2.com - VP70 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\System32\vp7vfw.dll

O52 - TDSD: \Drivers32\"vidc.X264"="x264vfw.dll" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"vidc.VP60"="vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\System32\vp6vfw.dll

O52 - TDSD: \Drivers32\"vidc.VP61"="vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\System32\vp6vfw.dll

O52 - TDSD: \Drivers32\"vidc.VP62"="vp6vfw.dll" . (.On2.com - VP6 VIDEO FOR WINDOWS CODEC.) -- C:\Windows\System32\vp6vfw.dll

O52 - TDSD: \Drivers32\"VIDC.WMV3"="wmv9vcm.dll" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"VIDC.VP40"="vp4vfw.dll" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"VIDC.FPS1"="frapsvid.dll" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"VIDC.DRAW"="DVIDEO.DLL" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"VIDC.MSUD"="msulvc05.dll" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\\Windows\\system32\\iac25_32.ax" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"vidc.LAGS"="lagarith.dll" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"vidc.CSCD"="camcodec.dll" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"vidc.IPJ2"="jp2avi.dll" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"VIDC.FMVC"="fmcodec.dll" . (.Fox Magic Software - FM Screen Capture Codec (VFW).) -- C:\Windows\System32\fmcodec.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"divx.dll"="DivX 6.8.4" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec v1.2-dev" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"lameACM.acm"="Lame ACM MP3 CODEC v3.98" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"ac3acm.acm"="AC-3 ACM Codec" . (.fccHandler - AC-3 ACM Codec.) -- C:\Windows\System32\ac3acm.acm

O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\Windows\System32\ff_vfw.dll

~ Scan Keys in 00mn 00s

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

O53 - SMSR:HKLM\...\startupreg\AlcoholAutomount [Key] . (.Alcohol Soft Development Team - Alcohol Virual Drive Auto-mount Service.) -- C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe

O53 - SMSR:HKLM\...\startupreg\Google Update [Key] . (.Google Inc. - Google Installer.) -- C:\Users\Dario Jr\AppData\Local\Google\Update\GoogleUpdate.exe

O53 - SMSR:HKLM\...\startupreg\ITSecMng [Key] . (.TOSHIBA CORPORATION - IT Security Manager for Toshiba Stack.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe

O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe

O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

~ Scan SMSR Keys in 00mn 00s

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0

O55 - MWPS:[HKCU\...\Policies\System] - "disableregistrytools"=0

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0

~ Scan Keys in 00mn 00s

---\\ System Drivers List (SDL) (O58)

O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 13/07/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422976]

O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 13/07/2009 - 22:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297552]

O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 13/07/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [146512]

O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 13/07/2009 - 22:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14400]

O58 - SDL:[MD5.2101A86C25C154F8314B24EF49D7FBC2] - 13/07/2009 - 22:26:15 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [79952]

O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 13/07/2009 - 22:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\system32\drivers\amdsbs.sys [159312]

O58 - SDL:[MD5.B81C2B5616F6420A9941EA093A92B150] - 13/07/2009 - 22:26:15 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [23616]

O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 13/07/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [76368]

O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 13/07/2009 - 22:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [86608]

O58 - SDL:[MD5.054DF24C92B55427E0757CFFF160E4F2] - 28/11/2011 - 14:51:50 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [20568]

O58 - SDL:[MD5.258143605E77E4008F1758481D6A977D] - 28/11/2011 - 14:52:07 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [55128]

O58 - SDL:[MD5.352D5A48EBAB35A7693B048679304831] - 28/11/2011 - 14:52:19 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [34392]

O58 - SDL:[MD5.8D34D2B24297E27D93E847319ABFDEC4] - 28/11/2011 - 14:53:53 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [435032]

O58 - SDL:[MD5.010012597333DA1F46C3243F33F8409E] - 28/11/2011 - 14:53:35 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [314456]

O58 - SDL:[MD5.F9F84364416658E9786235904D448D37] - 28/11/2011 - 14:52:16 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [52952]

O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 13/07/2009 - 19:02:49 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60x.sys [229888]

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 13/07/2009 - 19:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 13/07/2009 - 19:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]

O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 13/07/2009 - 21:57:25 ---A- . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [272128]

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 13/07/2009 - 19:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 13/07/2009 - 19:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 13/07/2009 - 19:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]

O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 13/07/2009 - 19:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbdx.sys [430080]

O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 13/07/2009 - 22:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [15952]

O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 13/07/2009 - 22:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [70720]

O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 13/07/2009 - 22:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [453712]

O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 13/07/2009 - 19:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbdx.sys [3100160]

O58 - SDL:[MD5.98149DB90FB1425E904E9724F4FDE9C5] - 21/12/2011 - 15:32:06 ---A- . (.GAS Tecnologia - GbPlugin Device Driver.) -- C:\Windows\system32\drivers\gbpkm.sys [45896]

O58 - SDL:[MD5.C4A2EC41DFB9619FA3B792EA1E7A4B46] - 01/02/2012 - 12:08:58 ---A- . (.GAS Tecnologia - GbPlugin NDIS Device Driver.) -- C:\Windows\system32\drivers\gbpndisrd.sys [42192]

O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 13:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]

O58 - SDL:[MD5.007AEA2E06E7CEF7372E40C277163959] - 17/10/2011 - 14:20:33 ---A- . (.Sony Ericsson Mobile Communications - SEMC USB Flash Driver Filter.) -- C:\Windows\system32\drivers\ggflt.sys [13224]

O58 - SDL:[MD5.C73DE35960CA75C5AB4AE636B127C64E] - 17/10/2011 - 14:20:33 ---A- . (.Sony Ericsson Mobile Communications - SEMC USB Flash Driver.) -- C:\Windows\system32\drivers\ggsemc.sys [25512]

O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 19:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [26624]

O58 - SDL:[MD5.48ED16C0C98C950843E673EEEE02AC94] - 18/05/2010 - 10:25:52 ---A- . (.Paragon Software Group - A part of Paragon System Utilities.) -- C:\Windows\system32\drivers\hotcore3.sys [40560]

O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 13/07/2009 - 22:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [67152]

O58 - SDL:[MD5.934AF4D7C5F457B9F0743F4299B77B67] - 13/07/2009 - 22:20:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys [332352]

O58 - SDL:[MD5.C7FEE838FD0216EE0AD3D765AB4F40F4] - 13/08/2009 - 14:48:00 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [5946368]

O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 13/07/2009 - 22:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41040]

O58 - SDL:[MD5.3E59DF4984FBD6800D6621480B38A34E] - 07/12/2010 - 13:22:58 ---A- . (.LG Electronics Inc. - LGE Android Platform Driver.) -- C:\Windows\system32\drivers\lgandbus.sys [14336]

O58 - SDL:[MD5.8E0BF6F3B2C9C292BC7CE0DE727CDD56] - 07/12/2010 - 13:23:00 ---A- . (.LG Electronics Inc. - LGE Android Platform Driver.) -- C:\Windows\system32\drivers\lganddiag.sys [20736]

O58 - SDL:[MD5.1D2C90E25483363D54B652898BBC8F2A] - 07/12/2010 - 13:23:00 ---A- . (.LG Electronics Inc. - LGE Android Platform Driver.) -- C:\Windows\system32\drivers\lgandgps.sys [20096]

O58 - SDL:[MD5.B1B06A95DA2CAC7FA19832C60C348C85] - 07/12/2010 - 13:23:00 ---A- . (.LG Electronics Inc. - LGE Android Platform Driver.) -- C:\Windows\system32\drivers\lgandmodem.sys [25088]

O58 - SDL:[MD5.1D038CA6C529203087A990E5E97887B4] - 29/09/2009 - 07:11:20 ---A- . (.LG Electronics Inc. - LG BT Bus Enumerator.) -- C:\Windows\system32\drivers\lgbtbus.sys [10496]

O58 - SDL:[MD5.4DD47B5AF0B24871EBB9EFC012A7474E] - 29/09/2009 - 07:11:22 ---A- . (.LG Electronics Inc. - LG Bluetooth Transport Driver.) -- C:\Windows\system32\drivers\lgbtport.sys [12160]

O58 - SDL:[MD5.26F1976A330195D62A6224C76968CF0D] - 29/09/2009 - 07:11:20 ---A- . (.LG Electronics Inc. - LG Virtual Modem Driver.) -- C:\Windows\system32\drivers\lgvmodem.sys [12928]

O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 13/07/2009 - 22:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [95824]

O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 13/07/2009 - 22:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89168]

O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 13/07/2009 - 22:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [54864]

O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 13/07/2009 - 22:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96848]

O58 - SDL:[MD5.B7CA8CC3F978201856B6AB82F40953C3] - 10/12/2011 - 14:24:06 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20464]

