cozal

Bonsoir, Suite à mon post du scan de ZHPDiag, auriez-vous une idée sur la cause du problème, ainsi que sur la manière de le solutionner ? Merci d'avance Cozal

Bonsoir, Je ne sais pas si cela a encore une grande importance, mais je viens finalement de mettre la main sur le rapport de ZHPFix demandé... A tout hasard, je le poste ici : Rapport de ZHPFix 1.12.3345 par Nicolas Coolman, Update du 29/07/2011 Fichier d'export Registre : Run by corujinha at 05/08/2011 23:27:40 Windows Vista Business Edition, 32-bit Service Pack 2 (Build 6002) Web site : ZHPFix Fix de rapport ========== Registry Key ========== NOT FOUND Key: HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF NOT FOUND Key: CLSID BHO: {ba14329e-9550-4989-b3f2-9732e92d17cc} NOT FOUND Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed} NOT FOUND Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc} NOT FOUND Key: HKLM\Software\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc} NOT FOUND Key: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc} ========== Registry Value ========== NOT FOUND URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} NOT FOUND Toolbar: {ba14329e-9550-4989-b3f2-9732e92d17cc} ========== Repertory ========== NOT FOUND C:\Users\corujinha\AppData\Local\CutePDF Writer NOT FOUND C:\Users\corujinha\AppData\Local\Dados de aplicativos NOT FOUND C:\Users\corujinha\AppData\Local\Histórico NOT FOUND C:\Users\corujinha\AppData\Local\{018F1EE4-B58E-4C0E-89F2-6856FDC3B917} NOT FOUND C:\Users\corujinha\AppData\Local\{02E3BFB1-F94F-49C0-A723-C17E74C7C86D} NOT FOUND C:\Users\corujinha\AppData\Local\{033494B9-870C-4B48-ADC7-726945ACBC2E} NOT FOUND C:\Users\corujinha\AppData\Local\{0830C722-31DA-410B-AA69-7E09E896B674} NOT FOUND C:\Users\corujinha\AppData\Local\{09D9838D-523A-4CEC-B956-27E4F3FAD5D4} NOT FOUND C:\Users\corujinha\AppData\Local\{1815FE0F-CEF2-4385-87A3-A5092FBADB74} NOT FOUND C:\Users\corujinha\AppData\Local\{182AA854-CFA1-4226-96B8-620690662D70} NOT FOUND C:\Users\corujinha\AppData\Local\{19A279D9-2BC7-4F25-9A9F-4082762CB71F} NOT FOUND C:\Users\corujinha\AppData\Local\{19C44CF4-5394-4A2B-8DB7-A38EB69566AA} NOT FOUND C:\Users\corujinha\AppData\Local\{1BA08E1B-367A-4E24-8DB8-4E802F26C096} NOT FOUND C:\Users\corujinha\AppData\Local\{1DD1BBDB-AAEA-497F-9866-223BB3386D2A} NOT FOUND C:\Users\corujinha\AppData\Local\{1E54A9D3-B8A5-41D3-B397-44F65D857166} NOT FOUND C:\Users\corujinha\AppData\Local\{20442B02-EE02-4BE7-8D5C-31E2E311C2C2} NOT FOUND C:\Users\corujinha\AppData\Local\{220AAF6D-65ED-4533-853D-B99DA59D2241} NOT FOUND C:\Users\corujinha\AppData\Local\{23754063-EA57-4EEE-9BB5-641158765AC7} NOT FOUND C:\Users\corujinha\AppData\Local\{26B93DA6-9987-4B5D-8DCE-987C38C45805} NOT FOUND C:\Users\corujinha\AppData\Local\{276E4A9F-9E05-4238-8106-74817A68C34B} NOT FOUND C:\Users\corujinha\AppData\Local\{291D1164-A302-44B0-99E7-662598AD085A} NOT FOUND C:\Users\corujinha\AppData\Local\{2C31306C-3041-44BA-A997-13F8DF8905CB} NOT FOUND C:\Users\corujinha\AppData\Local\{2E8C98D2-CF4A-402D-8761-DFC3220EC7F8} NOT FOUND C:\Users\corujinha\AppData\Local\{3513A5C6-FAC5-43E8-AFD7-9AEECCD50684} NOT FOUND C:\Users\corujinha\AppData\Local\{361EC55B-75F5-4962-9FF8-5DF8101CC9FC} NOT FOUND C:\Users\corujinha\AppData\Local\{39490D63-6C8C-4D14-9B3E-825BD3495CEA} NOT FOUND C:\Users\corujinha\AppData\Local\{3D816EEE-5CFD-45BC-9AAC-199481578C60} NOT FOUND C:\Users\corujinha\AppData\Local\{40D9B0D1-80E9-4376-A168-7B1C4764909B} NOT FOUND C:\Users\corujinha\AppData\Local\{430A6A3C-DDC4-4A79-9177-A29D0B2C74C9} NOT FOUND C:\Users\corujinha\AppData\Local\{4320AE73-0039-4571-9B3B-D3A0BA50065A} NOT FOUND C:\Users\corujinha\AppData\Local\{437E607F-39DA-4C7C-9EBA-7075E144F85E} NOT FOUND C:\Users\corujinha\AppData\Local\{4488F9FB-2637-4B6A-86DB-3B3A655A943B} NOT FOUND C:\Users\corujinha\AppData\Local\{46361E9F-4220-4B50-811A-1148B2E696C5} NOT FOUND C:\Users\corujinha\AppData\Local\{48D5F168-D4DD-4DDC-A8E3-D3A8F6992FA7} NOT FOUND C:\Users\corujinha\AppData\Local\{4A643743-5186-4B96-B8D8-36D68F05BFFE} NOT FOUND C:\Users\corujinha\AppData\Local\{5895521B-458B-48EF-BC61-BF15B0D88E53} NOT FOUND C:\Users\corujinha\AppData\Local\{591679C5-5AB9-47CC-A0C7-59916D1BB608} NOT FOUND C:\Users\corujinha\AppData\Local\{61B656A6-1814-4E34-B1B2-AFC00E641178} NOT FOUND C:\Users\corujinha\AppData\Local\{61F61048-4EE7-4DAB-8F48-5FDC55FC5837} NOT FOUND C:\Users\corujinha\AppData\Local\{64444A28-25F2-4EC2-B749-365B05B43961} NOT FOUND C:\Users\corujinha\AppData\Local\{660FD213-DB6D-416E-AA1D-C2EADD2861F3} NOT FOUND C:\Users\corujinha\AppData\Local\{67CC578C-2443-424E-BCC3-BDDB70C72941} NOT FOUND C:\Users\corujinha\AppData\Local\{6D366B1D-C967-4105-9620-C9C74CAB5C3B} NOT FOUND C:\Users\corujinha\AppData\Local\{6DB46326-3860-495B-9AD9-E89B862E08B3} NOT FOUND C:\Users\corujinha\AppData\Local\{7623BD5E-92E7-4E78-9DED-8C88845F1793} NOT FOUND C:\Users\corujinha\AppData\Local\{7D4856D2-463C-45C6-8B72-30074C0A917F} NOT FOUND C:\Users\corujinha\AppData\Local\{80532E09-B064-43CB-A673-862024BE7918} NOT FOUND C:\Users\corujinha\AppData\Local\{8A270BBC-89DF-4525-9E54-F1CBA6F1CF80} NOT FOUND C:\Users\corujinha\AppData\Local\{8EA54010-8F98-424A-BF02-B5F6EC43A09D} NOT FOUND C:\Users\corujinha\AppData\Local\{92D99913-B48E-4626-A5DD-64B40D24A835} NOT FOUND C:\Users\corujinha\AppData\Local\{94164EE7-A538-4CA4-A2B5-A3B9A620D169} NOT FOUND C:\Users\corujinha\AppData\Local\{979F10EF-11D5-4AAD-BBB0-03EDF83D6FDD} NOT FOUND C:\Users\corujinha\AppData\Local\{9A87BF15-756B-4BD8-825E-BE27891FD80E} NOT FOUND C:\Users\corujinha\AppData\Local\{9B74FACC-1B01-449D-9C3B-CA34226B112B} NOT FOUND C:\Users\corujinha\AppData\Local\{9D2803EF-C278-4FDC-8124-6C3314F4F853} NOT FOUND C:\Users\corujinha\AppData\Local\{9EE48F95-64CD-4BF6-8001-AF927EA8A2C0} NOT FOUND C:\Users\corujinha\AppData\Local\{A1F05D62-E694-48E9-BD1A-2F51001D1FF1} NOT FOUND C:\Users\corujinha\AppData\Local\{A21B45C7-ABC9-4E8E-A1B1-BDB8F5055AC9} NOT FOUND C:\Users\corujinha\AppData\Local\{AB2A4824-A627-4438-90A8-EC873868C7CD} NOT FOUND C:\Users\corujinha\AppData\Local\{B684B369-4CE5-4674-A55A-FB2D322DD414} NOT FOUND C:\Users\corujinha\AppData\Local\{B94EDB4A-759D-48D4-A4F8-8E0541B990E7} NOT FOUND C:\Users\corujinha\AppData\Local\{BC3B7749-C416-47CF-8F4F-964555371CB8} NOT FOUND C:\Users\corujinha\AppData\Local\{BC3DC12D-6F6F-4234-A4BD-D68F6AF93D2F} NOT FOUND C:\Users\corujinha\AppData\Local\{C15F4F68-CC5D-4ECC-B969-AB2437990134} NOT FOUND C:\Users\corujinha\AppData\Local\{C27B8DA0-8AA5-4B0D-AB74-0010B8A2B13A} NOT FOUND C:\Users\corujinha\AppData\Local\{C8C4D6A4-1A42-4B4F-ABC4-C3AF12780862} NOT FOUND C:\Users\corujinha\AppData\Local\{CFA97154-3488-4A2D-8723-657C8E3A3D09} NOT FOUND C:\Users\corujinha\AppData\Local\{D2DF8878-733E-4F68-AF84-EBE953DCE55D} NOT FOUND C:\Users\corujinha\AppData\Local\{D4E05098-888B-4C4B-A8CF-EBBF90DD3452} NOT FOUND C:\Users\corujinha\AppData\Local\{E81CBFF5-D574-405D-BD52-74BF421DA953} NOT FOUND C:\Users\corujinha\AppData\Local\{F5DB81BC-3EAA-4275-BF8B-13908249F151} NOT FOUND C:\Users\corujinha\AppData\Local\{F8FF16DC-0FD7-4DD4-A0A8-AEDAE6BF00AF} NOT FOUND C:\Users\corujinha\AppData\Local\{FDFB3E75-5A96-44F0-BF1D-54E4D4BA7FB7} ========== File ========== NOT FOUND File: c:\users\corujinha\desktop\lixeira - atalho.lnk NOT FOUND File: c:\program files\vuze_remote\tbvuze.dll NOT FOUND Folder/File: c:\users\corujinha\appdata\locallow\vuze_remote ========== Summary ========== 6 : Registry Key 2 : Registry Value 73 : Repertory 3 : File ========== Report File ========== C:\Users\corujinha\Desktop\ZHPDiag\ZHPFixReport.txt End of the scan in 00mn 00s Cozal

Bonsoir, Voici donc le rapport généré par ZHPDiag : Rapport de ZHPDiag v1.28.09 par Nicolas Coolman, Update du 01/08/2011 Run by corujinha at 06/08/2011 19:21:09 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v7.0.6002.18005 MFIE: Mozilla Firefox 5.0 v (Defaut) ---\\ System Information Windows Vista Business Edition, 32-bit Service Pack 2 (Build 6002) ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2037 MB (44% free) System Restore: Activé (Enable) System drive C: has 19 GB (14%) free of 134 GB ---\\ Logged in mode ~ Computer Name: CORUJINHA-PC ~ User Name: corujinha ~ All Users Names: corujinha, Convidado, Administrador, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ %AppData%=C:\Users\corujinha\AppData\Roaming\ ~ %Desktop%=C:\Users\corujinha\Desktop\ ~ %Favorites%=C:\Users\corujinha\Favorites\ ~ %LocalAppData%=C:\Users\corujinha\AppData\Local\ ~ %StartMenu%=C:\Users\corujinha\AppData\Roaming\Microsoft\Windows\Start Menu\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 19 Go of 134 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 14 Go of 15 Go) E:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Search Generic System Files [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Windows Explorer.) (.25/10/2009 - 03:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 06:45:37.) -- C:\Windows\system32\rundll32.exe [44544] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.20/01/2008 - 23:24:09.) -- C:\Windows\system32\Wininit.exe [96768] [MD5.17413EF7D95632D892B4C914CD7E66F9] - (.Microsoft Corporation - Internet Extensions para Win32.) (.26/06/2011 - 13:04:00.) -- C:\Windows\system32\wininet.dll [834048] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.25/10/2009 - 03:28:13.) -- C:\Windows\system32\Winlogon.exe [314368] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.25/10/2009 - 03:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.25/10/2009 - 03:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880] ~ Scan Generic Processes in 00mn 00s ---\\ Hidden files state (Hidden/Total) ~ Mes images (My Pictures) : 2/422 ~ Mes musiques (My Musics) : 109/258 ~ Mes Videos (My Videos) : 1/119 ~ Mes Favoris (My Favorites) : 2/20 ~ Mes Documents (My Documents) : 9/320 ~ Mon Bureau (My Desktop) : 40/1499 ~ Menu demarrer (Programs) : 6/30 ~ Scan Hidden Files in 00mn 05s ---\\ Running Processes [MD5.4A0C0730F86A78A6F1F4FD6AD193559A] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe [163840] [MD5.0427F6DC2EC567E64E713D1E92EE0EBA] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [150040] [MD5.C4A1448E8AE9F8040843C9827E511489] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [170520] [MD5.A6A8CA7E52B09BE45205FE0B70278E34] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [141848] [MD5.6A24E3226D05F29B553BBFFD942CFA7F] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [MD5.0940767CB618E3EDD744161A00ADE5DB] - (.CyberLink Corp. - CyberLink PowerDVD Resident Program.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128296] [MD5.062F3DB9AFA9C3CE0DA52F28595C0C6D] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152] [MD5.644795F6985C740F5E36E9336B837D0B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072] [MD5.7B2FB514D71FD9C5BFFB5443DB4551FE] - (...) -- C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [375296] [MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [MD5.43D083268A0919F3527A2837390BAF63] - (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032] [MD5.5D539617604E953FD2DF852F4B51A383] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [15141768] [MD5.EBB4A681D342E9ED65B8FE6D3ACE53F7] - (.TOSHIBA CORPORATION. - TosBtMng.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2938184] [MD5.D9335549EAE48B14FB66EFCB6FFAE736] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [214360] [MD5.DF7F51A7B97AFF3A80F5C2EF18C1AB4C] - (.TOSHIBA CORPORATION. - TosA2dp.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe [278528] [MD5.F2A71A0ACE6148BED49ACBA0EB436032] - (.TOSHIBA CORPORATION. - TosBtHid.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe [77824] [MD5.D16577B7E9876395C773B60057FE0768] - (.TOSHIBA CORPORATION. - TosBtHSP.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe [288072] [MD5.00644093CF916D7DFC639AF8AE799097] - (.TOSHIBA CORPORATION. - TosAVRC.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe [288072] [MD5.2FF2881A479A5963562F365B61A25223] - (.TOSHIBA CORPORATION. - tosOBEX.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe [316744] [MD5.2E75F0B925DF08F5A43A2118E94D4DF7] - (.TOSHIBA CORPORATION. - TosBtProc.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe [2577736] [MD5.B70278D1459A677639D51892160FD365] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [184320] [MD5.42370C1DE2B83844B253478DB8A907D5] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe [50736] [MD5.7E04B1ADE140F483A6581461568D8D9C] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [610304] [MD5.8D78BE3690DB07A2FD03D2A6B61E3DCD] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\DellTPad\Apntex.exe [49152] [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [MD5.8FC85C14B6316745670816F98693A100] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [262144] [MD5.C574C551637734B13278898FE2D12D15] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\HidFind.exe [40960] [MD5.6C9CD3ECBA6732661C8BBE37A877A2BD] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632] [MD5.4486AD32BB05628967695FCA1BADD46E] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [MD5.D314901F9F9F1B0CB4F7C7B09AE1AF13] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Users\corujinha\Desktop\ZHPDiag\ZHPDiag.exe [662528] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Serviço de Licenciamento de Software Micros.) -- C:\Windows\system32\SLsvc.exe [3408896] [MD5.D16C826F375A44802BF317982E81A7E2] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184] [MD5.11A52CF7B265631DEEB24C6149309EFF] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [64952] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [322120] [MD5.2E7315B147E524E055026E6634B14EA6] - (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [128360] [MD5.CD5F291A1161F15896D1A4D63DAFF5DF] - (.Conexant Systems, Inc. - Modem Audio Service.) -- C:\Windows\system32\DRIVERS\xaudio.exe [386560] [MD5.97D9D6A04E3AD9B6C626B9931DB78DBA] - (.Microsoft Corporation - Instalador de Módulos do Windows.) -- C:\Windows\servicing\TrustedInstaller.exe [39424] ~ Scan Processes Running in 00mn 02s ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) C:\Users\corujinha\AppData\Roaming\Mozilla\Firefox\Profiles\hlkv4or2.default\prefs.js M3 - MFPP: Plugins - [corujinha] -- C:\Program Files\Mozilla FireFox\searchplugins\buscape.xml M3 - MFPP: Plugins - [corujinha] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [corujinha] -- C:\Program Files\Mozilla FireFox\searchplugins\mercadolivre.xml M3 - MFPP: Plugins - [corujinha] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-br.xml M3 - MFPP: Plugins - [corujinha] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-br.xml M0 - MFSP: prefs.js [corujinha - hlkv4or2.default] www.oglobo.com.br M2 - MFEP: prefs.js [corujinha - hlkv4or2.