O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 13/07/2009 - 22:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\system32\drivers\megasas.sys [30800]

O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 13/07/2009 - 22:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [235584]

O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 13/07/2009 - 22:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [44624]

O58 - SDL:[MD5.3F3D04B1D08D43C16EA7963954EC768D] - 13/07/2009 - 22:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [117312]

O58 - SDL:[MD5.C99F251A5DE63C6F129CF71933ACED0F] - 13/07/2009 - 22:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [142416]

O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 13/07/2009 - 22:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1383488]

O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 13/07/2009 - 22:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106064]

O58 - SDL:[MD5.7DFD48E24479B68B258D8770121155A0] - 13/07/2009 - 19:02:52 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\Windows\system32\drivers\Rt86win7.sys [139776]

O58 - SDL:[MD5.2E06052066CE4489CDFBFB8329EA52B1] - 09/09/2008 - 17:06:44 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2167128]

O58 - SDL:[MD5.5139A6C37C2D854E7B0EE6FA1F93CCDA] - 18/03/2008 - 17:02:18 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\system32\drivers\RTL8187B.SYS [292864]

O58 - SDL:[MD5.434DCF7AE4300C876AA40873E3113983] - 04/06/2009 - 16:45:48 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Windows 7.) -- C:\Windows\system32\drivers\RtsUStor.sys [166912]

O58 - SDL:[MD5.1C5C2CB892553D2CF3F45A4BB323FCD6] - 25/03/2009 - 16:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 Driver.) -- C:\Windows\system32\drivers\s1018bus.sys [86824]

O58 - SDL:[MD5.2AB45CEDAA214125501A0C7F91E105A4] - 25/03/2009 - 16:48:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s1018cm.sys [12200]

O58 - SDL:[MD5.2AB45CEDAA214125501A0C7F91E105A4] - 25/03/2009 - 16:48:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s1018cmnt.sys [12200]

O58 - SDL:[MD5.130A3049E2A66AF0877DA7E9B18DDE90] - 25/03/2009 - 16:48:00 ---A- . (.MCCI Corporation - Ericsson Mobile Platform S1018 USB WMC Extended Ethernet (WDM c.) -- C:\Windows\system32\drivers\s1018cr.sys [10792]

O58 - SDL:[MD5.38F5EA219593F19B6B3A1B9C169E3B61] - 25/03/2009 - 16:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 USB WMC Modem Filter Driver.) -- C:\Windows\system32\drivers\s1018mdfl.sys [15016]

O58 - SDL:[MD5.666AF6B64FC7DF92D3CA4819EA91631D] - 25/03/2009 - 16:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 USB WMC Modem WDM Driver.) -- C:\Windows\system32\drivers\s1018mdm.sys [114728]

O58 - SDL:[MD5.F4CEDA6E2DDFF2AF8BD745615A7CA9C0] - 25/03/2009 - 16:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 USB WMC Device Management Driver.) -- C:\Windows\system32\drivers\s1018mgmt.sys [106208]

O58 - SDL:[MD5.3622D9FF2253DCBE885B10736609A4CA] - 25/03/2009 - 16:48:00 ---A- . (.MCCI Corporation - Ericsson Mobile Platform S1018 USB WMC Extended Ethernet (NDIS.) -- C:\Windows\system32\drivers\s1018nd5.sys [26024]

O58 - SDL:[MD5.49431EFDA842B474531C29FFAE9F5D09] - 25/03/2009 - 16:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 USB WMC OBEX Interface Device Driver.) -- C:\Windows\system32\drivers\s1018obex.sys [104744]

O58 - SDL:[MD5.AC6B514CB4474F4C867D7CDC9CD54F05] - 25/03/2009 - 16:48:00 ---A- . (.MCCI Corporation - Sony Ericsson Device 1018 USB Ethernet Emulation.) -- C:\Windows\system32\drivers\s1018unic.sys [109864]

O58 - SDL:[MD5.5DD0D936FD9E503C96B9D41A284F815E] - 25/03/2009 - 16:48:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s1018wh.sys [12200]

O58 - SDL:[MD5.5DD0D936FD9E503C96B9D41A284F815E] - 25/03/2009 - 16:48:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\s1018whnt.sys [12200]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/07/2009 - 17:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 13/07/2009 - 22:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [40016]

O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 13/07/2009 - 22:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [77888]

O58 - SDL:[MD5.19301C27F3425DC39F6C599F527E507D] - 13/07/2009 - 19:13:45 ---A- . (.Motorola Inc. - Motorola SM56 Modem WDM Driver.) -- C:\Windows\system32\drivers\smserial.sys [1068032]

O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/02/2010 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [691696]

O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 22:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [21072]

O58 - SDL:[MD5.90AFA1A4451BBBEE87C9F18A665D8121] - 17/06/2009 - 10:59:46 ---A- . (.TOSHIBA Corporation - TOSHIBA Bluetooth Port Emulation Driver.) -- C:\Windows\system32\drivers\tosporte.sys [46984]

O58 - SDL:[MD5.B168B345FB7073930C31E0D8B85E8353] - 07/07/2009 - 20:38:34 ---A- . (.TOSHIBA CORPORATION - Bluetooth RF Bus Driver.) -- C:\Windows\system32\drivers\tosrfbd.sys [168936]

O58 - SDL:[MD5.74392BAB3F0D4810DA8436EC79D6955D] - 19/06/2009 - 08:56:48 ---A- . (.TOSHIBA Corporation - Bluetooth RFBNEP Driver.) -- C:\Windows\system32\drivers\tosrfbnp.sys [42472]

O58 - SDL:[MD5.1AD9EB1B5ABD0AEEE4084C8153476F1E] - 28/07/2009 - 19:01:26 ---A- . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) -- C:\Windows\system32\drivers\tosrfcom.sys [69480]

O58 - SDL:[MD5.A72A3473180F378CC07D342803FFD580] - 19/06/2009 - 08:57:20 ---A- . (.TOSHIBA Corporation. - Bluetooth HID Driver from TOSHIBA.) -- C:\Windows\system32\drivers\Tosrfhid.sys [79872]

O58 - SDL:[MD5.B2A1A6538245FD69578224BBF2FD4677] - 24/07/2009 - 10:31:58 ---A- . (.TOSHIBA Corporation. - Bluetooth BNEP Driver.) -- C:\Windows\system32\drivers\tosrfnds.sys [21608]

O58 - SDL:[MD5.8B877E24550E7962DA820C8C354EC33A] - 27/07/2009 - 19:09:28 ---A- . (.TOSHIBA Corporation - Bluetooth Audio Driver (WDM).) -- C:\Windows\system32\drivers\TosRfSnd.sys [55680]

O58 - SDL:[MD5.97529D04178BF604C62C5BE4B8BB2129] - 28/07/2009 - 17:38:00 ---A- . (.TOSHIBA CORPORATION - Bluetooth USB Miniport Driver.) -- C:\Windows\system32\drivers\tosrfusb.sys [49016]

O58 - SDL:[MD5.DCC7FEA364B3798E52B61B749FE02246] - 06/07/2009 - 10:49:52 ---A- . (.First International Computer, Inc. - Utility Program Component.) -- C:\Windows\system32\drivers\UPCDRV.sys [10240]

O58 - SDL:[MD5.83CAFCB53201BBAC04D822F32438E244] - 10/05/2011 - 08:06:08 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys [42496]

O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 13/07/2009 - 22:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [16976]

O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 13/07/2009 - 22:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [141904]

O58 - SDL:[MD5.3862318F85BE7A91957ADA5E814ED58C] - 27/11/2010 - 15:50:48 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbmdm6k.sys [105088]

O58 - SDL:[MD5.3862318F85BE7A91957ADA5E814ED58C] - 27/11/2010 - 15:50:48 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbnmea.sys [105088]

O58 - SDL:[MD5.3862318F85BE7A91957ADA5E814ED58C] - 27/11/2010 - 15:50:48 ---A- . (.ZTE Inc. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ZTEusbser6k.sys [105088]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 18:40:41 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 18:40:44 ---A- . (...) -- C:\Windows\system32\country.sys [27097]

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 18:40:40 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 18:40:43 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 18:40:23 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 18:40:31 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 18:40:35 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 18:40:39 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 18:40:27 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 18:40:11 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 18:40:15 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 18:40:17 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 18:40:19 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 18:40:13 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]

O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 04/10/2010 - 20:59:32 ---A- . (...) -- C:\Windows\system32\StarOpen.sys [5632]

~ Scan Drivers in 00mn 02s

---\\ Last modified or created user files (O61)

O61 - LFC:Last File Created 02/02/2012 - 21:20:08 ---A- C:\Users\Dario Jr\AppData\Roaming\Microsoft\IdentityCRL\production\MetaConfig.xml [163]

O61 - LFC:Last File Created 03/02/2012 - 01:03:24 ---A- C:\Users\Dario Jr\AppData\Roaming\Microsoft\MSN Messenger\sqmnoopt00.sqm [7540]

O61 - LFC:Last File Created 03/02/2012 - 01:03:30 ---A- C:\Users\Dario Jr\AppData\Roaming\Microsoft\MSN Messenger\sqmnoopt01.sqm [284]

O61 - LFC:Last File Created 03/02/2012 - 02:57:27 ---A- C:\Users\All Users\Nero\Nero BackItUp 4\Cache\BIUD142.txt [918]

O61 - LFC:Last File Created 03/02/2012 - 02:57:27 ---A- C:\Users\Todos os Usuários\Nero\Nero BackItUp 4\Cache\BIUD142.txt [918]

O61 - LFC:Last File Created 03/02/2012 - 12:00:30 ---A- C:\Users\All Users\Nero\Nero BackItUp 4\Cache\BIUB318.txt [918]

O61 - LFC:Last File Created 03/02/2012 - 12:00:30 ---A- C:\Users\Todos os Usuários\Nero\Nero BackItUp 4\Cache\BIUB318.txt [918]

O61 - LFC:Last File Created 03/02/2012 - 12:34:44 ---A- C:\Users\Dario Jr\AppData\Roaming\Media Player Classic\default.mpcpl [99]

O61 - LFC:Last File Created 03/02/2012 - 14:14:09 ---A- C:\Users\Dario Jr\Music\iTunes\iTunes Library Extras.itdb [12288]

O61 - LFC:Last File Created 03/02/2012 - 14:17:02 ---A- C:\Users\Dario Jr\AppData\Local\Apple Computer\iTunes\Cache.db [57431040]

O61 - LFC:Last File Created 03/02/2012 - 14:20:55 ---A- C:\Users\Dario Jr\AppData\Local\Apple Computer\iTunes\iTunesPrefs.xml [989433]

O61 - LFC:Last File Created 03/02/2012 - 14:20:55 ---A- C:\Users\Dario Jr\AppData\Roaming\Apple Computer\iTunes\iTunesPrefs.xml [318644]

O61 - LFC:Last File Created 03/02/2012 - 14:20:55 ---A- C:\Users\Dario Jr\Music\iTunes\iTunes Library.itl [29931]

O61 - LFC:Last File Created 03/02/2012 - 14:20:56 ---A- C:\Users\Dario Jr\AppData\Roaming\Apple Computer\iTunes\Cookies\Cookies.plist [3877]

O61 - LFC:Last File Created 03/02/2012 - 15:33:53 ---A- C:\Users\Dario Jr\AppData\Roaming\Thunderbird\Profiles\vlh88yxg.default\cookies.sqlite [524288]

O61 - LFC:Last File Created 03/02/2012 - 15:47:44 ---A- C:\Users\All Users\Nero\Nero BackItUp 4\Cache\BIUE0CC.txt [918]

O61 - LFC:Last File Created 03/02/2012 - 15:47:44 ---A- C:\Users\Todos os Usuários\Nero\Nero BackItUp 4\Cache\BIUE0CC.txt [918]

O61 - LFC:Last File Created 03/02/2012 - 15:48:35 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.001 [65536]

O61 - LFC:Last File Created 03/02/2012 - 15:48:35 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\PropMap\CiPT0000.002 [65536]

O61 - LFC:Last File Created 03/02/2012 - 15:48:53 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.001 [65536]

O61 - LFC:Last File Created 03/02/2012 - 15:48:53 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\INDEX.002 [65536]

O61 - LFC:Last File Created 03/02/2012 - 15:48:53 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\SETTINGS.DIA [4]

O61 - LFC:Last File Created 03/02/2012 - 15:48:57 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.001 [65536]

O61 - LFC:Last File Created 03/02/2012 - 15:48:57 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SecStore\CiST0000.002 [65536]

O61 - LFC:Last File Created 03/02/2012 - 15:58:07 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\CiAB0002.002 [65536]

O61 - LFC:Last File Created 03/02/2012 - 15:58:08 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\CiAB0002.001 [65536]

O61 - LFC:Last File Created 03/02/2012 - 15:58:12 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\CiAB0001.002 [65536]

O61 - LFC:Last File Created 03/02/2012 - 15:58:15 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\CiAB0001.001 [65536]

O61 - LFC:Last File Created 03/02/2012 - 16:11:12 ---A- C:\Users\All Users\Nero\Nero BackItUp 4\Cache\BIU8AF0.txt [918]

O61 - LFC:Last File Created 03/02/2012 - 16:11:12 ---A- C:\Users\Todos os Usuários\Nero\Nero BackItUp 4\Cache\BIU8AF0.txt [918]

O61 - LFC:Last File Created 03/02/2012 - 16:12:21 ---A- C:\Users\Dario Jr\AppData\Local\temp\FXSAPIDebugLogFile.txt [0]

O61 - LFC:Last File Created 03/02/2012 - 20:52:43 ---A- C:\Users\Dario Jr\AppData\Local\temp\Uninst.bat [477]

O61 - LFC:Last File Created 03/02/2012 - 21:01:30 ---A- C:\Users\All Users\Nero\Nero BackItUp 4\Cache\BIUA89D.txt [918]

O61 - LFC:Last File Created 03/02/2012 - 21:01:30 ---A- C:\Users\Todos os Usuários\Nero\Nero BackItUp 4\Cache\BIUA89D.txt [918]

O61 - LFC:Last File Created 03/02/2012 - 21:05:20 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.1.Crwl [1778]

O61 - LFC:Last File Created 03/02/2012 - 21:09:42 ---A- C:\Users\All Users\Alwil Software\Avast5\report\FileSystemShield.txt [173573]

O61 - LFC:Last File Created 03/02/2012 - 21:09:42 ---A- C:\Users\Todos os Usuários\Alwil Software\Avast5\report\FileSystemShield.txt [173573]

O61 - LFC:Last File Created 03/02/2012 - 21:10:31 ---A- C:\Users\Dario Jr\AppData\Local\temp\~DFAC0D6EDF8C531EC3.TMP [1536]

O61 - LFC:Last File Created 03/02/2012 - 22:34:43 ----- C:\Users\Dario Jr\AppData\Roaming\uTorrent\Tell me More 8 English DVD 1+2+3 Multilanguage.rar.torrent [20538]

O61 - LFC:Last File Created 03/02/2012 - 22:34:57 ----- C:\Users\Dario Jr\AppData\Roaming\uTorrent\Tell Me More Advance.iso.torrent [17533]

O61 - LFC:Last File Created 03/02/2012 - 22:55:06 ---A- C:\Users\Dario Jr\AppData\Roaming\PrimoPDF\PrimoSet.xml [1580]

O61 - LFC:Last File Created 03/02/2012 - 22:58:54 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.1.gthr [5326]

O61 - LFC:Last File Created 04/02/2012 - 00:00:11 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Last Tabs [54012]

O61 - LFC:Last File Created 04/02/2012 - 00:00:12 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Last Session [63702]

O61 - LFC:Last File Created 04/02/2012 - 00:00:12 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_1 [270336]

O61 - LFC:Last File Created 04/02/2012 - 00:02:36 ---A- C:\Users\All Users\Alwil Software\Avast5\FileInfo.db [69632]

O61 - LFC:Last File Created 04/02/2012 - 00:02:36 ---A- C:\Users\Todos os Usuários\Alwil Software\Avast5\FileInfo.db [69632]

O61 - LFC:Last File Created 04/02/2012 - 00:03:34 ---A- C:\Users\Dario Jr\AppData\Roaming\uTorrent\resume.dat.old [93444]

O61 - LFC:Last File Created 04/02/2012 - 00:03:53 ---A- C:\Users\Dario Jr\AppData\Roaming\uTorrent\dht.dat [3650]

O61 - LFC:Last File Created 04/02/2012 - 00:03:53 ---A- C:\Users\Dario Jr\AppData\Roaming\uTorrent\resume.dat [92698]

O61 - LFC:Last File Created 04/02/2012 - 00:03:53 ---A- C:\Users\Dario Jr\AppData\Roaming\uTorrent\rss.dat [99]

O61 - LFC:Last File Created 04/02/2012 - 00:03:53 ---A- C:\Users\Dario Jr\AppData\Roaming\uTorrent\settings.dat [10757]

O61 - LFC:Last File Created 04/02/2012 - 00:05:54 ---A- C:\Users\All Users\Alwil Software\Avast5\Log.db [60416]

O61 - LFC:Last File Created 04/02/2012 - 00:05:54 ---A- C:\Users\All Users\Alwil Software\Avast5\log\AshWebSv.ws.ori [1343]