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.) M2 - MFEP: prefs.js [corujinha - hlkv4or2.default\{87F8774F-B485-47E2-A755-A40A8A5E886D}] [] Adicional de Seguranca CAIXA® v1.2.1 (.Caixa Economica Federal.) P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R0 - HKUS\S-1-5-21-2990941135-3298887461-2793883844-1000\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (...) (No version) -- (.not file.) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.16386 (vista_rtm.061101-2205)) -- C:\Windows\system32\ieframe.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Changed inifile Value, Mapped to Registry (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Hosts file redirection (O1) ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects (O2) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation - Bing Bar.) -- C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer toolbars (O3) O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation - Bing Bar.) -- C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll ~ Scan Toolbar in 00mn 00s ---\\ Auto loading programs from Registry and folders (O4) O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [iTSecMng] . (. TOSHIBA CORPORATION - IT Security Manager for Toshiba Stack.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe O4 - HKLM\..\Run: [PDVDDXSrv] . (.CyberLink Corp. - CyberLink PowerDVD Resident Program.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe O4 - HKLM\..\Run: [Philips Device Listener] . (...) -- C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKCU\..\Run: [iSUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O4 - HKUS\S-1-5-21-2990941135-3298887461-2793883844-1000\..\Run: [iSUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe O4 - HKUS\S-1-5-21-2990941135-3298887461-2793883844-1000\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe ~ Scan Application in 00mn 00s ---\\ Other User Links (O4) O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\corujinha\Desktop\aurelio - Atalho.lnk . (.Positivo.) -- C:\Program Files\Positivo\Miniaurelio\aurelio.exe O4 - Global Startup: C:\Users\corujinha\Desktop\avast! Free Antivirus.lnk . (.AVAST Software.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe O4 - Global Startup: C:\Users\corujinha\Desktop\Calculator.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\calc.exe O4 - Global Startup: C:\Users\corujinha\Desktop\Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe O4 - Global Startup: C:\Users\corujinha\Desktop\Videos.lnk . (...) -- C:\Users\corujinha\Documents O4 - Global Startup: C:\Users\corujinha\Desktop\Windows Live Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Mail\wlmail.exe O4 - Global Startup: C:\Users\corujinha\Desktop\Windows Live Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IsoBuster.lnk . (.Smart Projects.) -- C:\Program Files\Smart Projects\IsoBuster\IsoBuster.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Philips Songbird.lnk . (.Koninklijke Philips Electronics N.V..) -- C:\Program Files\Philips\Philips Songbird\Philips-Songbird.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\TimeAdjuster.lnk . (...) -- C:\Program Files\TimeAdjuster\time_adjuster.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VLC media player.lnk . (...) -- C:\Program Files\VideoLAN\VLC\vlc.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk . (.Vuze Inc..) -- C:\Program Files\Vuze\Azureus.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe ~ Scan Global Startup in 00mn 00s ---\\ Extra items in the IE right-click menu (O8) O8 - Extra context menu item: Add to AMV Converter... . (...) -- C:\Program Files\MP3 Player Utilities 4.09\AMVConverter\grab.html O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: E&xportar para o Microsoft Excel - (.not file.) - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe O8 - Extra context menu item: MediaManager tool grab multimedia file . (...) -- C:\Program Files\MP3 Player Utilities 4.09\MediaManager\grab.html ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9) O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Enviar para o OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO O9 - Extra button: &Enviar para o OneNote - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ~ Scan Winsock in 00mn 00s ---\\ Lop.com/Domain Hijackers (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{7B03977E-71E6-4F71-8ABD-7AB99876BE76}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{7B03977E-71E6-4F71-8ABD-7AB99876BE76}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{7B03977E-71E6-4F71-8ABD-7AB99876BE76}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{7B03977E-71E6-4F71-8ABD-7AB99876BE76}: DhcpNameServer = 192.168.0.1 ~ Scan Domain in 00mn 00s ---\\ Extra protocols (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 00s ---\\ AppInit_DLLs Registry value Autorun (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Scan Winlogon in 00mn 00s ---\\ ShellServiceObjectDelayLoad (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Monitor de Sites.) -- C:\Windows\system32\webcheck.dll ~ Scan SSODL in 00mn 00s ---\\ SharedTaskScheduler (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\Windows\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: XAudioService (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe ~ Scan Services in 00mn 00s ---\\ Windows Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe ~ Scan Desktop Component in 00mn 00s ---\\ Task Planned Automatically(039) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{5560F1BD-5211-442D-ADCA-8EE1E2EC9450}.job ~ Scan Scheduled Task in 00mn 02s ---\\ Drivers launched at startup (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Driver de porta i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Driver de Classe de Teclado.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Driver de classe modem.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (Tosrfcom) . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) - C:\Windows\System32\Drivers\tosrfcom.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys ~ Scan Drivers in 00mn 00s ---\\ Software installed (O42) O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: 7-Zip 4.65 - (.Unknown owner.) [HKLM] -- 7-Zip O42 - Logiciel: AIFF MP3 Converter v3.1 build 946 - (.Hoo Technologies.) [HKLM] -- {5494AFBC-3EC2-463A-BD6C-EAFB62EB6EE9}_is1 O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Any Video Converter 3.0.7 - (.Any-Video-Converter.com.) [HKLM] -- Any Video Converter_is1 O42 - Logiciel: Arquivo do WinRAR - (.Unknown owner.) [HKLM] -- WinRAR archiver O42 - Logiciel: Atualização do produto Microsoft Office Excel 2007 Help (KB963678) - (.Microsoft.) [HKLM] -- {90120000-0016-0416-0000-0000000FF1CE}_OMUI.pt-br_{717C9095-8AAE-41CB-B046-BD6E8399F4F3} O42 - Logiciel: Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) - (.Microsoft.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE}_OMUI.pt-br_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA} O42 - Logiciel: Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) - (.Microsoft.) [HKLM] -- {90120000-0018-0416-0000-0000000FF1CE}_OMUI.pt-br_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8} O42 - Logiciel: Atualização do produto Microsoft Office Word 2007 Help (KB963665) - (.Microsoft.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE}_OMUI.pt-br_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3} O42 - Logiciel: Barra do Bing - (.Microsoft Corporation.) [HKLM] -- {08234a0d-cf39-4dca-99f0-0c5cb496da81} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM] -- CNXT_AUDIO_HDA O42 - Logiciel: CutePDF Writer 2.8 - (.Unknown owner.) [HKLM] -- CutePDF Writer Installation O42 - Logiciel: Dell Touchpad - (.Alps Electric.) [HKLM] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} O42 - Logiciel: DigiMax 2.0 - (.WT Software.) [HKLM] -- DigiMax_is1 O42 - Logiciel: Digicerto Master 2.3.2 - (.RkSoft Desenvolvimentos.) [HKLM] -- Digicerto Master_is1 O42 - Logiciel: FastStone Photo Resizer 3.0 - (.FastStone Soft..) [HKLM] -- FastStone Photo Resizer O42 - Logiciel: Free WMA to MP3 Converter 1.16 - (.Jodix Technologies Ltd..) [HKLM] -- Free WMA to MP3 Converter_is1 O42 - Logiciel: HDAUDIO Soft Data Fax Modem with SmartCP - (.Conexant Systems.) [HKLM] -- CNXT_MODEM_HDA_HSF O42 - Logiciel: HP Customer Participation Program 10.0 - (.HP.) [HKLM] -- HPExtendedCapabilities O42 - Logiciel: HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3 - (.HP.) [HKLM] -- {AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2} O42 - Logiciel: HP Imaging Device Functions 10.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP Photosmart Essential 2.5 - (.HP.) [HKLM] -- HP Photosmart Essential O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM] -- HP Smart Web Printing O42 - Logiciel: HP Solution Center 10.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: IsoBuster 2.8.5 - (.Smart Projects.) [HKLM] -- IsoBuster_is1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-0416-0000-0000000FF1CE}_OMUI.pt-br_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0100-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0101-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE O42 - Logiciel: Microsoft Office Language Pack 2007 - Portuguese/Português (Brasil) - (.Microsoft Corporation.) [HKLM] -- OMUI.pt-br O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0416-0000-0000000FF1CE}_OMUI.pt-br_{75EBE365-7FC5-4720-A7D3-804BF550D1BC} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0017-0416-0000-0000000FF1CE}_OMUI.pt-br_{06505BF4-1BDC-494D-8336-7069BA950039} O42 - Logiciel: Mozilla Firefox 5.0 (x86 pt-BR) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 pt-BR) O42 - Logiciel: Pacote de Idiomas do Microsoft .NET Framework 3.5 SP1 - PTB - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - ptb O42 - Logiciel: Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile PTB Language Pack O42 - Logiciel: Philips Songbird - (.Koninklijke Philips Electronics N.V..) [HKLM] -- Philips Songbird O42 - Logiciel: PowerDVD - (.Dell.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1} O42 - Logiciel: Roxio EasyWrite Reader - (.Unknown owner.) [HKLM] -- Roxio MRFilter O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD0DE453-0804-4495-9C91-33D0F9AA5463} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD907315-705A-4475-A1A0-2A1245803E4D} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A0173254-F442-4D04-9154-43FA157B83D0} O42 - Logiciel: Security Update for Microsoft Office Groove 2007 (KB2494047) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5D930261-AA5B-48D1-931F-425C9D767490} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A4CDE54-2403-483D-8D9A-15E3264410DF} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {20A15757-4AE4-3C82-9711-863C84AFE6AA}.KB2478663 O42 - Logiciel: Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {20A15757-4AE4-3C82-9711-863C84AFE6AA}.KB2518870 O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies O42 - Logiciel: Time Adjuster STANDARD 3.1 - (.IrekSoftware.com.) [HKCU] -- TimeAdjuster O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft Office 2007 Help for Common Features (KB963673) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42} O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} O42 - Logiciel: Update for Microsoft Office Access 2007 Help (KB963663) - (.Microsoft.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987} O42 - Logiciel: Update for Microsoft Office Excel 2007 Help (KB963678) - (.Microsoft.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9} O42 - Logiciel: Update for Microsoft Office Infopath 2007 Help (KB963662) - (.Microsoft.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63} O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF} O42 - Logiciel: Update for Microsoft Office OneNote 2007 Help (KB963670) - (.Microsoft.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1365864D-4C58-489D-9982-844D75691CCC} O42 - Logiciel: Update for Microsoft Office Outlook 2007 Help (KB963677) - (.Microsoft.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784} O42 - Logiciel: Update for Microsoft Office Powerpoint 2007 Help (KB963669) - (.Microsoft.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876} O42 - Logiciel: Update for Microsoft Office Publisher 2007 Help (KB963667) - (.Microsoft.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F} O42 - Logiciel: Update for Microsoft Office Script Editor Help (KB963671) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C} O42 - Logiciel: Update for Microsoft Office Word 2007 Help (KB963665) - (.Microsoft.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2553975) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{59D8F1FE-7B08-4F0E-840C-D1BF93D22A6C} O42 - Logiciel: VDownloader 1.0 - (.Enrique Puertas.) [HKLM] -- {CA567AD5-33A4-403D-86D1-EE2D38251951}_is1 O42 - Logiciel: VLC media player 1.0.1 - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 O42 - Logiciel: Vuze - (.Vuze Inc..) [HKLM] -- 8461-7759-5462-8226 O42 - Logiciel: Vuze Remote Toolbar - (.Vuze Remote.) [HKLM] -- Vuze_Remote Toolbar O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: aTube Catcher - (.DsNET Corp.) [HKLM] -- aTube Catcher O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\ALWIL Software] [HKCU\Software\AVAST Software] [HKCU\Software\Acro Software Inc] [HKCU\Software\Adobe] [HKCU\Software\Alps] [HKCU\Software\AnvSoft] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Vuze_Remote] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Azureus] [HKCU\Software\CDDB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Cyberlink] [HKCU\Software\EasyBits] [HKCU\Software\GbPlugin] [HKCU\Software\Hewlett-Packard] [HKCU\Software\HooTech AIFF MP3 Converter] [HKCU\Software\IM Providers] [HKCU\Software\InstallShield] [HKCU\Software\Intel] [HKCU\Software\IrekZielinskiSoft] [HKCU\Software\JavaSoft] [HKCU\Software\L&H] [HKCU\Software\Lavasoft] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MicroVision] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Philips Songbird] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Positivo] [HKCU\Software\Raptr] [HKCU\Software\RkSoft] [HKCU\Software\Roxio] [HKCU\Software\Skype] [HKCU\Software\Smart Projects] [HKCU\Software\Sonic] [HKCU\Software\Sysinternals] [HKCU\Software\Toshiba] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Windows Live Writer] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\ej-technologies] [HKCU\Software\kde.org] [HKCU\Software\yahooinstall] [HKLM\Software\ALWIL Software] [HKLM\Software\ATI Technologies] [HKLM\Software\AVAST Software] [HKLM\Software\Acro Software Inc] [HKLM\Software\Adobe] [HKLM\Software\Alps] [HKLM\Software\AppDataLow] [HKLM\Software\Azureus] [HKLM\Software\CXT] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Conexant Systems] [HKLM\Software\Conexant] [HKLM\Software\CyberLink] [HKLM\Software\Dell] [HKLM\Software\DsNETCorp] [HKLM\Software\GPL Ghostscript] [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\Hewlett-Packard] [HKLM\Software\ICE] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\Jodix] [HKLM\Software\JreMetrics] [HKLM\Software\L&H] [HKLM\Software\Lavasoft] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MicroVision] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Positivo] [HKLM\Software\RegisteredApplications] [HKLM\Software\RkSoft] [HKLM\Software\Roxio] [HKLM\Software\Skype] [HKLM\Software\Songbird] [HKLM\Software\Sonic] [HKLM\Software\Swearware] [HKLM\Software\Symantec] [HKLM\Software\Toshiba] [HKLM\Software\VideoLAN] [HKLM\Software\Volatile] [HKLM\Software\Vuze_Remote] [HKLM\Software\WOW6432Node] [HKLM\Software\WinRAR] [HKLM\Software\Xerox] [HKLM\Software\ej-technologies] [HKLM\Software\mozilla.org] ~ Scan Softwares in 00mn 00s ---\\ Contents of the Common Files folders (O43) O43 - CFD: 08/11/2010 - 10:14:42 - [3094515] ----D- C:\Program Files\7-Zip O43 - CFD: 07/10/2009 - 23:02:50 - [299589] ----D- C:\Program Files\Acro Software O43 - CFD: 28/06/2011 - 12:11:04 - [183041510] ----D- C:\Program Files\Adobe O43 - CFD: 05/10/2010 - 08:56:34 - [158670809] ----D- C:\Program Files\Alwil Software O43 - CFD: 30/08/2010 - 23:39:24 - [66939855] ----D- C:\Program Files\AnvSoft O43 - CFD: 21/08/2009 - 20:53:38 - [0] -SH-D- C:\Program Files\Arquivos Comuns O43 - CFD: 06/01/2011 - 22:27:00 - [34840475] ----D- C:\Program Files\aTube Catcher O43 - CFD: 20/10/2010 - 10:03:10 - [999006] ----D- C:\Program Files\Bing Bar Installer O43 - CFD: 29/07/2011 - 08:41:40 - [4068448] ----D- C:\Program Files\CCleaner O43 - CFD: 30/07/2011 - 16:02:00 - [984907699] ----D- C:\Program Files\Common Files O43 - CFD: 23/07/2009 - 17:12:58 - [2048000] ----D- C:\Program Files\CONEXANT O43 - CFD: 23/07/2009 - 23:20:32 - [44987551] ----D- C:\Program Files\CyberLink O43 - CFD: 24/07/2009 - 01:06:42 - [8046128] ----D- C:\Program Files\DellTPad O43 - CFD: 11/05/2010 - 21:18:40 - [17221484] ----D- C:\Program Files\DsNET Corp O43 - CFD: 22/10/2010 - 23:22:36 - [1531590] ----D- C:\Program Files\FastStone Photo Resizer O43 - CFD: 20/10/2010 - 23:04:16 - [2948999] ----D- C:\Program Files\Free WMA to MP3 Converter O43 - CFD: 07/10/2009 - 23:11:54 - [8075602] ----D- C:\Program Files\GPLGS O43 - CFD: 25/09/2009 - 23:22:34 - [0] ----D- C:\Program Files\Hewlett-Packard O43 - CFD: 17/08/2010 - 20:10:34 - [12987281] ----D- C:\Program Files\HooTech AIFF MP3 Converter O43 - CFD: 25/09/2009 - 23:23:04 - [153636290] ----D- C:\Program Files\HP O43 - CFD: 25/11/2009 - 19:39:22 - [6037830] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 27/06/2011 - 12:21:42 - [1560083] ----D- C:\Program Files\Internet Explorer O43 - CFD: 22/07/2011 - 08:33:30 - [90783816] ----D- C:\Program Files\Java O43 - CFD: 31/07/2011 - 00:15:46 - [0] ----D- C:\Program Files\Lavasoft O43 - CFD: 25/11/2009 - 19:39:32 - [45] ----D- C:\Program Files\Logitech O43 - CFD: 23/07/2009 - 23:22:50 - [2664525] ----D- C:\Program Files\Microsoft O43 - CFD: 01/07/2011 - 09:28:00 - [881669368] ----D- C:\Program Files\Microsoft Office O43 - CFD: 27/06/2011 - 13:56:06 - [38411899] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 23/07/2009 - 23:23:58 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 22/08/2009 - 20:02:48 - [14904] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 25/10/2009 - 12:59:06 - [1529094] ----D- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 16/12/2010 - 08:00:54 - [132397225] ----D- C:\Program Files\Microsoft Works O43 - CFD: 10/05/2011 - 07:34:26 - [8167779] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 12/08/2010 - 09:47:20 - [20444966] ----D- C:\Program Files\Movie Maker O43 - CFD: 26/06/2011 - 21:10:52 - [42474110] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 13/05/2010 - 17:15:54 - [24679388] ----D- C:\Program Files\MP3 Player Utilities 4.09 O43 - CFD: 25/10/2009 - 13:05:22 - [26521] ----D- C:\Program Files\MSBuild O43 - CFD: 20/10/2010 - 10:02:24 - [6834838] ----D- C:\Program Files\MSN Toolbar O43 - CFD: 28/09/2009 - 22:24:04 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 02/09/2010 - 02:02:14 - [104851319] ----D- C:\Program Files\Philips O43 - CFD: 08/11/2009 - 19:13:54 - [34147916] ----D- C:\Program Files\Positivo O43 - CFD: 28/06/2011 - 23:47:28 - [74664] ----D- C:\Program Files\Raptr O43 - CFD: 02/11/2006 - 09:37:42 - [38612225] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 17/02/2011 - 21:36:30 - [6008199] ----D- C:\Program Files\RkSoft O43 - CFD: 23/07/2009 - 23:18:20 - [18174630] ----D- C:\Program Files\Roxio O43 - CFD: 30/06/2011 - 22:39:16 - [22873836] R---D- C:\Program Files\Skype O43 - CFD: 27/02/2011 - 21:54:00 - [11378235] ----D- C:\Program Files\Smart Projects O43 - CFD: 23/07/2009 - 23:18:32 - [30262240] ----D- C:\Program Files\Sonic O43 - CFD: 29/06/2011 - 00:00:20 - [2045407] ----D- C:\Program Files\TimeAdjuster O43 - CFD: 23/07/2009 - 23:16:12 - [51925048] ----D- C:\Program Files\Toshiba O43 - CFD: 02/11/2006 - 10:01:30 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 25/08/2009 - 01:01:52 - [6095473] ----D- C:\Program Files\VDOWNLOADER O43 - CFD: 22/08/2009 - 19:48:36 - [92482597] ----D- C:\Program Files\VideoLAN O43 - CFD: 28/06/2011 - 17:39:42 - [50417350] ----D- C:\Program Files\Vuze O43 - CFD: 05/08/2011 - 23:06:26 - [217018] ----D- C:\Program Files\Vuze_Remote O43 - CFD: 25/10/2009 - 22:55:32 - [1016832] ----D- C:\Program Files\Windows Calendar O43 - CFD: 25/10/2009 - 22:55:32 - [2733056] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 25/10/2009 - 22:55:30 - [4476288] ----D- C:\Program Files\Windows Defender O43 - CFD: 25/10/2009 - 22:55:32 - [7080568] ----D- C:\Program Files\Windows Journal O43 - CFD: 12/07/2011 - 23:02:26 - [146580433] ----D- C:\Program Files\Windows Live O43 - CFD: 27/06/2011 - 10:23:06 - [10241032] ----D- C:\Program Files\Windows Mail O43 - CFD: 16/10/2010 - 11:45:58 - [4485833] ----D- C:\Program Files\Windows Media Player O43 - CFD: 21/08/2009 - 20:53:38 - [7957544] ----D- C:\Program Files\Windows NT O43 - CFD: 25/10/2009 - 22:55:30 - [8222370] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 17/11/2009 - 21:16:22 - [134144] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 25/10/2009 - 22:55:32 - [6673704] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 16/05/2010 - 21:14:44 - [5316986] ----D- C:\Program Files\WinRAR O43 - CFD: 18/02/2011 - 08:02:06 - [16596848] ----D- C:\Program Files\WT Software O43 - CFD: 28/06/2011 - 12:11:16 - [3605658] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 25/10/2009 - 13:04:28 - [92976] ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD: 25/09/2009 - 23:22:28 - [469525] ----D- C:\Program Files\Common Files\Hewlett-Packard O43 - CFD: 25/09/2009 - 23:21:50 - [5280332] ----D- C:\Program Files\Common Files\HP O43 - CFD: 25/11/2009 - 19:36:02 - [9342954] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 22/07/2011 - 08:35:04 - [1258951] ----D- C:\Program Files\Common Files\Java O43 - CFD: 12/07/2011 - 23:01:26 - [428070163] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 23/07/2009 - 23:17:36 - [4101736] ----D- C:\Program Files\Common Files\PX Storage Engine O43 - CFD: 23/07/2009 - 23:17:36 - [74253365] ----D- C:\Program Files\Common Files\Roxio Shared O43 - CFD: 02/11/2006 - 08:18:34 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 21/08/2009 - 20:53:38 - [0] -SH-D- C:\Program Files\Common Files\Sistema O43 - CFD: 23/07/2009 - 23:18:32 - [6617736] ----D- C:\Program Files\Common Files\Sonic Shared O43 - CFD: 02/11/2006 - 08:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 23/07/2009 - 23:18:22 - [710656] ----D- C:\Program Files\Common Files\SureThing Shared O43 - CFD: 29/10/2009 - 22:19:20 - [43756204] ----D- C:\Program Files\Common Files\System O43 - CFD: 23/07/2009 - 23:20:56 - [366243006] ----D- C:\Program Files\Common Files\Windows Live O43 - CFD: 28/06/2011 - 12:11:08 - [479] ----D- C:\ProgramData\Adobe O43 - CFD: 05/10/2010 - 08:53:02 - [8131984] ----D- C:\ProgramData\Alwil Software O43 - CFD: 21/11/2009 - 17:44:20 - [20] ----D- C:\ProgramData\Azureus O43 - CFD: 07/08/2010 - 15:07:18 - [2018] ----D- C:\ProgramData\CyberLink O43 - CFD: 21/08/2009 - 20:53:38 - [0] -SH-D- C:\ProgramData\Dados de aplicativos O43 - CFD: 23/07/2009 - 23:20:46 - [0] ----D- C:\ProgramData\Dell O43 - CFD: 21/08/2009 - 20:53:38 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 21/08/2009 - 20:53:38 - [0] -SH-D- C:\ProgramData\Documentos O43 - CFD: 02/03/2010 - 01:45:24 - [0] ----D- C:\ProgramData\eMule O43 - CFD: 21/08/2009 - 20:53:38 - [0] -SH-D- C:\ProgramData\Favoritos O43 - CFD: 20/03/2011 - 12:08:16 - [10273] ----D- C:\ProgramData\GbPlugin O43 - CFD: 25/09/2009 - 23:28:08 - [81438] ----D- C:\ProgramData\Hewlett-Packard O43 - CFD: 25/09/2009 - 23:30:40 - [1480123] ----D- C:\ProgramData\HP O43 - CFD: 12/05/2011 - 18:27:50 - [8960] ----D- C:\ProgramData\HP Product Assistant O43 - CFD: 23/07/2009 - 23:18:14 - [781] ----D- C:\ProgramData\InstallShield O43 - CFD: 31/07/2011 - 08:40:00 - [0] ----D- C:\ProgramData\Lavasoft O43 - CFD: 02/08/2011 - 20:25:14 - [323] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 21/04/2010 - 15:22:16 - [0] ----D- C:\ProgramData\McAfee O43 - CFD: 21/08/2009 - 20:53:38 - [0] -SH-D- C:\ProgramData\Menu Iniciar O43 - CFD: 20/10/2010 - 10:04:36 - [256655529] -S--D- C:\ProgramData\Microsoft O43 - CFD: 14/07/2011 - 08:01:56 - [81842] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 21/08/2009 - 20:53:38 - [0] -SH-D- C:\ProgramData\Modelos O43 - CFD: 18/09/2009 - 00:38:32 - [580] ----D- C:\ProgramData\Office Genuine Advantage O43 - CFD: 07/08/2010 - 15:33:20 - [0] ----D- C:\ProgramData\Roxio O43 - CFD: 30/06/2011 - 22:39:10 - [63859212] ----D- C:\ProgramData\Skype O43 - CFD: 27/06/2011 - 17:26:44 - [5582524] ----D- C:\ProgramData\Skype Extras O43 - CFD: 23/07/2009 - 23:17:40 - [1589] ----D- C:\ProgramData\Sonic O43 - CFD: 30/03/2010 - 19:05:40 - [259] ----D- C:\ProgramData\Sun O43 - CFD: 25/09/2009 - 23:30:08 - [247] ----D- C:\ProgramData\WEBREG O43 - CFD: 28/06/2010 - 18:06:06 - [0] ----D- C:\ProgramData\WindowsSearch O43 - CFD: 08/08/2010 - 18:10:04 - [1901] ----D- C:\ProgramData\Xerox O43 - CFD: 08/04/2011 - 20:41:46 - [3787506] ----D- C:\Users\corujinha\AppData\Roaming\Adobe O43 - CFD: 30/08/2010 - 23:39:28 - [246955] ----D- C:\Users\corujinha\AppData\Roaming\AnvSoft O43 - CFD: 29/07/2011 - 08:43:16 - [4439746] ----D- C:\Users\corujinha\AppData\Roaming\Azureus O43 - CFD: 22/08/2009 - 00:40:28 - [0] ----D- C:\Users\corujinha\AppData\Roaming\CyberLink O43 - CFD: 31/07/2011 - 21:58:16 - [199] ----D- C:\Users\corujinha\AppData\Roaming\dvdcss O43 - CFD: 22/10/2010 - 23:22:42 - [4356] ----D- C:\Users\corujinha\AppData\Roaming\FastStone O43 - CFD: 28/11/2009 - 15:46:52 - [206238] ----D- C:\Users\corujinha\AppData\Roaming\HP O43 - CFD: 07/08/2010 - 15:07:30 - [0] ----D- C:\Users\corujinha\AppData\Roaming\HPAppData O43 - CFD: 27/07/2010 - 20:40:18 - [29657] ----D- C:\Users\corujinha\AppData\Roaming\HpUpdate O43 - CFD: 21/08/2009 - 20:58:04 - [0] ----D- C:\Users\corujinha\AppData\Roaming\Identities O43 - CFD: 17/10/2009 - 12:21:18 - [544] ----D- C:\Users\corujinha\AppData\Roaming\InstallShield O43 - CFD: 21/08/2009 - 20:59:56 - [844] ----D- C:\Users\corujinha\AppData\Roaming\Macromedia O43 - CFD: 02/08/2011 - 20:25:28 - [2134] ----D- C:\Users\corujinha\AppData\Roaming\Malwarebytes O43 - CFD: 08/04/2011 - 20:41:46 - [1569128] -S--D- C:\Users\corujinha\AppData\Roaming\Microsoft O43 - CFD: 21/08/2009 - 22:27:58 - [18971032] ----D- C:\Users\corujinha\AppData\Roaming\Mozilla O43 - CFD: 31/08/2010 - 01:56:40 - [144] ----D- C:\Users\corujinha\AppData\Roaming\Philips O43 - CFD: 31/08/2010 - 01:53:38 - [7621818] ----D- C:\Users\corujinha\AppData\Roaming\Philips-Songbird O43 - CFD: 07/08/2010 - 15:09:14 - [640] ----D- C:\Users\corujinha\AppData\Roaming\Roxio O43 - CFD: 06/08/2011 - 11:41:32 - [6572639] ----D- C:\Users\corujinha\AppData\Roaming\Skype O43 - CFD: 30/06/2011 - 16:08:50 - [41232] ----D- C:\Users\corujinha\AppData\Roaming\skypePM O43 - CFD: 31/07/2011 - 22:00:32 - [480947] ----D- C:\Users\corujinha\AppData\Roaming\vlc O43 - CFD: 22/10/2010 - 09:32:18 - [298] ----D- C:\Users\corujinha\AppData\Roaming\Windows Live Writer O43 - CFD: 13/11/2009 - 10:50:42 - [12] ----D- C:\Users\corujinha\AppData\Roaming\WinRAR O43 - CFD: 05/04/2011 - 11:51:06 - [135834691] ----D- C:\Users\corujinha\AppData\Local\Adobe O43 - CFD: 02/03/2010 - 01:45:26 - [0] ----D- C:\Users\corujinha\AppData\Local\eMule O43 - CFD: 28/11/2009 - 15:46:52 - [233079] ----D- C:\Users\corujinha\AppData\Local\HP O43 - CFD: 25/11/2009 - 22:07:08 - [0] ----D- C:\Users\corujinha\AppData\Local\Logitech-LS O43 - CFD: 16/07/2011 - 09:18:22 - [1297944879] ----D- C:\Users\corujinha\AppData\Local\Microsoft O43 - CFD: 10/07/2011 - 09:50:18 - [215748] ----D- C:\Users\corujinha\AppData\Local\Microsoft Help O43 - CFD: 07/08/2010 - 15:26:00 - [52568] ----D- C:\Users\corujinha\AppData\Local\MicroVision Applications O43 - CFD: 21/08/2009 - 22:27:42 - [43949588] ----D- C:\Users\corujinha\AppData\Local\Mozilla O43 - CFD: 31/08/2010 - 01:53:58 - [75744166] ----D- C:\Users\corujinha\AppData\Local\Philips-Songbird O43 - CFD: 07/08/2010 - 15:07:20 - [15624] ----D- C:\Users\corujinha\AppData\Local\PowerDVD DX O43 - CFD: 06/01/2011 - 22:27:00 - [25262] ----D- C:\Users\corujinha\AppData\Local\QuickStores O43 - CFD: 31/07/2011 - 00:31:52 - [0] ----D- C:\Users\corujinha\AppData\Local\Sunbelt Software O43 - CFD: 06/08/2011 - 19:18:44 - [60004] ----D- C:\Users\corujinha\AppData\Local\temp O43 - CFD: 21/08/2009 - 20:57:20 - [0] -SH-D- C:\Users\corujinha\AppData\Local\Temporary Internet Files O43 - CFD: 21/08/2009 - 20:58:28 - [15265] ----D- C:\Users\corujinha\AppData\Local\Toshiba O43 - CFD: 25/08/2009 - 01:04:54 - [59] ----D- C:\Users\corujinha\AppData\Local\vdownloader O43 - CFD: 25/09/2009 - 23:29:02 - [2020305] ----D- C:\Users\corujinha\AppData\Local\VirtualStore O43 - CFD: 04/08/2011 - 23:24:44 - [135168] ----D- C:\Users\corujinha\AppData\Local\Windows Live O43 - CFD: 14/07/2011 - 09:06:02 - [377104] ----D- C:\Users\corujinha\AppData\Local\Windows Live Writer O43 - CFD: 03/08/2011 - 10:09:56 - [0] ----D- C:\Users\corujinha\AppData\Local\{0A3DFE0D-9370-4FBD-90D7-F381CEC00E18} O43 - CFD: 03/08/2011 - 10:10:44 - [0] ----D- C:\Users\corujinha\AppData\Local\{36ADD13E-68F8-41F3-9BF6-B8E094E05600} O43 - CFD: 04/08/2011 - 23:24:40 - [0] ----D- C:\Users\corujinha\AppData\Local\{68A33898-4E6F-48AD-A1F8-B5226150FD36} O43 - CFD: 04/08/2011 - 23:24:12 - [0] ----D- C:\Users\corujinha\AppData\Local\{C5808651-DFC7-4EDD-8A16-CDC03EB273A8} ~ Scan Program Folder in 00mn 19s ---\\ Last modified or created files under Windows and System32 (O44) O44 - LFC:[MD5.A4106DCF73768C6667F46952ECCD99B7] - 06/08/2011 - 19:13:58 ---A- . (...) -- C:\Windows\WindowsUpdate.log [149113] O44 - LFC:[MD5.6F3ADDBAF53527E1C92FE84CB075D601] - 06/08/2011 - 19:06:57 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.5401B28D9F277E533226C416018DD781] - 05/08/2011 - 23:06:31 ---A- . (...) -- C:\ZHPExportRegistry-05-08-2011-23-06-31.txt [3922] O44 - LFC:[MD5.464CD54D90FCB1131C68D0CB8E0EFB6F] - 05/08/2011 - 22:59:12 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [2038780] O44 - LFC:[MD5.0DB8DC8C2F543793CF1DDE7D597A9950] - 05/08/2011 - 22:59:11 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [1463120] O44 - LFC:[MD5.3FBA22EAFF2F6F5C93F5626273245A52] - 05/08/2011 - 22:59:10 ---A- . (...) -- C:\Windows\System32\perfh009.dat [1991220] O44 - LFC:[MD5.51A3566F07ED61FD8CE8A42827F9404A] - 05/08/2011 - 22:59:08 ---A- . (...) -- C:\Windows\System32\perfc009.dat [1442130] O44 - LFC:[MD5.D5B6DA68871CCDE2FA50DB72B59CE6C8] - 05/08/2011 - 22:59:07 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1502686] O44 - LFC:[MD5.42AFC5DDFF8EA918AFA3937412BA9132] - 02/08/2011 - 22:15:47 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.0505DA5D357F18A5D42FC5DEDE6BC9A0] - 31/07/2011 - 00:35:54 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\System32\drivers\SBREDrv.sys [101720] O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 30/07/2011 - 16:08:39 ---A- . (...) -- C:\Windows\system.ini [215] O44 - LFC:[MD5.152F54C5F3AC5012891C8AED8934C397] - 30/07/2011 - 00:56:23 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [395888] O44 - LFC:[MD5.2340832B8B1EFB379280A30140D1B7ED] - 22/07/2011 - 08:33:39 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\java.exe [145184] O44 - LFC:[MD5.FD8AB373BD7834A65114DD899199D00B] - 22/07/2011 - 08:33:39 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184] O44 - LFC:[MD5.4EDDB64328BE19A164657230C647913E] - 22/07/2011 - 08:33:39 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\System32\javaws.exe [157472] O44 - LFC:[MD5.13833FDB77FFECE3C227173A9866AB92] - 22/07/2011 - 08:33:28 ---A- . (...) -- C:\Windows\System32\jupdate-1.6.0_26-b03.log [3735] ~ Scan Files in 00mn 06s ---\\ Safe Boot Control (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - WDF Dinâmico.) -- C:\Windows\System32\Drivers\Wdf01000.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - WDF Dinâmico.) -- C:\Windows\System32\Drivers\Wdf01000.sys ~ Scan CSB in 00mn 00s ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\System32\ir50_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\Windows\System32\ir41_32.ax O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Intel® Corporation - No comment.) -- C:\Windows\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Intel® Corporation - No comment.) -- C:\Windows\System32\ir32_32.dll O52 - TDSD: \Drivers32\"VIDC.FMVC"="fmcodec.dll" . (.Fox Magic Software - FM Screen Capture Codec (VFW).) -- C:\Windows\System32\fmcodec.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"ir32_32.dll"="Indeo® video R3.2 by Intel" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"ir41_32.ax"="Indeo® video interactive R4.3 by Intel" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo® video Raw YVU9 by Intel" . (...) -- C:\Windows\System32\iyvu9_32.dll O52 - TDSD: \drivers.desc\"C:\Windows\system32\Iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Software de áudio Indeo®.) -- C:\Windows\system32\Iac25_32.ax ~ Scan Keys in 00mn 00s ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "disableregistrytools"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ~ Scan Keys in 00mn 00s ---\\ System Drivers List (SDL) (O58) O58 - SDL:[MD5.F8A6018193BE629B8EA4C5D7B2452B70] - 13/05/2010 - 13:26:40 ---A- . (...) -- C:\Windows\system32\drivers\ADFUUD.SYS [12634] O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 23:23:45 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968] O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 23:23:50 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600] O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 23:23:50 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432] O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 23:23:51 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560] O58 - SDL:[MD5.9325E49D555D8F12CE1735227DBB3D80] - 24/07/2009 - 13:21:46 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\system32\drivers\Apfiltr.sys [164400] O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 23:23:48 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416] O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 23:23:49 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928] O58 - SDL:[MD5.861CB512E4E850E87DD2316F88D69330] - 21/08/2009 - 08:32:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [19544] O58 - SDL:[MD5.FF83C93AEEE8B0CF4B464CA667A67ACD] - 24/11/2009 - 08:32:20 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [54104] O58 - SDL:[MD5.8DB043BF96BB6D334E5B4888E709E1C7] - 21/08/2009 - 08:32:32 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [25432] O58 - SDL:[MD5.17230708A2028CD995656DF455F2E303] - 01/03/2011 - 08:36:43 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [441176] O58 - SDL:[MD5.DBEDD9D43B00630966EF05D2D8D04CEE] - 21/08/2009 - 08:36:32 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [309848] O58 - SDL:[MD5.984CFCE2168286C2511695C2F9621475] - 21/08/2009 - 08:35:23 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [43608] O58 - SDL:[MD5.997E25F5B7D53C94C0AD2DC080F6868E] - 24/07/2009 - 13:34:52 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [912384] O58 - SDL:[MD5.E642B131FB74CAF4BB8A014F31113142] - 02/11/2006 - 04:36:43 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [2028032] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 05:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 05:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 05:25:24 ---A- . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 05:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 05:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 05:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.223DEA13C9D064BABC882B4727F6F905] - 23/07/2009 - 05:00:00 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdr4_xp.sys [9072] O58 - SDL:[MD5.9E26599599D178E71AFB5599E146031A] - 23/07/2009 - 05:00:00 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdralw2k.sys [9200] O58 - SDL:[MD5.58BC03301EC3052F866532946BF51AD6] - 24/07/2009 - 13:18:42 ---A- . (.Conexant Systems Inc. - High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\CHDRT32.sys [221184] O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 06:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272] O58 - SDL:[MD5.908ED85B7806E8AF3AF5E9B74F7809D4] - 20/01/2008 - 23:23:50 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\e1e6032.sys [220672] O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 20/01/2008 - 23:23:49 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784] O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 23:23:46 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584] O58 - SDL:[MD5.4AC51459805264AFFD5F6FDFB9D9235F] - 02/09/2010 - 21:18:40 ---A- . (.GEAR Software Inc. - CD/DVD Class Filter Driver.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [15664] O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 23:23:51 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504] O58 - SDL:[MD5.CFBC2B81972E298F0E19EE68FA9E73DA] - 24/07/2009 - 13:29:42 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\HSXHWAZL.sys [208384] O58 - SDL:[MD5.72CC6A8CA7891031D6380DB5025C773C] - 24/07/2009 - 13:29:44 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\HSX_CNXT.sys [661504] O58 - SDL:[MD5.99F85640054BA65190B860D878A7C9AE] - 24/07/2009 - 13:29:44 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\HSX_DPV.sys [980992] O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 23:23:47 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064] O58 - SDL:[MD5.63C56DAC467EF814B60FF2AA2286C917] - 24/07/2009 - 13:25:58 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [2354176] O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 06:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 06:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 06:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944] O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 23:23:48 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312] O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 23:23:50 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656] O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 23:23:47 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312] O58 - SDL:[MD5.0CEA2D0D3FA284B85ED5B68365114F76] - 24/07/2009 - 13:29:44 ---A- . (.Conexant - Diagnostic Interface x86 Driver.) -- C:\Windows\system32\drivers\mdmxsdk.sys [12672] O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 23:23:51 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288] O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 23:23:51 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616] O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 06:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384] O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 06:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160] O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 04:36:50 ---A- . (.N-trig Innovative Technologies - Driver nativo digitalizador de tablet N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608] O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 23:23:45 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968] O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 23:23:45 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112] O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 23/07/2009 - 05:00:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\system32\drivers\pxhelp20.sys [43872] O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 23:23:49 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360] O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 06:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088] O58 - SDL:[MD5.C2EF513BBE069F0D4EE0938A76F975D3] - 24/07/2009 - 13:28:08 ---A- . (.REDC - RICOH SD Driver.) -- C:\Windows\system32\drivers\rimmptsk.sys [46592] O58 - SDL:[MD5.2FC33077F85D7DC0D03678C06D43898C] - 24/07/2009 - 13:35:28 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [122368] O58 - SDL:[MD5.0505DA5D357F18A5D42FC5DEDE6BC9A0] - 31/07/2011 - 00:35:54 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys [101720] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 03:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 23:23:51 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808] O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 06:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944] O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 06:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848] O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 06:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920] O58 - SDL:[MD5.2C15B4856F929AC7DD144044D8334B54] - 24/07/2009 - 06:06:00 ---A- . (.TOSHIBA Corporation - TOSHIBA Bluetooth Port Emulation Driver.) -- C:\Windows\system32\drivers\tosporte.sys [41472] O58 - SDL:[MD5.4AC571026155442678E3A0B564A374B1] - 24/07/2009 - 06:06:04 ---A- . (.TOSHIBA CORPORATION - Bluetooth RF Bus Driver.) -- C:\Windows\system32\drivers\tosrfbd.sys [131712] O58 - SDL:[MD5.181E217A7A326817D97946D045B3CB46] - 24/07/2009 - 06:06:06 ---A- . (.TOSHIBA Corporation - Bluetooth RFBNEP Driver.) -- C:\Windows\system32\drivers\tosrfbnp.sys [36608] O58 - SDL:[MD5.E90ACE3B4FA7A85F992BC21EB779C407] - 24/07/2009 - 06:06:08 ---A- . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) -- C:\Windows\system32\drivers\tosrfcom.sys [64128] O58 - SDL:[MD5.D3F87C46C7C9E5DB99FBD3D17121B891] - 24/07/2009 - 06:06:10 ---A- . (.TOSHIBA Corporation. - Bluetooth HID Driver from TOSHIBA.) -- C:\Windows\system32\drivers\Tosrfhid.sys [74112] O58 - SDL:[MD5.C52FD27B9ADF3A1F22CB90E6BCF9B0CB] - 24/07/2009 - 06:06:12 ---A- . (.TOSHIBA Corporation. - Bluetooth BNEP Driver.) -- C:\Windows\system32\drivers\tosrfnds.sys [18612] O58 - SDL:[MD5.98C04A6432CE9C2AD328F57B9384D348] - 24/07/2009 - 06:06:16 ---A- . (.TOSHIBA CORPORATION - Bluetooth USB Miniport Driver.) -- C:\Windows\system32\drivers\tosrfusb.sys [41856] O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 23:23:45 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 06:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 23:23:47 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816] O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 23:23:48 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616] O58 - SDL:[MD5.DAB33CFA9DD24251AAA389FF36B64D4B] - 24/07/2009 - 13:29:48 ---A- . (.Conexant Systems, Inc. - Modem Audio Device Driver.) -- C:\Windows\system32\drivers\XAudio.sys [8704] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 04:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 04:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 04:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 04:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 04:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 04:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 04:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 04:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 04:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 04:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 04:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 04:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 04:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 04:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 04:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] ~ Scan Drivers in 00mn 23s ---\\ List all tools cleaner (LATC) (O63) O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (.Microsoft Corporation - Driver Win32 multiusuário.) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.cmd> <cmdfile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.com> <comfile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <exefile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - Bing O69 - SBI: SearchScopes [HKCU] {60524BF5-B7D9-4B43-8A10-2C1E59F1FD5C} - (Live Search) - Bing ~ Scan Keys in 00mn 00s ---\\ Search Particular Root Folder (SPRF) (O84) [MD5.3F9F1361F5131A92F7988DEC8AB51A18] [sPRF][01/08/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\corujinha\Desktop\ZHPDiag2.exe [2567524] [MD5.8CE7705CB43B03BB7970B04087C7758F] [sPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [29616] [MD5.01E2ECA759056F23C73A035FDABB2D6D] [sPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [201648] [MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [sPRF][11/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [484272] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{87F951B5-76E8-447A-9E14-91D05EEB6172}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerDVD DX.) -- C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe O87 - FAEL: "{EEFFC3D6-583B-4C9E-8AD1-FBAA021FB37A}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerDVD Resident Program.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe O87 - FAEL: "{57035D66-4A48-4DCE-AF8E-92B360DCAA42}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Software Update Client.) -- C:\Program Files\HP\hp software update\hpwucli.exe O87 - FAEL: "{B64F8F62-EBB0-4783-8545-A18A695363CF}" | In - Public - P6 - TRUE | .(.Vuze Inc. - No comment.) -- C:\Program Files\Vuze\Azureus.exe O87 - FAEL: "{B658EB87-E9DD-4E98-8BFD-32F3E7A6EA1A}" | In - Public - P17 - TRUE | .(.Vuze Inc. - No comment.) -- C:\Program Files\Vuze\Azureus.exe O87 - FAEL: "{9701EFAE-A603-44F2-8095-7DC65D8E407B}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O87 - FAEL: "{4EB0376B-0075-44B9-B11F-F28214CF1EB0}" | In - Private - P6 - TRUE | .(.Vuze Inc. - No comment.) -- C:\Program Files\Vuze\Azureus.exe O87 - FAEL: "{2BD83907-9821-4AD9-8BD3-537B467EB308}" | In - Private - P17 - TRUE | .(.Vuze Inc. - No comment.) -- C:\Program Files\Vuze\Azureus.exe ~ Scan Firewall in 00mn 02s ---\\ Additionnal Scan (O88) Database Version : 8584 - (01/08/2011) Clés trouvées (Keys found) : 0 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 0 C:\Program Files\Vuze_Remote =>Toolbar.Conduit ~ Scan Additionnel in 00mn 09s ---\\ Router Hijack DNS (O89) Servidor: UnKnown Address: 192.168.0.1 Nome = www.l.google.com Addresses: 74.125.234.16 74.125.234.20 74.125.234.19 74.125.234.18 74.125.234.17 Aliases: www.google.fr www.google.com ~ Scan DNS in 00mn 02s ---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 28/06/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 04/07/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe SS - | Demand 23/07/2009 69632 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe SR - | Auto 23/07/2009 128360 | (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe SR - | Auto 20/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe SR - | Auto 24/07/2009 386560 | (XAudioService) . (.Conexant Systems, Inc..) - C:\Windows\system32\DRIVERS\xaudio.exe ~ Scan Services in 00mn 04s ---\\ Search Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by corujinha at 06/08/2011 19:22:39 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll pciide.sys PCIIDEX.SYS atapi.sys 1 ntkrnlpa!IofCallDriver[0x82877912] -> \Device\Harddisk0\DR0[0x85C29780] 3 CLASSPNP[0x8379E8B3] -> ntkrnlpa!IofCallDriver[0x82877912] -> \Device\Ide\IdeDeviceP0T0L0-0[0x85045B98] kernel: MBR read successfully user & kernel MBR OK ~ Scan MBR in 00mn 06s ---\\ Search Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by corujinha at 06/08/2011 19:22:41 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 08s End of the scan (1141 lines in 01mn 31s)(0) Cozal

Non, il s'agit bien de la même machine - désolé pour cette confusion, j'aurais dû le préciser dès le début et ne pas multiplier les sujets... RDV donc sur l'autre sujet. En attendant, je vais repasser un coup de scan ZHPDiag, comme préconisé. Cozal

Eh bien, elle a l'air de se porter à peu près à merveille ! Le trojan semblait avoir disparu dès l'application du premier programme (AD-Remover). En tous cas, avast! avait cessé ses alertes au trojan après ça... Le seul souci qui demeure maintenant est un problème de site cloné, et qui est apparu entre la première salve de manipulations (celles effectuées avec AD-Remover, Mbam et ZHPDiag), et la seconde (l'ultime manipulation effectuée avec ZHPDiag). Pensant que ce problème n'était pas lié, je l'ai évoqué dans un autre sujet, indépendant (et qui se trouve ici) La réponse préconise de passer le scan ZHPDiag. Ce que je m'en vais faire, et poster le rapport dans la foulée. Pensez-vous toutefois que ce nouveau problème soit lié au problème du trojan js:Banker-j ? En tous les cas, merci ! Cozal

Bonsoir, Le PC d'une amie (qui ne parle pas français - d'où mon relais) a un problème : en voulant accéder au site internet de sa banque, elle tombe sur le site "cloné" de celui de sa banque. Une interface pirate, donc. Et impossible d'accéder au site officiel de sa banque. Comment faire ? Merci d'avance ! Cozal

Bonsoir, J'ai effectué la manipulation que vous m'avez prescrite, et qui semble s'être déroulé normalement. Le rapport demandé s'est bien affiché... Sauf que, au moment de vouloir l'enregistrer, impossible : le bureau de mon PC s'est retrouvé vidé de toutes ses icônes et barres d'outils, et impossible d'effectuer la moindre commande (même avec un clic droit). J'ai donc dû éteindre le PC de la manière la moins "violente" possible (en faisant CTRL + Alt+ del au lieu d'appuyer manuellement sur le bouton marche/arrêt de ma machine). Je l'ai ensuite rallumé pour recommencer la manipulation demandée, mais avec le même résultat... Ceci dit, le nettoyage avec Zhpfix semble s'être bien déroulé. Est-ce grave (ou non) ? Cozal

Bonsoir, Merci pour vos indications, que j´ai suivi à la lettre. Je vous poste les rapports demandés : 1) Ad-Report-SCAN ======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org'>http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (SCAN [1]) -> Launched at 20:05:02 on 02/08/2011, Normal boot Microsoft® Windows Vista™ Business Service Pack 2 (X86) corujinha@CORUJINHA-PC (Dell Inc. Vostro A860) ============== SEARCH ============== File found: C:\Program Files\Mozilla FireFox\Components\AskSearch.js File found: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar File found: C:\Users\corujinha\AppData\Roaming\Mozilla\FireFox\Profiles\hlkv4or2.default\searchplugins\ask.xml File found: C:\Users\corujinha\AppData\Roaming\Mozilla\FireFox\Profiles\hlkv4or2.default\searchplugins\askcom.xml Folder found: C:\Users\corujinha\AppData\Roaming\Mozilla\FireFox\Profiles\hlkv4or2.default\conduit Folder found: C:\Users\corujinha\AppData\Roaming\Mozilla\FireFox\Profiles\hlkv4or2.default\ConduitEngine Folder found: C:\Users\corujinha\AppData\Roaming\Mozilla\FireFox\Profiles\hlkv4or2.default\extensions\engine@conduit.com File found: C:\Users\corujinha\AppData\Roaming\Mozilla\FireFox\Profiles\hlkv4or2.default\searchplugins\conduit.xml Folder found: C:\Program Files\Ask.com Folder found: C:\Users\corujinha\AppData\LocalLow\Conduit Folder found: C:\Program Files\Conduit Folder found: C:\Users\corujinha\AppData\LocalLow\ConduitEngine Folder found: C:\Program Files\ConduitEngine Key found: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Key found: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key found: HKLM\Software\Classes\CLSID\{9007F15E-EFA1-4C97-8D44-9AEBC16CA45C} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9007F15E-EFA1-4C97-8D44-9AEBC16CA45C} Key found: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Key found: HKLM\Software\Classes\CLSID\{F5672D02-7492-490A-BC49-271F2AFA609C} Key found: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key found: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key found: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key found: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Key found: HKLM\Software\Classes\Conduit.Engine Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd Key found: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1 Key found: HKLM\Software\Classes\Toolbar.CT2504091 Key found: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL Key found: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key found: HKLM\Software\Conduit Key found: HKLM\Software\conduitEngine Key found: HKCU\Software\Ask.com Key found: HKCU\Software\Conduit Key found: HKCU\Software\AppDataLow\AskToolbarInfo Key found: HKCU\Software\AppDataLow\Toolbar Key found: HKCU\Software\AppDataLow\Software\AskToolbar Key found: HKCU\Software\AppDataLow\Software\Conduit Key found: HKCU\Software\AppDataLow\Software\conduitEngine Key found: HKLM\Software\aTube Catcher\OpenCandy Key found: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Key found: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Key found: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key found: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8826702-0CDD-4ABC-A336-F5F35DAB2121} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key found: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key