O61 - LFC:Last File Created 04/02/2012 - 00:05:54 ---A- C:\Users\Todos os Usuários\Alwil Software\Avast5\Log.db [60416]

O61 - LFC:Last File Created 04/02/2012 - 00:05:54 ---A- C:\Users\Todos os Usuários\Alwil Software\Avast5\log\AshWebSv.ws.ori [1343]

O61 - LFC:Last File Created 04/02/2012 - 00:05:54 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.wid [65536]

O61 - LFC:Last File Created 04/02/2012 - 00:06:02 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.ci [294912]

O61 - LFC:Last File Created 04/02/2012 - 00:06:02 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.dir [4096]

O61 - LFC:Last File Created 04/02/2012 - 15:03:08 ---A- C:\Users\All Users\Alwil Software\Avast5\snx_lconfig.xml [446]

O61 - LFC:Last File Created 04/02/2012 - 15:03:08 ---A- C:\Users\Todos os Usuários\Alwil Software\Avast5\snx_lconfig.xml [446]

O61 - LFC:Last File Created 04/02/2012 - 15:04:03 ---A- C:\Users\All Users\Alwil Software\Avast5\report\EmailShield.txt [173592]

O61 - LFC:Last File Created 04/02/2012 - 15:04:03 ---A- C:\Users\All Users\Alwil Software\Avast5\report\IMShield.txt [173592]

O61 - LFC:Last File Created 04/02/2012 - 15:04:03 ---A- C:\Users\All Users\Alwil Software\Avast5\report\NetworkShield.txt [173592]

O61 - LFC:Last File Created 04/02/2012 - 15:04:03 ---A- C:\Users\All Users\Alwil Software\Avast5\report\P2PShield.txt [173592]

O61 - LFC:Last File Created 04/02/2012 - 15:04:03 ---A- C:\Users\All Users\Alwil Software\Avast5\report\ScriptShield.txt [27937]

O61 - LFC:Last File Created 04/02/2012 - 15:04:03 ---A- C:\Users\Todos os Usuários\Alwil Software\Avast5\report\EmailShield.txt [173592]

O61 - LFC:Last File Created 04/02/2012 - 15:04:03 ---A- C:\Users\Todos os Usuários\Alwil Software\Avast5\report\IMShield.txt [173592]

O61 - LFC:Last File Created 04/02/2012 - 15:04:03 ---A- C:\Users\Todos os Usuários\Alwil Software\Avast5\report\NetworkShield.txt [173592]

O61 - LFC:Last File Created 04/02/2012 - 15:04:03 ---A- C:\Users\Todos os Usuários\Alwil Software\Avast5\report\P2PShield.txt [173592]

O61 - LFC:Last File Created 04/02/2012 - 15:04:03 ---A- C:\Users\Todos os Usuários\Alwil Software\Avast5\report\ScriptShield.txt [27937]

O61 - LFC:Last File Created 04/02/2012 - 15:04:04 ---A- C:\Users\All Users\Alwil Software\Avast5\log\AshWebSv.ws [0]

O61 - LFC:Last File Created 04/02/2012 - 15:04:04 ---A- C:\Users\Todos os Usuários\Alwil Software\Avast5\log\AshWebSv.ws [0]

O61 - LFC:Last File Created 04/02/2012 - 15:04:05 ---A- C:\Users\All Users\Alwil Software\Avast5\report\WebShield.txt [175611]

O61 - LFC:Last File Created 04/02/2012 - 15:04:05 ---A- C:\Users\Todos os Usuários\Alwil Software\Avast5\report\WebShield.txt [175611]

O61 - LFC:Last File Created 04/02/2012 - 15:05:05 ---A- C:\Users\All Users\Nero\Nero BackItUp 4\Cache\BIUE81C.txt [918]

O61 - LFC:Last File Created 04/02/2012 - 15:05:05 ---A- C:\Users\Todos os Usuários\Nero\Nero BackItUp 4\Cache\BIUE81C.txt [918]

O61 - LFC:Last File Created 04/02/2012 - 15:05:38 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\MSSres00001.jrs [1048576]

O61 - LFC:Last File Created 04/02/2012 - 15:05:38 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\MSSres00002.jrs [1048576]

O61 - LFC:Last File Created 04/02/2012 - 15:05:51 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\MSS.chk [8192]

O61 - LFC:Last File Created 04/02/2012 - 15:07:06 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.wid [65536]

O61 - LFC:Last File Created 04/02/2012 - 15:07:07 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.dir [16384]

O61 - LFC:Last File Created 04/02/2012 - 15:07:08 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010003.ci [2519040]

O61 - LFC:Last File Created 04/02/2012 - 15:07:09 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.wid [65536]

O61 - LFC:Last File Created 04/02/2012 - 15:07:11 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.Crwl [1374]

O61 - LFC:Last File Created 04/02/2012 - 15:07:11 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.ci [20480]

O61 - LFC:Last File Created 04/02/2012 - 15:07:11 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010004.dir [4096]

O61 - LFC:Last File Created 04/02/2012 - 22:33:16 ---A- C:\Users\Dario Jr\AppData\Local\Toshiba\BluetoothStack\V1.0\SDP00062.sdb [4012]

O61 - LFC:Last File Created 04/02/2012 - 22:33:52 ---A- C:\Users\All Users\TOSHIBA\C11DACE4-A272-487e-83EB-32BF198C5E5D\dat0.bin [12780]

O61 - LFC:Last File Created 04/02/2012 - 22:33:52 ---A- C:\Users\Todos os Usuários\TOSHIBA\C11DACE4-A272-487e-83EB-32BF198C5E5D\dat0.bin [12780]

O61 - LFC:Last File Created 04/02/2012 - 22:34:48 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.wid [65536]

O61 - LFC:Last File Created 04/02/2012 - 22:34:49 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.ci [2318336]

O61 - LFC:Last File Created 04/02/2012 - 22:34:49 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010005.dir [12288]

O61 - LFC:Last File Created 04/02/2012 - 22:38:12 ---A- C:\Users\Todos os Usuários\Microsoft\RAC\PublishedData\RacWmiDatabase.sdf [1462272]

O61 - LFC:Last File Created 04/02/2012 - 22:38:12 ---A- C:\Users\Todos os Usuários\Microsoft\RAC\StateData\RacDatabase.sdf [544768]

O61 - LFC:Last File Created 04/02/2012 - 22:38:12 ---A- C:\Users\Todos os Usuários\Microsoft\RAC\StateData\RacWmiDataBookmarks.dat [16412]

O61 - LFC:Last File Created 04/02/2012 - 22:38:12 ---A- C:\Users\Todos os Usuários\Microsoft\RAC\StateData\RacWmiEventData.dat [16777244]

O61 - LFC:Last File Created 04/02/2012 - 22:52:58 ---A- C:\Users\All Users\Alwil Software\Avast5\report\BehaviorShield.txt [293133]

O61 - LFC:Last File Created 04/02/2012 - 22:52:58 ---A- C:\Users\Todos os Usuários\Alwil Software\Avast5\report\BehaviorShield.txt [293133]

O61 - LFC:Last File Created 04/02/2012 - 22:53:22 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.2.gthr [19544]

O61 - LFC:Last File Created 04/02/2012 - 22:54:20 ---A- C:\Users\Dario Jr\AppData\Local\temp\~DF0E35276E3FF673E3.TMP [1536]

O61 - LFC:Last File Created 04/02/2012 - 22:54:30 ---A- C:\Users\Dario Jr\AppData\Local\temp\amline_data.xml [39155]

O61 - LFC:Last File Created 04/02/2012 - 22:54:30 ---A- C:\Users\Dario Jr\AppData\Local\temp\amline_settings.xml [2007]

O61 - LFC:Last File Created 04/02/2012 - 22:56:16 ---A- C:\Users\Todos os Usuários\Microsoft\Windows Defender\LocalCopy\{C7F40E5B-534E-4078-BCED-9DCAA00B95E6}-ToolbarShooter.exe [227328]

O61 - LFC:Last File Created 04/02/2012 - 22:57:42 ---A- C:\Users\Todos os Usuários\Microsoft\Windows Defender\LocalCopy\{AE35E6B2-9925-45B8-8D0D-063248B509EC}-ToolbarShooter.exe [227328]

O61 - LFC:Last File Created 04/02/2012 - 22:58:18 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Top Sites [20480]

O61 - LFC:Last File Created 04/02/2012 - 22:58:18 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Web Data [73728]

O61 - LFC:Last File Created 04/02/2012 - 22:58:20 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000001 [26722]

O61 - LFC:Last File Created 04/02/2012 - 22:58:21 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000002 [119896]

O61 - LFC:Last File Created 04/02/2012 - 22:58:23 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Current Tabs [7374]

O61 - LFC:Last File Created 04/02/2012 - 22:58:23 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache [11]

O61 - LFC:Last File Created 04/02/2012 - 22:58:23 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Local State [12822]

O61 - LFC:Last File Created 04/02/2012 - 22:58:24 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Current Session [7475]

O61 - LFC:Last File Created 04/02/2012 - 22:58:24 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Favicons [26624]

O61 - LFC:Last File Created 04/02/2012 - 22:58:24 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\History [86016]

O61 - LFC:Last File Created 04/02/2012 - 22:58:24 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\History Index 2012-02 [36864]

O61 - LFC:Last File Created 04/02/2012 - 22:58:25 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0 [45056]

O61 - LFC:Last File Created 04/02/2012 - 22:58:25 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1 [270336]

O61 - LFC:Last File Created 04/02/2012 - 22:58:25 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2 [1056768]

O61 - LFC:Last File Created 04/02/2012 - 22:58:25 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3 [4202496]

O61 - LFC:Last File Created 04/02/2012 - 22:58:25 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Cookies [47104]

O61 - LFC:Last File Created 04/02/2012 - 22:58:25 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Preferences [26508]

O61 - LFC:Last File Created 04/02/2012 - 22:58:25 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Visited Links [131072]

O61 - LFC:Last File Created 04/02/2012 - 22:58:25 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt [5]

O61 - LFC:Last File Created 04/02/2012 - 22:59:17 ---A- C:\Users\Todos os Usuários\Microsoft\Windows Defender\Scans\History\Results\Resource\{78165D70-961D-4DBD-8A3B-59C12EA1931A} [8462]

O61 - LFC:Last File Created 04/02/2012 - 22:59:32 ---A- C:\Users\Todos os Usuários\Microsoft\Windows Defender\Scans\History\Results\Resource\{50C3215D-D079-45B5-A053-E3F9891461DC} [8462]

O61 - LFC:Last File Created 04/02/2012 - 22:59:32 ---A- C:\Users\Todos os Usuários\Microsoft\Windows Defender\Scans\History\Service\History.Log [78]

O61 - LFC:Last File Created 04/02/2012 - 23:00:29 ---A- C:\Users\Dario Jr\AppData\Roaming\uTorrent\dht.dat.old [2896]

O61 - LFC:Last File Created 04/02/2012 - 23:00:29 ---A- C:\Users\Dario Jr\AppData\Roaming\uTorrent\rss.dat.old [99]

O61 - LFC:Last File Created 04/02/2012 - 23:19:41 ---A- C:\Users\Dario Jr\AppData\Roaming\uTorrent\VA_-_Music_for_Striptease-4CD-2008-CSM.torrent [25526]

O61 - LFC:Last File Created 04/02/2012 - 23:37:50 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom [6651236]

O61 - LFC:Last File Created 04/02/2012 - 23:37:50 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Safe Browsing Download [3425988]

O61 - LFC:Last File Created 04/02/2012 - 23:37:51 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Safe Browsing Bloom Filter 2 [2278878]

O61 - LFC:Last File Created 04/02/2012 - 23:37:51 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Safe Browsing Csd Whitelist [134252]

O61 - LFC:Last File Created 04/02/2012 - 23:38:42 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wid [65536]

O61 - LFC:Last File Created 04/02/2012 - 23:38:42 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.wsb [65536]

O61 - LFC:Last File Created 04/02/2012 - 23:45:33 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.ci [646463488]

O61 - LFC:Last File Created 04/02/2012 - 23:45:33 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010001.dir [2015232]

O61 - LFC:Last File Created 04/02/2012 - 23:45:33 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\CiAD0001.001 [65536]

O61 - LFC:Last File Created 04/02/2012 - 23:45:33 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\CiAD0001.002 [65536]

O61 - LFC:Last File Created 04/02/2012 - 23:48:52 ---A- C:\Users\Dario Jr\AppData\Roaming\uTorrent\settings.dat.old [10727]

O61 - LFC:Last File Created 04/02/2012 - 23:59:42 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Cache\index [524656]

O61 - LFC:Last File Created 04/02/2012 - 23:59:43 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_0 [8192]

O61 - LFC:Last File Created 04/02/2012 - 23:59:43 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_2 [8192]

O61 - LFC:Last File Created 04/02/2012 - 23:59:43 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Media Cache\data_3 [8192]

O61 - LFC:Last File Created 04/02/2012 - 23:59:43 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Media Cache\index [524656]

O61 - LFC:Last File Created 04/02/2012 - 23:59:44 ---A- C:\Users\Dario Jr\AppData\Local\Google\Chrome\User Data\Default\Archived History [53248]

O61 - LFC:Last File Created 05/02/2012 - 23:00:10 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.3.Crwl [2]

O61 - LFC:Last File Created 05/02/2012 - 23:02:04 ---A- C:\Users\Dario Jr\AppData\Roaming\Microsoft\Office\Word12.pip [1712]

O61 - LFC:Last File Created 05/02/2012 - 23:03:14 ---A- C:\Users\All Users\Alwil Software\Avast5\db1caac61f8aca29f-321ea8a2.dat [3962616]

O61 - LFC:Last File Created 05/02/2012 - 23:03:14 ---A- C:\Users\Todos os Usuários\Alwil Software\Avast5\db1caac61f8aca29f-321ea8a2.dat [3962616]

O61 - LFC:Last File Created 05/02/2012 - 23:03:28 ---A- C:\Users\Todos os Usuários\Microsoft\Search\Data\Applications\Windows\GatherLogs\SystemIndex\SystemIndex.3.gthr [634]

O61 - LFC:Last File Created 05/02/2012 - 23:06:32 ---A- C:\Users\Todos os Usuários\Microsoft\RAC\StateData\RacMetaData.dat [8]

O61 - LFC:Last File Created 05/02/2012 - 23:08:06 ---A- C:\Users\Dario Jr\AppData\Roaming\Microsoft\Office\Recente\Novo(a) Documento do Microsoft Office Word.LNK [1196]

O61 - LFC:Last File Created 05/02/2012 - 23:08:06 ---A- C:\Users\Dario Jr\AppData\Roaming\Microsoft\Office\Recente\Área de Trabalho.LNK [884]

O61 - LFC:Last File Created 05/02/2012 - 23:13:33 ---A- C:\Users\Todos os Usuários\Microsoft\Windows\Start Menu\Programs\ZHP\ZHPDiag.lnk [967]

O61 - LFC:Last File Created 05/02/2012 - 23:13:56 ---A- C:\Users\All Users\Alwil Software\Avast5\URL.db [2044928]

O61 - LFC:Last File Created 05/02/2012 - 23:13:56 ---A- C:\Users\Todos os Usuários\Alwil Software\Avast5\URL.db [2044928]

O61 - LFC:Last File Created 30/01/2012 - 15:02:43 ----- C:\Users\Todos os Usuários\Microsoft\Windows\WER\ReportQueue\NonCritical_UninstallShld.ex_5e566fff0f18f9dfa8068d5cf343f299d45d_cab_2fd6906c\appcompat.txt [7498]

O61 - LFC:Last File Created 30/01/2012 - 15:02:43 ---A- C:\Users\Todos os Usuários\Microsoft\Windows\WER\ReportQueue\NonCritical_UninstallShld.ex_5e566fff0f18f9dfa8068d5cf343f299d45d_cab_2fd6906c\Report.wer [2510]

O61 - LFC:Last File Created 30/12/1899 - 00:05:49 --HA- C:\Users\Dario Jr\AppData\Local\IconCache.db [4462200]

O61 - LFC:Last File Created 30/12/1899 - 14:20:55 --HA- C:\Users\Dario Jr\Music\iTunes\sentinel [8]

O61 - LFC:Last File Created 30/12/1899 - 15:05:49 -SHA- C:\Users\Todos os Usuários\Microsoft\Windows\DRM\drmstore.hds [167936]

O61 - LFC:Last File Created 30/12/1899 - 23:08:06 --H-- C:\Users\Dario Jr\AppData\Roaming\Microsoft\Office\Recente\index.dat [1601]

~ Scan Files in 04mn 08s

---\\ Alternate Data Stream File (ADS) (O62)

O62 - ADS:Alternate Data Stream File - C:\Windows\system32\drivers\:GbpKmAp.lst

O62 - ADS:Alternate Data Stream File - C:\Windows\system32\Drivers\:GbpKmAp.lst

~ Scan ADS in 00mn 01s

---\\ List all tools cleaner (LATC) (O63)

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

---\\ List all legacy services(LALS) (O64)

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK

O64 - Services: CurCS - 28/11/2011 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswRdr.sys (aswRdr) .(.AVAST Software - avast! TDI RDR Driver.) - LEGACY_ASWRDR