found: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key found: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar Value found: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC} Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} Value found: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} Value found: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [5.0 (pt-BR)] **** HKLM_MozillaPlugins\Adobe Reader (x) Searchplugins\buscape.xml (hxxp://busca.buscape.com.br/cprocura) Searchplugins\mercadolivre.xml (hxxp://pmstrk.mercadolivre.com.br/jm/PmsTrk) Searchplugins\wikipedia-br.xml (hxxp://pt.wikipedia.org/wiki/Especial:Busca) Searchplugins\yahoo-br.xml (hxxp://br.search.yahoo.com/search) Components\AskSearch.js Components\browsercomps.dll (Mozilla Foundation) Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension ) Extensions - "{B13721C7-F507-4982-B2E5-502A71474FED}" (?) HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 -- C:\Users\corujinha\AppData\Roaming\Mozilla\FireFox\Profiles\hlkv4or2.default -- Extensions\engine@conduit.com (Conduit Engine ) Extensions\{87F8774F-B485-47E2-A755-A40A8A5E886D} (Adicional de Seguranca CAIXA®) Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar) Searchplugins\ask.xml (?) Searchplugins\askcom.xml (?) Searchplugins\conduit.xml (hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=3&q={searchTerms}/) Prefs.js - browser.startup.homepage_override.buildID, 20110615151330 Prefs.js - browser.startup.homepage_override.mstone, rv:5.0 ======================================== **** Internet Explorer Version [7.0.6002.18005] **** HKCU_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Start Page - hxxp://www.bol.com.br/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://go.microsoft.com/fwlink/?LinkId=69157 HKCU_URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC} - "UrlSearchHook Class" (C:\Program Files\Ask.com\GenericAskToolbar.dll) HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuze.dll) HKLM_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuze.dll) HKCU_SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - "Ask Search" (hxxp://websearch.ask.com/redirect?client=ie&tb=ATU3&o=15380&src=crm&q={searchTer...) HKCU_SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} - "Ask Search" (hxxp://toolbar.ask.com/toolbarv/askRedirect?gct=&gc=1&q={searchTerms}&crm=1&tool...) HKCU_Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} (C:\Program Files\Ask.com\GenericAskToolbar.dll) HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (C:\Program Files\Vuze_Remote\tbVuze.dll) HKLM_Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} (C:\Program Files\Ask.com\GenericAskToolbar.dll) HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} (C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll) HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (C:\Program Files\Vuze_Remote\tbVuze.dll) HKLM_Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} (C:\Program Files\ConduitEngine\ConduitEngine.dll) HKCU_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files\Ask.com\SaUpdate.exe (?) HKLM_ElevationPolicy\{073CE199-5E74-4F48-A6F6-8076835C0CF6} - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\system32\wpcer.exe (x) HKLM_ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} - C:\Program Files\Ask.com\SaUpdate.exe (?) HKLM_ElevationPolicy\{F8826702-0CDD-4ABC-A336-F5F35DAB2121} - C:\Program Files\ConduitEngine\ConduitEngineHelper.exe (?) BHO\{30F9B915-B755-4826-820B-08FBA6BD249D} - "Conduit Engine" (C:\Program Files\ConduitEngine\ConduitEngine.dll) BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll) BHO\{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuze.dll) BHO\{D4027C7F-154A-4066-A1AD-4243D8127440} - "aTube Toolbar" (C:\Program Files\Ask.com\GenericAskToolbar.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 0 File(s) C:\Program Files\Ad-Remover\Backup: 1 File(s) C:\Ad-Report-SCAN[1].txt - 02/08/2011 20:06:38 (9931 Byte(s)) End at: 20:07:24, 02/08/2011 ============== E.O.F ============== 2) Ad-Report-CLEAN ======= REPORT FROM AD-REMOVER 2.0.0.2,G | ONLY XP/VISTA/7 ======= Updated by TeamXscript on 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com website: http://www.teamxscript.org C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Launched at 20:09:09 on 02/08/2011, Normal boot Microsoft® Windows Vista™ Business Service Pack 2 (X86) corujinha@CORUJINHA-PC (Dell Inc. Vostro A860) ============== ACTION(S) ============== File deleted: C:\Program Files\Mozilla FireFox\Components\AskSearch.js File deleted: C:\Windows\system32\Tasks\Scheduled Update for Ask Toolbar File deleted: C:\Users\corujinha\AppData\Roaming\Mozilla\FireFox\Profiles\hlkv4or2.default\searchplugins\ask.xml File deleted: C:\Users\corujinha\AppData\Roaming\Mozilla\FireFox\Profiles\hlkv4or2.default\searchplugins\askcom.xml Folder deleted: C:\Users\corujinha\AppData\Roaming\Mozilla\FireFox\Profiles\hlkv4or2.default\conduit Folder deleted: C:\Users\corujinha\AppData\Roaming\Mozilla\FireFox\Profiles\hlkv4or2.default\ConduitEngine Folder deleted: C:\Users\corujinha\AppData\Roaming\Mozilla\FireFox\Profiles\hlkv4or2.default\extensions\engine@conduit.com File deleted: C:\Users\corujinha\AppData\Roaming\Mozilla\FireFox\Profiles\hlkv4or2.default\searchplugins\conduit.xml Folder deleted: C:\Program Files\Ask.com Folder deleted: C:\Users\corujinha\AppData\LocalLow\Conduit Folder deleted: C:\Program Files\Conduit Folder deleted: C:\Users\corujinha\AppData\LocalLow\ConduitEngine Folder deleted: C:\Program Files\ConduitEngine (!) -- Temporary files deleted. Key deleted: HKLM\Software\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Key deleted: HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Key deleted: HKLM\Software\Classes\CLSID\{9007F15E-EFA1-4C97-8D44-9AEBC16CA45C} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9007F15E-EFA1-4C97-8D44-9AEBC16CA45C} Key deleted: HKLM\Software\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Key deleted: HKLM\Software\Classes\CLSID\{F5672D02-7492-490A-BC49-271F2AFA609C} Key deleted: HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key deleted: HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key deleted: HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key deleted: HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Key deleted: HKLM\Software\Classes\Conduit.Engine Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd Key deleted: HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1 Key deleted: HKLM\Software\Classes\Toolbar.CT2504091 Key deleted: HKLM\Software\Classes\AppID\GenericAskToolbar.DLL Key deleted: HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key deleted: HKLM\Software\Conduit Key deleted: HKLM\Software\conduitEngine Key deleted: HKCU\Software\Ask.com Key deleted: HKCU\Software\Conduit Key deleted: HKCU\Software\AppDataLow\AskToolbarInfo Key deleted: HKCU\Software\AppDataLow\Toolbar Key deleted: HKCU\Software\AppDataLow\Software\AskToolbar Key deleted: HKCU\Software\AppDataLow\Software\Conduit Key deleted: HKCU\Software\AppDataLow\Software\conduitEngine Key deleted: HKLM\Software\aTube Catcher\OpenCandy Key deleted: HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Userdata\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Key deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420} Key deleted: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key deleted: HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8826702-0CDD-4ABC-A336-F5F35DAB2121} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Key deleting error: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar Value deleted: HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks|{00000000-6E41-4FD3-8538-502F5495E5FC} Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{D4027C7F-154A-4066-A1AD-4243D8127440} Value deleted: HKLM\Software\Microsoft\Internet Explorer\Toolbar|{30F9B915-B755-4826-820B-08FBA6BD249D} Value deleted: HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser|{D4027C7F-154A-4066-A1AD-4243D8127440} ============== ADDITIONNAL SCAN ============== **** Mozilla Firefox Version [5.0 (pt-BR)] **** HKLM_MozillaPlugins\Adobe Reader (x) Searchplugins\buscape.xml (hxxp://busca.buscape.com.br/cprocura) Searchplugins\mercadolivre.xml (hxxp://pmstrk.mercadolivre.com.br/jm/PmsTrk) Searchplugins\wikipedia-br.xml (hxxp://pt.wikipedia.org/wiki/Especial:Busca) Searchplugins\yahoo-br.xml (hxxp://br.search.yahoo.com/search) Components\browsercomps.dll (Mozilla Foundation) Extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} (Skype extension ) Extensions - "{B13721C7-F507-4982-B2E5-502A71474FED}" (?) HKLM_Extensions|smartwebprinting@hp.com - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 HKCU_Extensions|smartwebprinting@hp.com - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 -- C:\Users\corujinha\AppData\Roaming\Mozilla\FireFox\Profiles\hlkv4or2.default -- Extensions\{87F8774F-B485-47E2-A755-A40A8A5E886D} (Adicional de Seguranca CAIXA®) Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar) Prefs.js - browser.startup.homepage_override.buildID, 20110615151330 Prefs.js - browser.startup.homepage_override.mstone, rv:5.0 ======================================== **** Internet Explorer Version [7.0.6002.18005] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuze.dll) HKLM_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuze.dll) HKCU_Toolbar\WebBrowser|{BA14329E-9550-4989-B3F2-9732E92D17CC} (C:\Program Files\Vuze_Remote\tbVuze.dll) HKLM_Toolbar|{8dcb7100-df86-4384-8842-8fa844297b3f} (C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll) HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (C:\Program Files\Vuze_Remote\tbVuze.dll) HKLM_ElevationPolicy\{073CE199-5E74-4F48-A6F6-8076835C0CF6} - C:\Program Files\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\system32\wpcer.exe (x) BHO\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - "Search Helper" (C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll) BHO\{ba14329e-9550-4989-b3f2-9732e92d17cc} - "Vuze Remote Toolbar" (C:\Program Files\Vuze_Remote\tbVuze.dll) ======================================== C:\Program Files\Ad-Remover\Quarantine: 139 File(s) C:\Program Files\Ad-Remover\Backup: 16 File(s) C:\Ad-Report-CLEAN[1].txt - 02/08/2011 20:09:14 (8746 Byte(s)) C:\Ad-Report-SCAN[1].txt - 02/08/2011 20:06:38 (10069 Byte(s)) End at: 20:10:15, 02/08/2011 ============== E.O.F ============== 3) Rapport Mbam Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Version de la base de données: 7360 Windows 6.0.6002 Service Pack 2 Internet Explorer 7.0.6002.18005 02/08/2011 22:07:31 mbam-log-2011-08-02 (22-07-31).txt Type d'examen: Examen complet (C:\|D:\|) Elément(s) analysé(s): 326273 Temps écoulé: 1 heure(s), 18 minute(s), 44 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté) 4) Rapport ZHPDiag Rapport de ZHPDiag v1.28.09 par Nicolas Coolman, Update du 01/08/2011 Run by corujinha at 02/08/2011 22:14:15 Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html ---\\ Web Browser MSIE: Internet Explorer v7.0.6002.18005 MFIE: Mozilla Firefox 5.0 v (Defaut) ---\\ System Information Windows Vista Business Edition, 32-bit Service Pack 2 (Build 6002) ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2037 MB (43% free) System Restore: Activé (Enable) System drive C: has 18 GB (13%) free of 134 GB ---\\ Logged in mode ~ Computer Name: CORUJINHA-PC ~ User Name: corujinha ~ All Users Names: corujinha, Convidado, Administrador, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ %AppData%=C:\Users\corujinha\AppData\Roaming\ ~ %Desktop%=C:\Users\corujinha\Desktop\ ~ %Favorites%=C:\Users\corujinha\Favorites\ ~ %LocalAppData%=C:\Users\corujinha\AppData\Local\ ~ %StartMenu%=C:\Users\corujinha\AppData\Roaming\Microsoft\Windows\Start Menu\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 18 Go of 134 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 14 Go of 15 Go) E:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoDispScrSavPage: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Search Generic System Files [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Windows Explorer.) (.25/10/2009 - 03:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 06:45:37.) -- C:\Windows\system32\rundll32.exe [44544] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Aplicativo de Inicialização do Windows.) (.20/01/2008 - 23:24:09.) -- C:\Windows\system32\Wininit.exe [96768] [MD5.17413EF7D95632D892B4C914CD7E66F9] - (.Microsoft Corporation - Internet Extensions para Win32.) (.26/06/2011 - 13:04:00.) -- C:\Windows\system32\wininet.dll [834048] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Aplicativo de Logon do Windows.) (.25/10/2009 - 03:28:13.) -- C:\Windows\system32\Winlogon.exe [314368] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.25/10/2009 - 03:32:26.) -- C:\Windows\system32\drivers\atapi.sys [19944] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Driver do Sistema de Arquivos NT.) (.25/10/2009 - 03:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880] ~ Scan Generic Processes in 00mn 00s ---\\ Hidden files state (Hidden/Total) ~ Mes images (My Pictures) : 2/422 ~ Mes musiques (My Musics) : 109/258 ~ Mes Videos (My Videos) : 1/119 ~ Mes Favoris (My Favorites) : 2/20 ~ Mes Documents (My Documents) : 9/320 ~ Mon Bureau (My Desktop) : 40/1430 ~ Menu demarrer (Programs) : 7/31 ~ Scan Hidden Files in 00mn 02s ---\\ Running Processes [MD5.4A0C0730F86A78A6F1F4FD6AD193559A] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe [163840] [MD5.0427F6DC2EC567E64E713D1E92EE0EBA] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [150040] [MD5.C4A1448E8AE9F8040843C9827E511489] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [170520] [MD5.42370C1DE2B83844B253478DB8A907D5] - (.Alps Electric Co., Ltd. - ApMsgFwd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe [50736] [MD5.A6A8CA7E52B09BE45205FE0B70278E34] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [141848] [MD5.6A24E3226D05F29B553BBFFD942CFA7F] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [256536] [MD5.0940767CB618E3EDD744161A00ADE5DB] - (.CyberLink Corp. - CyberLink PowerDVD Resident Program.