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI

O64 - Services: CurCS - 21/12/2011 - C:\Windows\system32\drivers\gbpkm.sys (GbpKm) .(.GAS Tecnologia - GbPlugin Device Driver.) - LEGACY_GBPKM

O64 - Services: CurCS - 18/05/2010 - C:\Windows\system32\DRIVERS\hotcore3.sys (hotcore3) .(.Paragon Software Group - A part of Paragon System Utilities.) - LEGACY_HOTCORE3

O64 - Services: CurCS - 10/12/2011 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD

~ Scan Services in 00mn 00s

---\\ List unsigned files (LUF) (O65) (None)

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\system32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\system32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\system32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Iniciador do snap-in de 'Visualizar eventos'.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\system32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitário de Inicialização por Usuário do Internet Explorer.) -- C:\Windows\System32\ie4uinit.exe

~ Scan Keys in 00mn 00s

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com

O69 - SBI: SearchScopes [HKCU] {071AF45E-8EED-44BE-965D-21728179654F} - (Ask Search) - http://websearch.ask.com

~ Scan Keys in 00mn 00s

---\\ Crack & Keygen Files (CKF) (O82)

C:\Pastas.area.de.trabalho\Desktop1\programas\Corel.draw.e.photoshop\CorelDraw_X4_Keygen_By_Eliseu32_www.TheRebels.de.rar

C:\Pastas.area.de.trabalho\Desktop1\programas\Corel.draw.e.photoshop\CorelDraw_X4_Keygen_By_Eliseu32_www.TheRebels.de.rar

~ Scan Files in 05mn 33s

---\\ Search Svchost Services (SSS) (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Serviço de Experiência com Aplicativo.) -- C:\Windows\system32\aelupsvc.dll [62464]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\system32\certprop.dll [67584]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Serviço de Propagação de Certificado de Cartão Inteligente da Microsof.) -- C:\Windows\system32\certprop.dll [67584]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL de Serviço do Servidor.) -- C:\Windows\system32\srvsvc.dll [168448]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Cliente da Diretiva de Grupo.) -- C:\Windows\system32\gpsvc.dll [591360]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extensão IKE.) -- C:\Windows\system32\ikeext.dll [667136]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Serviço de Áudio do Windows.) -- C:\Windows\system32\Audiosrv.dll [473088]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gerenciador de Discagem Automática de Acesso Remoto.) -- C:\Windows\system32\rasauto.dll [90624]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gerenciador de conexão de acesso remoto.) -- C:\Windows\system32\rasmans.dll [285184]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gerenciador de Interface Dinâmica.) -- C:\Windows\system32\mprdim.dll [75264]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Serviço de Notificação de Eventos do Sistema (SENS).) -- C:\Windows\system32\sens.dll [49664]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Componentes do Microsoft NAT Helper.) -- C:\Windows\system32\ipnathlp.dll [300544]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Servidor de telefonia do Microsoft® Windows.) -- C:\Windows\system32\tapisrv.dll [241664]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gerenciador de Conexões Remotas do Servidor Host da Sessão da Área de.) -- C:\Windows\system32\termsrv.dll [543232]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update Agent.) -- C:\Windows\system32\wuaueng.dll [1912832]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Serviço de transferência inteligente de plano de fundo.) -- C:\Windows\system32\qmgr.dll [589312]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL de serviços do Shell do Windows.) -- C:\Windows\system32\shsvcs.dll [328192]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Serviço que oferece conectividade IPv6 em uma rede IPv4..) -- C:\Windows\system32\iphlpsvc.dll [497152]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de serviço de logon secundário.) -- C:\Windows\system32\seclogon.dll [21504]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Serviço de Informações de Aplicativos.) -- C:\Windows\system32\appinfo.dll [46592]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Serviço de Descoberta iSCSI.) -- C:\Windows\system32\iscsiexe.dll [114688]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Serviço Agendador de Classes de Multimídia.) -- C:\Windows\system32\mmcss.dll [49664]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Relatórios de Problemas e Soluções.) -- C:\Windows\system32\wercplsupport.dll [61440]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Serviço Microsoft EAPHost.) -- C:\Windows\system32\eapsvc.dll [98304]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [162816]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Serviço Agendador de Tarefas.) -- C:\Windows\system32\schedsvc.dll [743424]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Serviço de Gerenciamento de Chaves.) -- C:\Windows\system32\kmsvc.dll [71168]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Serviço de Configuração da Área de Trabalho Remota.) -- C:\Windows\system32\sessenv.dll [99328]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [168960]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL de Serviço Pesquisador de Computadores.) -- C:\Windows\system32\browser.dll [102400]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL do Serviço de Tema do Shell do Windows.) -- C:\Windows\system32\themeservice.dll [37376]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Serviço BDE.) -- C:\Windows\system32\bdesvc.dll [76800]

O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Serviço de instalação do software.) -- C:\Windows\system32\appmgmts.dll [149504]

~ Scan Services in 00mn 00s

---\\ Search Particular Root Folder (SPRF) (O84)

[MD5.6FBA2FF8C8CFDA9A19C66C592DFCDD97] [sPRF][03/02/2012] (...) -- C:\Users\Dario Jr\AppData\Local\Temp\Uninst.bat [477]

[MD5.F5E5A9671897BBC08516AB90A579B790] [sPRF][31/01/2012] (.Mozilla - Thunderbird.) -- C:\Users\Dario Jr\Desktop\Thunderbird Setup 10.0.exe [16665512]

[MD5.A37E08226423BBD4994FE7C66DDF0C9D] [sPRF][04/02/2012] (...) -- C:\Users\Dario Jr\Desktop\ToolbarShooter.exe [227328]

[MD5.405D25F66C0EA02D5E4F6B1F72F0884D] [sPRF][04/02/2012] (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag2.exe [3901292]

~ Scan Files in 00mn 01s

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "{37E92506-B138-444A-AD35-C3027D34751D}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe

O87 - FAEL: "{A37BC553-2D9E-4156-A6F2-B9AD52D2C2CE}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe

O87 - FAEL: "{251C525B-9520-4524-91EB-26F118E99332}" | In - None - P17 - TRUE | .(.Unknown owner - WrapperP Application.) -- C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe

O87 - FAEL: "{97557ACA-81DE-416F-B7FF-ACE31A34F821}" | Out - None - P6 - TRUE | .(.Unknown owner - WrapperP Application.) -- C:\Program Files\Rosetta Stone\Rosetta Stone V3\RosettaStoneVersion3.exe

O87 - FAEL: "{83919BAC-1C88-43D9-95BE-0A3EF967810E}" | In - None - P6 - TRUE | .(...) -- C:\Program Files\Rosetta Stone\Rosetta Stone V3\support\bin\win\RosettaStoneLtdServices.exe

O87 - FAEL: "{9207C08D-C186-4044-98D9-8D063739F548}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O87 - FAEL: "TCP Query User{6B307F50-EEE9-4A52-A33D-D5D657555311}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" | In - Private - P6 - TRUE | .(.DsNET.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe

O87 - FAEL: "UDP Query User{350A1072-8A8B-4AB0-AA91-C7F9C8E28559}C:\program files\dsnet corp\atube catcher 2.0\yct.exe" | In - Private - P17 - TRUE | .(.DsNET.) -- C:\Program Files\DsNET Corp\aTube Catcher 2.0\yct.exe

O87 - FAEL: "{7373C3E4-7A25-4245-96B8-40CC760AF700}" | In - Private - P6 - TRUE | .(.www.megacubo.net - No comment.) -- C:\Program Files\Megacubo\megacubo.exe

O87 - FAEL: "{9DDF3EDA-0610-428F-AC75-BEE00523FB8B}" | In - Private - P17 - TRUE | .(.www.megacubo.net - No comment.) -- C:\Program Files\Megacubo\megacubo.exe

O87 - FAEL: "{107EBD85-376A-4B4F-A47F-043485E6A485}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe

O87 - FAEL: "{E7F1391C-0A2D-4C67-BA1A-0BFB6D4CAEC9}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\Sony Ericsson\Update Service\Update Service.exe

O87 - FAEL: "{98493B23-564B-4182-9C51-2C242B856EF1}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\Sony Ericsson\Update Service\Update Service.exe

O87 - FAEL: "TCP Query User{A6D47FFE-99B0-4012-9C1A-63478055D21F}C:\program files\mozilla firefox\firefox.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O87 - FAEL: "UDP Query User{E195244F-2FF6-46A1-BBDD-6845E526A270}C:\program files\mozilla firefox\firefox.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O87 - FAEL: "TCP Query User{61C3CEED-B5DE-4988-B9BA-54747A1D21D2}C:\program files\orbitdownloader\orbitnet.exe" | In - Private - P6 - TRUE | .(.Orbitdownloader.com - P2P service of Orbit Downloader.) -- C:\Program Files\Orbitdownloader\orbitnet.exe

O87 - FAEL: "UDP Query User{7DD391F8-A415-4625-8CC5-AD3BDB7DD69C}C:\program files\orbitdownloader\orbitnet.exe" | In - Private - P17 - TRUE | .(.Orbitdownloader.com - P2P service of Orbit Downloader.) -- C:\Program Files\Orbitdownloader\orbitnet.exe

~ Scan Firewall in 00mn 02s

---\\ Additionnal Scan (O88)

Database Version : 9053 - (22/01/2012)

Clés trouvées (Keys found) : 20

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 0

Fichiers trouvés (Files found) : 0

[HKLM\Software\Classes\AppID\NCTAudioCompress3.DLL] =>PUP.BearShare

[HKLM\Software\Classes\AppID\NCTAudioFile3.DLL] =>PUP.BearShare

[HKLM\Software\Classes\AppID\NCTAudioFileWMA3.DLL] =>PUP.BearShare

[HKLM\Software\Classes\AppID\NCTAudioFormatSettings3.DLL] =>PUP.BearShare

[HKLM\Software\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}] =>PUP.BearShare

[HKLM\Software\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}] =>PUP.BearShare

[HKLM\Software\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}] =>PUP.BearShare

[HKLM\Software\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}] =>PUP.iMesh

[HKLM\Software\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}] =>PUP.BearShare

[HKLM\Software\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}] =>PUP.BearShare

[HKLM\Software\Classes\AppID\{5e50ae1d-bc76-418b-94c4-efeac0cef80c}] =>Toolbar.Kiwee

[HKLM\Software\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}] =>PUP.iMesh

[HKLM\Software\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}] =>Toolbar.Agent

[HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}] =>PUP.iMesh

[HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}] =>PUP.iMesh

[HKLM\Software\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}] =>PUP.iMesh

[HKLM\Software\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}] =>PUP.BearShare

[HKLM\Software\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}] =>PUP.BearShare

[HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}] =>PUP.iMesh

[HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}] =>PUP.iMesh

~ Scan Additionnel in 00mn 11s

---\\ Router Hijack DNS (O89)

DNS request timed out.

timeout was 2 seconds.

Servidor: UnKnown

Address: 192.168.1.1

Nome: www-cctld.l.google.com

Address: 74.125.234.24

Aliases: www.google.fr

~ Scan DNS in 00mn 05s

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 25/05/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SR - | Auto 28/11/2011 44768 | (avast! antivírus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

SS - | Demand 23/08/2010 658432 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

SS - | Auto 204872 | (GbpSv) . (...) - C:\Program Files\GbPlugin\gbpsv.exe

SS - | Demand 19/07/2011 821096 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SR - | Auto 24/12/2011 652872 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

SR - | Auto 24/09/2008 935208 | Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe

SR - | Auto 24/07/2007 185632 | (PSI_SVC_2) . (.Protexis Inc..) - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

SR - | Auto 10/09/2009 469504 | (S3Funkey) . (.S3 Graphics Co., Ltd..) - C:\Program Files\s3graphics\chrome3\S3Funkey.svc

SR - | Auto 10/09/2009 417280 | (S3LoadSv) . (.S3 Graphics Co., Inc..) - C:\Program Files\s3graphics\chrome3\s3loadsv.svc

SS - | Demand 29/06/2011 155344 | (Sony Ericsson PCCompanion) . (.Avanquest Software.) - C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe

SR - | Auto 23/12/2009 370688 | (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

SR - | Demand 30/07/2009 144752 | (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

SR - | Auto 13/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Scan Services in 00mn 08s

---\\ Search Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

Run by Dario Jr at 05/02/2012 00:37:23

device: opened successfully

user: MBR read successfully

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x869431F8]<<

1 ntkrnlpa!IofCallDriver[0x83C47448] -> \Device\Harddisk0\DR0[0x87841AC8]

3 CLASSPNP[0x8C58659E] -> ntkrnlpa!IofCallDriver[0x83C47448] -> \Device\Ide\IdeDeviceP0T0L0-0[0x876C1908]

\Driver\atapi[0x876B83B8] -> IRP_MJ_CREATE -> 0x869431F8

kernel: MBR read successfully

user & kernel MBR OK

~ Scan MBR in 00mn 02s

---\\ Search Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by Dario Jr at 05/02/2012 00:37:25

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ Scan MBR in 00mn 04s

---\\ List of CD/DVD Emulators (MBR Hook)

O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/02/2010 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [691696]

~ Scan Emulateurs in 00mn 04s

End of the scan (1887 lines in 11mn 02s)(2)

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! sagatti

Seguem anexos os relatórios conforme você orientou. Cara, uma dúvida que eu tive aqui. Essa infecção que está no meu computador é muito grave?

|- Não! A gravidade seria se fosse rootkit ou infectors,o que não ocorre com sua máquina. Ela,apenas,apresentava adwares,PUPs e Toolbars maliciosas.

///°°°///

|- Lance,novamente,ToolbarShooter na opção "Suppression" ou "Delete".

|- Poste o relatório! ( Rapport de Suppression de ToolbarShooter )

///°°°///

|- Feche programas/pastas que estejam abertas.

|- Para Windows Vista,desabilite a UAC.

ZHPFix_Logo.jpg

|- Dê um duplo clique em ZHPFix.

|- Clique no menu,H < ZHPFix_Icone_H.jpg >

O45 - LFCP:[MD5.1EF59B005E8FE2454274C9B70BC6740C] - 04/02/2012 - 22:34:31 ---A- - C:\Windows\Prefetch\LongTermHist.db

O45 - LFCP:[MD5.952CE5CE4397C76DFEB4C4A455CA6B2F] - 04/02/2012 - 22:35:17 ---A- - C:\Windows\Prefetch\AgCx_SC2.db

O45 - LFCP:[MD5.461E4B7D7E10ACCD335FC096AE5D994F] - 04/02/2012 - 22:39:44 ---A- - C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-2014276812-2303388161-280020652-1000.db

O45 - LFCP:[MD5.06BA0B14C125026F2836E4EC4E444CD4] - 04/02/2012 - 22:39:44 ---A- - C:\Windows\Prefetch\AgGlUAD_S-1-5-21-2014276812-2303388161-280020652-1000.db

[HKLM\Software\Swearware]

[HKLM\Software\Classes\AppID\NCTAudioCompress3.DLL]

[HKLM\Software\Classes\AppID\NCTAudioFile3.DLL]

[HKLM\Software\Classes\AppID\NCTAudioFileWMA3.DLL]

[HKLM\Software\Classes\AppID\NCTAudioFormatSettings3.DLL]

[HKLM\Software\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}]

[HKLM\Software\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}]

[HKLM\Software\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}]

[HKLM\Software\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}]

[HKLM\Software\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}]

[HKLM\Software\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}]

[HKLM\Software\Classes\AppID\{5e50ae1d-bc76-418b-94c4-efeac0cef80c}]

[HKLM\Software\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}]

[HKLM\Software\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}]

[HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}]

[HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}]

[HKLM\Software\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}]

[HKLM\Software\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}]

[HKLM\Software\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}]

[HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}]

[HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}]

emptytemp

emptyflash

firewallraz

sysrestore

|- Copie e cole estas informações,que estão em vermelho,para o campo "amarelo claro" de ZHPFix.

|- Ps: Procure deixar o campo limpo,antes de colar as informações que estão na Quote.

|- Clique em GO -> Oui.

|- Ao concluir,e caso tenha desaparecido todos os ícones de seu desktop,faça o seguinte:

|- Abra o Gerenciador de tarefas. ( ctrl+alt+del )

|- Clique na aba "Aplicativos".

|- Clique em "Nova tarefa..."

|- Digite na caixa: explorer.exe

|- Clique em OK.

|- Poste o relatório: C:\ZHP\ZHPFix[R1].txt

|- Ps: Também,serão gerados os seguintes relatórios,que não serão postados!

|- ZHPExportRegistry-dia-mes-2012-hs-min-seg;

|- ZHPADSReport;

|- ZHPFixQuarantine;

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá Joram!

Muito obrigado pela paciência e disposição.

Fiz conforme recomendado e seguem os relatórios. Tive um pequeno problema após passar o ToolbarShooter na opção supression, eu escolhi a opção de reiniciar o sistema e perdi o relatório. Dessa forma, passei novamente, na opção recherche. Postarei abaixo o relatório gerado nessa opção. Peço desculpas pela falta de destreza.

abrs.

================================== Informations ==================================

Rapport de recherche de ToolbarShooter.