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128296] [MD5.062F3DB9AFA9C3CE0DA52F28595C0C6D] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152] [MD5.644795F6985C740F5E36E9336B837D0B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072] [MD5.7B2FB514D71FD9C5BFFB5443DB4551FE] - (...) -- C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe [375296] [MD5.8D78BE3690DB07A2FD03D2A6B61E3DCD] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver for Windows NT/.) -- C:\Program Files\DellTPad\Apntex.exe [49152] [MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [MD5.43D083268A0919F3527A2837390BAF63] - (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [218032] [MD5.5D539617604E953FD2DF852F4B51A383] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [15141768] [MD5.EBB4A681D342E9ED65B8FE6D3ACE53F7] - (.TOSHIBA CORPORATION. - TosBtMng.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2938184] [MD5.C574C551637734B13278898FE2D12D15] - (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\HidFind.exe [40960] [MD5.D9335549EAE48B14FB66EFCB6FFAE736] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [214360] [MD5.DF7F51A7B97AFF3A80F5C2EF18C1AB4C] - (.TOSHIBA CORPORATION. - TosA2dp.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe [278528] [MD5.F2A71A0ACE6148BED49ACBA0EB436032] - (.TOSHIBA CORPORATION. - TosBtHid.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe [77824] [MD5.D16577B7E9876395C773B60057FE0768] - (.TOSHIBA CORPORATION. - TosBtHSP.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe [288072] [MD5.B70278D1459A677639D51892160FD365] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [184320] [MD5.7E04B1ADE140F483A6581461568D8D9C] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [610304] [MD5.8FC85C14B6316745670816F98693A100] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [262144] [MD5.00644093CF916D7DFC639AF8AE799097] - (.TOSHIBA CORPORATION. - TosAVRC.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosAVRC.exe [288072] [MD5.2FF2881A479A5963562F365B61A25223] - (.TOSHIBA CORPORATION. - tosOBEX.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe [316744] [MD5.2E75F0B925DF08F5A43A2118E94D4DF7] - (.TOSHIBA CORPORATION. - TosBtProc.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtProc.exe [2577736] [MD5.E7CF222185411C6A3E68273C452B3283] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3493720] [MD5.D314901F9F9F1B0CB4F7C7B09AE1AF13] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Users\corujinha\Desktop\ZHPDiag\ZHPDiag.exe [662528] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Serviço de Licenciamento de Software Micros.) -- C:\Windows\system32\SLsvc.exe [3408896] [MD5.D16C826F375A44802BF317982E81A7E2] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [42184] [MD5.11A52CF7B265631DEEB24C6149309EFF] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [64952] [MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [322120] [MD5.2E7315B147E524E055026E6634B14EA6] - (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [128360] [MD5.CD5F291A1161F15896D1A4D63DAFF5DF] - (.Conexant Systems, Inc. - Modem Audio Service.) -- C:\Windows\system32\DRIVERS\xaudio.exe [386560] [MD5.5DAF7081A4BB112FA3F1915819330A3E] - (...) -- C:\Users\corujinha\Desktop\ZHPDiag\pv.exe [61440] ~ Scan Processes Running in 00mn 03s ---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3) C:\Users\corujinha\AppData\Roaming\Mozilla\Firefox\Profiles\hlkv4or2.default\prefs.js M3 - MFPP: Plugins - [corujinha] -- C:\Program Files\Mozilla FireFox\searchplugins\buscape.xml M3 - MFPP: Plugins - [corujinha] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [corujinha] -- C:\Program Files\Mozilla FireFox\searchplugins\mercadolivre.xml M3 - MFPP: Plugins - [corujinha] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-br.xml M3 - MFPP: Plugins - [corujinha] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-br.xml M2 - MFEP: prefs.js [corujinha - hlkv4or2.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.) M2 - MFEP: prefs.js [corujinha - hlkv4or2.default\{87F8774F-B485-47E2-A755-A40A8A5E886D}] [] Adicional de Seguranca CAIXA® v1.2.1 (.Caixa Economica Federal.) M2 - MFEP: prefs.js [corujinha - hlkv4or2.default\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [] Vuze Remote Community Toolbar v3.5.0.12 (.Conduit Ltd..) P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFF12.DLL P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com'>http://fr.msn.com'>http://fr.msn.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com R0 - HKUS\S-1-5-21-2990941135-3298887461-2793883844-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com'>http://www.microsoft.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.4.1) -- C:\Program Files\Vuze_Remote\tbVuze.dll R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (7.00.6000.16386 (vista_rtm.061101-2205)) -- C:\Windows\system32\ieframe.dll R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.4.1) -- C:\Program Files\Vuze_Remote\tbVuze.dll R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Changed inifile Value, Mapped to Registry (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Hosts file redirection (O1) ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects (O2) O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Vuze_Remote\tbVuze.dll O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation - Bing Bar.) -- C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer toolbars (O3) O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation - Bing Bar.) -- C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Vuze_Remote\tbVuze.dll ~ Scan Toolbar in 00mn 00s ---\\ Auto loading programs from Registry and folders (O4) O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [igfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [iTSecMng] . (. TOSHIBA CORPORATION - IT Security Manager for Toshiba Stack.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe O4 - HKLM\..\Run: [PDVDDXSrv] . (.CyberLink Corp. - CyberLink PowerDVD Resident Program.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe O4 - HKLM\..\Run: [Philips Device Listener] . (...) -- C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Users\corujinha\Desktop\Malwarebytes' Anti-Malware\mbamgui.exe O4 - HKCU\..\Run: [iSUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O4 - HKUS\S-1-5-21-2990941135-3298887461-2793883844-1000\..\Run: [iSUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe O4 - HKUS\S-1-5-21-2990941135-3298887461-2793883844-1000\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe ~ Scan Application in 00mn 00s ---\\ Other User Links (O4) O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\corujinha\Desktop\aurelio - Atalho.lnk . (.Positivo.) -- C:\Program Files\Positivo\Miniaurelio\aurelio.exe O4 - Global Startup: C:\Users\corujinha\Desktop\Calculator.lnk . (.Microsoft Corporation.) -- C:\Windows\System32\calc.exe O4 - Global Startup: C:\Users\corujinha\Desktop\Lixeira - Atalho.lnk - Orphean Key O4 - Global Startup: C:\Users\corujinha\Desktop\Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe O4 - Global Startup: C:\Users\corujinha\Desktop\Videos.lnk . (...) -- C:\Users\corujinha\Documents O4 - Global Startup: C:\Users\corujinha\Desktop\Windows Live Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Mail\wlmail.exe O4 - Global Startup: C:\Users\corujinha\Desktop\Windows Live Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IsoBuster.lnk . (.Smart Projects.) -- C:\Program Files\Smart Projects\IsoBuster\IsoBuster.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Philips Songbird.lnk . (.Koninklijke Philips Electronics N.V..) -- C:\Program Files\Philips\Philips Songbird\Philips-Songbird.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\TimeAdjuster.lnk . (...) -- C:\Program Files\TimeAdjuster\time_adjuster.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VLC media player.lnk . (...) -- C:\Program Files\VideoLAN\VLC\vlc.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk . (.Vuze Inc..) -- C:\Program Files\Vuze\Azureus.exe O4 - Global Startup: C:\Users\corujinha\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe ~ Scan Global Startup in 00mn 00s ---\\ Extra items in the IE right-click menu (O8) O8 - Extra context menu item: Add to AMV Converter... . (...) -- C:\Program Files\MP3 Player Utilities 4.09\AMVConverter\grab.html O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe O8 - Extra context menu item: E&xportar para o Microsoft Excel - (.not file.) - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.exe O8 - Extra context menu item: MediaManager tool grab multimedia file . (...) -- C:\Program Files\MP3 Player Utilities 4.09\MediaManager\grab.html ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9) O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: &Enviar para o OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO O9 - Extra button: &Enviar para o OneNote - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Provedor de Correção de Nomeação de Emails.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - PNRP Name Space Provider.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Provedor de serviços do Microsoft Windows Sockets 2.0.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ~ Scan Winsock in 00mn 00s ---\\ Lop.com/Domain Hijackers (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{7B03977E-71E6-4F71-8ABD-7AB99876BE76}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{7B03977E-71E6-4F71-8ABD-7AB99876BE76}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{7B03977E-71E6-4F71-8ABD-7AB99876BE76}: DhcpNameServer = 192.168.0.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{7B03977E-71E6-4F71-8ABD-7AB99876BE76}: DhcpNameServer = 192.168.0.1 ~ Scan Domain in 00mn 00s ---\\ Extra protocols (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Controle ActiveX para streaming de vídeo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visualizador de HTML da Microsoft ®.) -- C:\Windows\system32\mshtml.dll O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensões OLE32 para Win32.) -- C:\Windows\system32\urlmon.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 00s ---\\ AppInit_DLLs Registry value Autorun (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Scan Winlogon in 00mn 00s ---\\ ShellServiceObjectDelayLoad (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Monitor de Sites.) -- C:\Windows\system32\webcheck.dll ~ Scan SSODL in 00mn 00s ---\\ SharedTaskScheduler (O22) O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\Windows\system32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe O23 - Service: XAudioService (XAudioService) . (.Conexant Systems, Inc. - Modem Audio Service.) - C:\Windows\system32\DRIVERS\xaudio.exe ~ Scan Services in 00mn 00s ---\\ Windows Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Office Word.) - C:\Program Files\Microsoft Office\Office12\WINWORD.exe ~ Scan Desktop Component in 00mn 00s ---\\ Task Planned Automatically(039) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{5560F1BD-5211-442D-ADCA-8EE1E2EC9450}.job ~ Scan Scheduled Task in 00mn 04s ---\\ Drivers launched at startup (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Driver de porta i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Driver de Classe de Teclado.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Driver de classe modem.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Agendador de pacotes de serviço.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (Tosrfcom) . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) - C:\Windows\System32\Drivers\tosrfcom.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys ~ Scan Drivers in 00mn 00s ---\\ Software installed (O42) O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: 7-Zip 4.65 - (.Unknown owner.) [HKLM] -- 7-Zip O42 - Logiciel: AIFF MP3 Converter v3.1 build 946 - (.Hoo Technologies.) [HKLM] -- {5494AFBC-3EC2-463A-BD6C-EAFB62EB6EE9}_is1 O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Any Video Converter 3.0.7 - (.Any-Video-Converter.com.) [HKLM] -- Any Video Converter_is1 O42 - Logiciel: Arquivo do WinRAR - (.Unknown owner.) [HKLM] -- WinRAR archiver O42 - Logiciel: Atualização do produto Microsoft Office Excel 2007 Help (KB963678) - (.Microsoft.) [HKLM] -- {90120000-0016-0416-0000-0000000FF1CE}_OMUI.pt-br_{717C9095-8AAE-41CB-B046-BD6E8399F4F3} O42 - Logiciel: Atualização do produto Microsoft Office Outlook 2007 Help (KB963677) - (.Microsoft.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE}_OMUI.pt-br_{5016CB22-B9A7-44FB-AA72-AF28B27B15EA} O42 - Logiciel: Atualização do produto Microsoft Office Powerpoint 2007 Help (KB963669) - (.Microsoft.) [HKLM] -- {90120000-0018-0416-0000-0000000FF1CE}_OMUI.pt-br_{BE3A7C0C-0081-4694-B5F9-980DD66BDDF8} O42 - Logiciel: Atualização do produto Microsoft Office Word 2007 Help (KB963665) - (.Microsoft.