Outil développé par 2011N2

Contact : lot12@hotmail.fr

Site : http://2011n2.forumgratuit.fr/

Mis à jour le : 20/01/2012 à 19h45 par 2011N2

Début du scan de recherche : 23:32:47

Nom du PC : DARIOJR-PC

Système d'exploitation : Windows 7 Ultimate

Internet Explorer : 8.0.7600.16385

Mozilla Firefox : 9.0.1 (pt-BR)

Mozilla Firefox : version 5

Mozilla Firefox : version 6

############################# Toolbars, pups et adwares néfastes détéctés #############################

Clé présente : HKLM\Software\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}

Clé présente : HKLM\Software\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}

Clé présente : HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}

Clé présente : HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}

Clé présente : HKLM\Software\Classes\AppID\NCTAudioCompress3.DLL

Clé présente : HKLM\Software\Classes\AppID\NCTAudioFile3.DLL

Clé présente : HKLM\Software\Classes\AppID\NCTAudioFileWMA3.DLL

Clé présente : HKLM\Software\Classes\AppID\NCTAudioFormatSettings3.DLL

Clé présente : HKLM\Software\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}

Clé présente : HKLM\Software\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}

Clé présente : HKLM\Software\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}

Clé présente : HKLM\Software\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}

Clé présente : HKLM\Software\Classes\AppID\{5e50ae1d-bc76-418b-94c4-efeac0cef80c}

Clé présente : HKLM\Software\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}

Clé présente : HKLM\Software\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}

Clé présente : HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}

Clé présente : HKLM\Software\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}

Clé présente : HKLM\Software\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}

Clé présente : HKLM\Software\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}

Clé présente : HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}

===============================================

Fin du scan de recherche de ToolbarShooter à 23:35:00 par DARIOJR-PC

############### EOF ###############

Merci d'envoyer le rapport à cette adresse, en précisant la raison d'emploi de cet outil. Cela permettera au développeur d'effectuer d'éventuelles modifications : lot12@hotmail.fr

Merci de votre contribution !

-----------

Rapport de ZHPFix 1.12.3379 par Nicolas Coolman, Update du 22/01/2011

Fichier d'export Registre :

Run by Dario Jr at 06/02/2012 23:44:55

Windows 7 Ultimate Edition, 32-bit (Build 7600)

Web site : http://www.premiumorange.com/zeb-help-process/zhpfix.html

Web site : http://nicolascoolman.skyrock.com/

========== Registry Key ==========

DELETED Key: HKLM\Software\Swearware

DELETED Key: HKLM\Software\Classes\AppID\NCTAudioCompress3.DLL

DELETED Key: HKLM\Software\Classes\AppID\NCTAudioFile3.DLL

DELETED Key: HKLM\Software\Classes\AppID\NCTAudioFileWMA3.DLL

DELETED Key: HKLM\Software\Classes\AppID\NCTAudioFormatSettings3.DLL

DELETED Key: HKLM\Software\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}

DELETED Key: HKLM\Software\Classes\CLSID\{23BDC78C-B7BB-42E5-B970-54B292592D72}

DELETED Key: HKLM\Software\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}

DELETED Key: HKLM\Software\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}

DELETED Key: HKLM\Software\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}

DELETED Key: HKLM\Software\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}

DELETED Key: HKLM\Software\Classes\AppID\{5e50ae1d-bc76-418b-94c4-efeac0cef80c}

DELETED Key: HKLM\Software\Classes\AppID\{69E54DE2-C4ED-4BEC-8046-E3F9AC74B4B0}

DELETED Key: HKLM\Software\Classes\CLSID\{6BC38BF4-E84D-46E1-920B-42D31AEA617E}

DELETED Key: HKLM\Software\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}

DELETED Key: HKLM\Software\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}

DELETED Key: HKLM\Software\Classes\TypeLib\{85672EDB-2CC8-40B9-A9E8-77D3478F2EFB}

DELETED Key: HKLM\Software\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}

DELETED Key: HKLM\Software\Classes\CLSID\{D8BFC514-1135-4393-B09A-193D2AAC5037}

DELETED Key: HKLM\Software\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}

DELETED Key: HKLM\Software\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}

========== Registry Value ==========

No Value in Domain Profile Register Key FirewallRaz :

DELETED FirewallRaz (None) : {FB8E0939-98E3-4D75-B59A-F32E325425B4}

========== Repertory ==========

DELETED Window Temporary: : 80

DELETED Flash Cookies: 1

========== File ==========

DELETED File: c:\windows\prefetch\longtermhist.db

DELETED File: c:\windows\prefetch\agcx_sc2.db

DELETED File: c:\windows\prefetch\aggluad_p_s-1-5-21-2014276812-2303388161-280020652-1000.db

DELETED File: c:\windows\prefetch\aggluad_s-1-5-21-2014276812-2303388161-280020652-1000.db

DELETED Window Temporary: : 40

DELETED Flash Cookies: 0

========== Restoration ==========

Restore System Point created succefully

========== Summary ==========

21 : Registry Key

2 : Registry Value

2 : Repertory

6 : File

1 : Restoration

End of clean in 00mn 22s

========== Report File ==========

C:\ZHP\ZHPFix[R1].txt - 06/02/2012 23:44:55 [2836]

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! sagatti

Fiz conforme recomendado e seguem os relatórios. Tive um pequeno problema após passar o ToolbarShooter na opção supression, eu escolhi a opção de reiniciar o sistema e perdi o relatório. Dessa forma, passei novamente, na opção recherche. Postarei abaixo o relatório gerado nessa opção. Peço desculpas pela falta de destreza.

|- Não se preocupe,já que ZHPFix em idêntica detecção,removeu as entradas.

///°°°///

-------------

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com

O69 - SBI: SearchScopes [HKCU] {071AF45E-8EED-44BE-965D-21728179654F} - (Ask Search) - http://websearch.ask.com

-------------

|- Caso queira,cole no campo "amarelo claro" de ZHPFix estas entradas ou desabilite-as em seu navegador IE.

|- Clique em "GO",se optar pela .

|- Escolha a Google,para "SearchScopes" nas configurações do seu navegador.

///°°°///

-------------

---\\ Crack & Keygen Files (CKF) (O82)

C:\Pastas.area.de.trabalho\Desktop1\programas\Corel.draw.e.photoshop\CorelDraw_X4_Keygen_By_Eliseu32_www.TheRebels.de.rar

C:\Pastas.area.de.trabalho\Desktop1\programas\Corel.draw.e.photoshop\CorelDraw_X4_Keygen_By_Eliseu32_www.TheRebels.de.rar

~ Scan Files in 05mn 33s

-------------

|- Cracks e/ou Keygens,são pontos frágeis em sua máquina,podendo comprometer sua segurança.

|- Ps: Analistas Franceses são radicais quanto à esses objetos,e sempre pedem a remoção.

|- Fica,portanto,à seu critério essa decisão.

///°°°///

|- Baixe: |DelFix| ( ... de Xplode )

|- Estando na página,clique em "Télécharger",para o download.

|- Salve-a no desktop!

|- Feche aplicativos que estejam abertos.

DelFix_Suppression.jpg

|- Clique em "Suppression".

|- Ao concluir e para remover DelFix,abra a ferramenta e clique em "Désinstallation".

|- Seus logs estão limpos! (Y)

|- Sua solicitação,ao pedir essa análise,foi concluída!

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá Joram!

Muito obrigado pela ajuda!

Eu estou com um pouco de medo de ainda estar infectado. Ontem a noite eu entrei no email do yahoo para ver se continuava mandando spam para os contatos. E hoje cedo ainda havia alguns emails daquele tipo "failure-daemon" e um spam mandado de mim para mim sem que eu houvesse mandado.

Vou aguardar até a noite ou até amanhã para verificar novamente.

abrs e parabéns a você e ao forum pelo trabalho que desempenham e pelo profissionalismo.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá Joram!

Muito obrigado pela ajuda!

Eu estou com um pouco de medo de ainda estar infectado. Ontem a noite eu entrei no email do yahoo para ver se continuava mandando spam para os contatos. E hoje cedo ainda havia alguns emails daquele tipo "failure-daemon" e um spam mandado de mim para mim sem que eu houvesse mandado.

Vou aguardar até a noite ou até amanhã para verificar novamente.

abrs e parabéns a você e ao forum pelo trabalho que desempenham e pelo profissionalismo.

Olá!

|- Redefina todas as senhas utilizadas ( MSN,ORKUT,FACEBOOK,OUTLOOK,EMAIL,SOFTWARES,... ).

|- Utilize um bom gerenciador de senhas!

|- Creio que isso minimizará ou eliminará esse problema.

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Crie uma conta ou entre para comentar

Você precisar ser um membro para fazer um comentário

Entre para seguir isso  

×