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE}_OMUI.pt-br_{7297E3A9-FCD4-4E0E-A306-7A90359E50E3} O42 - Logiciel: Barra do Bing - (.Microsoft Corporation.) [HKLM] -- {08234a0d-cf39-4dca-99f0-0c5cb496da81} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM] -- CNXT_AUDIO_HDA O42 - Logiciel: CutePDF Writer 2.8 - (.Unknown owner.) [HKLM] -- CutePDF Writer Installation O42 - Logiciel: Dell Touchpad - (.Alps Electric.) [HKLM] -- {9F72EF8B-AEC9-4CA5-B483-143980AFD6FD} O42 - Logiciel: DigiMax 2.0 - (.WT Software.) [HKLM] -- DigiMax_is1 O42 - Logiciel: Digicerto Master 2.3.2 - (.RkSoft Desenvolvimentos.) [HKLM] -- Digicerto Master_is1 O42 - Logiciel: FastStone Photo Resizer 3.0 - (.FastStone Soft..) [HKLM] -- FastStone Photo Resizer O42 - Logiciel: Free WMA to MP3 Converter 1.16 - (.Jodix Technologies Ltd..) [HKLM] -- Free WMA to MP3 Converter_is1 O42 - Logiciel: HDAUDIO Soft Data Fax Modem with SmartCP - (.Conexant Systems.) [HKLM] -- CNXT_MODEM_HDA_HSF O42 - Logiciel: HP Customer Participation Program 10.0 - (.HP.) [HKLM] -- HPExtendedCapabilities O42 - Logiciel: HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3 - (.HP.) [HKLM] -- {AE9A67F9-ADF1-4a44-BAB5-C1DB302B37A2} O42 - Logiciel: HP Imaging Device Functions 10.0 - (.HP.) [HKLM] -- HP Imaging Device Functions O42 - Logiciel: HP Photosmart Essential 2.5 - (.HP.) [HKLM] -- HP Photosmart Essential O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM] -- HP Smart Web Printing O42 - Logiciel: HP Solution Center 10.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595 O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484 O42 - Logiciel: IsoBuster 2.8.5 - (.Smart Projects.) [HKLM] -- IsoBuster_is1 O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1 O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-0416-0000-0000000FF1CE}_OMUI.pt-br_{9A141B2B-7C5E-47D2-8E9E-9AC6018F3C42} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0100-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0101-0416-0000-0000000FF1CE}_OMUI.pt-br_{02A880E2-B8B9-4BF5-8822-EA1374734E2E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE O42 - Logiciel: Microsoft Office Language Pack 2007 - Portuguese/Português (Brasil) - (.Microsoft Corporation.) [HKLM] -- OMUI.pt-br O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0416-0000-0000000FF1CE}_OMUI.pt-br_{75EBE365-7FC5-4720-A7D3-804BF550D1BC} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0017-0416-0000-0000000FF1CE}_OMUI.pt-br_{06505BF4-1BDC-494D-8336-7069BA950039} O42 - Logiciel: Mozilla Firefox 5.0 (x86 pt-BR) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0 (x86 pt-BR) O42 - Logiciel: Pacote de Idiomas do Microsoft .NET Framework 3.5 SP1 - PTB - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - ptb O42 - Logiciel: Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile PTB Language Pack O42 - Logiciel: Philips Songbird - (.Koninklijke Philips Electronics N.V..) [HKLM] -- Philips Songbird O42 - Logiciel: PowerDVD - (.Dell.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1} O42 - Logiciel: Roxio EasyWrite Reader - (.Unknown owner.) [HKLM] -- Roxio MRFilter O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{AD0DE453-0804-4495-9C91-33D0F9AA5463} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870 O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CD907315-705A-4475-A1A0-2A1245803E4D} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5} O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5A4E43D5-858F-49BD-BA72-8F30E1793060} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A0173254-F442-4D04-9154-43FA157B83D0} O42 - Logiciel: Security Update for Microsoft Office Groove 2007 (KB2494047) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B91E2AEC-7F93-4E33-ACF6-EC90640CBE4F} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{5D930261-AA5B-48D1-931F-425C9D767490} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3A4CDE54-2403-483D-8D9A-15E3264410DF} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {20A15757-4AE4-3C82-9711-863C84AFE6AA}.KB2478663 O42 - Logiciel: Security Update for Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {20A15757-4AE4-3C82-9711-863C84AFE6AA}.KB2518870 O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies O42 - Logiciel: Time Adjuster STANDARD 3.1 - (.IrekSoftware.com.) [HKCU] -- TimeAdjuster O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707 O42 - Logiciel: Update for Microsoft Office 2007 Help for Common Features (KB963673) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42} O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} O42 - Logiciel: Update for Microsoft Office Access 2007 Help (KB963663) - (.Microsoft.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987} O42 - Logiciel: Update for Microsoft Office Excel 2007 Help (KB963678) - (.Microsoft.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9} O42 - Logiciel: Update for Microsoft Office Infopath 2007 Help (KB963662) - (.Microsoft.) [HKLM] -- {90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63} O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{329050A9-EF80-40F9-B633-74508F54C1FF} O42 - Logiciel: Update for Microsoft Office OneNote 2007 Help (KB963670) - (.Microsoft.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{1365864D-4C58-489D-9982-844D75691CCC} O42 - Logiciel: Update for Microsoft Office Outlook 2007 Help (KB963677) - (.Microsoft.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784} O42 - Logiciel: Update for Microsoft Office Powerpoint 2007 Help (KB963669) - (.Microsoft.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876} O42 - Logiciel: Update for Microsoft Office Publisher 2007 Help (KB963667) - (.Microsoft.) [HKLM] -- {90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F} O42 - Logiciel: Update for Microsoft Office Script Editor Help (KB963671) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C} O42 - Logiciel: Update for Microsoft Office Word 2007 Help (KB963665) - (.Microsoft.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2553975) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{59D8F1FE-7B08-4F0E-840C-D1BF93D22A6C} O42 - Logiciel: VDownloader 1.0 - (.Enrique Puertas.) [HKLM] -- {CA567AD5-33A4-403D-86D1-EE2D38251951}_is1 O42 - Logiciel: VLC media player 1.0.1 - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01 O42 - Logiciel: Vuze - (.Vuze Inc..) [HKLM] -- 8461-7759-5462-8226 O42 - Logiciel: Vuze Remote Toolbar - (.Vuze Remote.) [HKLM] -- Vuze_Remote Toolbar O42 - Logiciel: Windows Live Essentials - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: aTube Catcher - (.DsNET Corp.) [HKLM] -- aTube Catcher O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\ALWIL Software] [HKCU\Software\AVAST Software] [HKCU\Software\Acro Software Inc] [HKCU\Software\Adobe] [HKCU\Software\Alps] [HKCU\Software\AnvSoft] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Vuze_Remote] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Azureus] [HKCU\Software\CDDB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Cyberlink] [HKCU\Software\EasyBits] [HKCU\Software\GbPlugin] [HKCU\Software\Hewlett-Packard] [HKCU\Software\HooTech AIFF MP3 Converter] [HKCU\Software\IM Providers] [HKCU\Software\InstallShield] [HKCU\Software\Intel] [HKCU\Software\IrekZielinskiSoft] [HKCU\Software\JavaSoft] [HKCU\Software\L&H] [HKCU\Software\Lavasoft] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MicroVision] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\Philips Songbird] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Positivo] [HKCU\Software\Raptr] [HKCU\Software\RkSoft] [HKCU\Software\Roxio] [HKCU\Software\Skype] [HKCU\Software\Smart Projects] [HKCU\Software\Sonic] [HKCU\Software\Sysinternals] [HKCU\Software\Toshiba] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Windows Live Writer] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\ej-technologies] [HKCU\Software\kde.org] [HKCU\Software\yahooinstall] [HKLM\Software\ALWIL Software] [HKLM\Software\ATI Technologies] [HKLM\Software\AVAST Software] [HKLM\Software\Acro Software Inc] [HKLM\Software\Adobe] [HKLM\Software\Alps] [HKLM\Software\AppDataLow] [HKLM\Software\Azureus] [HKLM\Software\CXT] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Conexant Systems] [HKLM\Software\Conexant] [HKLM\Software\CyberLink] [HKLM\Software\Dell] [HKLM\Software\DsNETCorp] [HKLM\Software\GPL Ghostscript] [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\Hewlett-Packard] [HKLM\Software\ICE] [HKLM\Software\InstallShield] [HKLM\Software\InstalledOptions] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\Jodix] [HKLM\Software\JreMetrics] [HKLM\Software\L&H] [HKLM\Software\Lavasoft] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MicroVision] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Positivo] [HKLM\Software\RegisteredApplications] [HKLM\Software\RkSoft] [HKLM\Software\Roxio] [HKLM\Software\Skype] [HKLM\Software\Songbird] [HKLM\Software\Sonic] [HKLM\Software\Swearware] [HKLM\Software\Symantec] [HKLM\Software\Toshiba] [HKLM\Software\VideoLAN] [HKLM\Software\Volatile] [HKLM\Software\Vuze_Remote] [HKLM\Software\WOW6432Node] [HKLM\Software\WinRAR] [HKLM\Software\Xerox] [HKLM\Software\ej-technologies] [HKLM\Software\mozilla.org] ~ Scan Softwares in 00mn 00s ---\\ Contents of the Common Files folders (O43) O43 - CFD: 08/11/2010 - 10:14:42 - [3094515] ----D- C:\Program Files\7-Zip O43 - CFD: 07/10/2009 - 23:02:50 - [299589] ----D- C:\Program Files\Acro Software O43 - CFD: 28/06/2011 - 12:11:04 - [183041510] ----D- C:\Program Files\Adobe O43 - CFD: 05/10/2010 - 08:56:34 - [157287880] ----D- C:\Program Files\Alwil Software O43 - CFD: 30/08/2010 - 23:39:24 - [66939855] ----D- C:\Program Files\AnvSoft O43 - CFD: 21/08/2009 - 20:53:38 - [0] -SH-D- C:\Program Files\Arquivos Comuns O43 - CFD: 06/01/2011 - 22:27:00 - [34840475] ----D- C:\Program Files\aTube Catcher O43 - CFD: 20/10/2010 - 10:03:10 - [999006] ----D- C:\Program Files\Bing Bar Installer O43 - CFD: 29/07/2011 - 08:41:40 - [4068448] ----D- C:\Program Files\CCleaner O43 - CFD: 30/07/2011 - 16:02:00 - [984907699] ----D- C:\Program Files\Common Files O43 - CFD: 23/07/2009 - 17:12:58 - [2048000] ----D- C:\Program Files\CONEXANT O43 - CFD: 23/07/2009 - 23:20:32 - [44987551] ----D- C:\Program Files\CyberLink O43 - CFD: 24/07/2009 - 01:06:42 - [8046128] ----D- C:\Program Files\DellTPad O43 - CFD: 11/05/2010 - 21:18:40 - [17221484] ----D- C:\Program Files\DsNET Corp O43 - CFD: 22/10/2010 - 23:22:36 - [1531590] ----D- C:\Program Files\FastStone Photo Resizer O43 - CFD: 20/10/2010 - 23:04:16 - [2948999] ----D- C:\Program Files\Free WMA to MP3 Converter O43 - CFD: 07/10/2009 - 23:11:54 - [8075602] ----D- C:\Program Files\GPLGS O43 - CFD: 25/09/2009 - 23:22:34 - [0] ----D- C:\Program Files\Hewlett-Packard O43 - CFD: 17/08/2010 - 20:10:34 - [12987281] ----D- C:\Program Files\HooTech AIFF MP3 Converter O43 - CFD: 25/09/2009 - 23:23:04 - [153636290] ----D- C:\Program Files\HP O43 - CFD: 25/11/2009 - 19:39:22 - [6037830] --H-D- C:\Program Files\InstallShield Installation Information O43 - CFD: 27/06/2011 - 12:21:42 - [1560083] ----D- C:\Program Files\Internet Explorer O43 - CFD: 22/07/2011 - 08:33:30 - [90783816] ----D- C:\Program Files\Java O43 - CFD: 31/07/2011 - 00:15:46 - [0] ----D- C:\Program Files\Lavasoft O43 - CFD: 25/11/2009 - 19:39:32 - [45] ----D- C:\Program Files\Logitech O43 - CFD: 23/07/2009 - 23:22:50 - [2664525] ----D- C:\Program Files\Microsoft O43 - CFD: 01/07/2011 - 09:28:00 - [881669368] ----D- C:\Program Files\Microsoft Office O43 - CFD: 27/06/2011 - 13:56:06 - [38411899] ----D- C:\Program Files\Microsoft Silverlight O43 - CFD: 23/07/2009 - 23:23:58 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 22/08/2009 - 20:02:48 - [14904] ----D- C:\Program Files\Microsoft Visual Studio O43 - CFD: 25/10/2009 - 12:59:06 - [1529094] ----D- C:\Program Files\Microsoft Visual Studio 8 O43 - CFD: 16/12/2010 - 08:00:54 - [132397225] ----D- C:\Program Files\Microsoft Works O43 - CFD: 10/05/2011 - 07:34:26 - [8167779] ----D- C:\Program Files\Microsoft.NET O43 - CFD: 12/08/2010 - 09:47:20 - [20444966] ----D- C:\Program Files\Movie Maker O43 - CFD: 26/06/2011 - 21:10:52 - [42474110] ----D- C:\Program Files\Mozilla Firefox O43 - CFD: 13/05/2010 - 17:15:54 - [24679388] ----D- C:\Program Files\MP3 Player Utilities 4.09 O43 - CFD: 25/10/2009 - 13:05:22 - [26521] ----D- C:\Program Files\MSBuild O43 - CFD: 20/10/2010 - 10:02:24 - [6834838] ----D- C:\Program Files\MSN Toolbar O43 - CFD: 28/09/2009 - 22:24:04 - [0] ----D- C:\Program Files\MSXML 4.0 O43 - CFD: 02/09/2010 - 02:02:14 - [104851319] ----D- C:\Program Files\Philips O43 - CFD: 08/11/2009 - 19:13:54 - [34147916] ----D- C:\Program Files\Positivo O43 - CFD: 28/06/2011 - 23:47:28 - [74664] ----D- C:\Program Files\Raptr O43 - CFD: 02/11/2006 - 09:37:42 - [38612225] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 17/02/2011 - 21:36:30 - [6008199] ----D- C:\Program Files\RkSoft O43 - CFD: 23/07/2009 - 23:18:20 - [18174630] ----D- C:\Program Files\Roxio O43 - CFD: 30/06/2011 - 22:39:16 - [22873836] R---D- C:\Program Files\Skype O43 - CFD: 27/02/2011 - 21:54:00 - [11378235] ----D- C:\Program Files\Smart Projects O43 - CFD: 23/07/2009 - 23:18:32 - [30262240] ----D- C:\Program Files\Sonic O43 - CFD: 29/06/2011 - 00:00:20 - [2045407] ----D- C:\Program Files\TimeAdjuster O43 - CFD: 23/07/2009 - 23:16:12 - [51925048] ----D- C:\Program Files\Toshiba O43 - CFD: 02/11/2006 - 10:01:30 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 25/08/2009 - 01:01:52 - [6095473] ----D- C:\Program Files\VDOWNLOADER O43 - CFD: 22/08/2009 - 19:48:36 - [92482597] ----D- C:\Program Files\VideoLAN O43 - CFD: 28/06/2011 - 17:39:42 - [50417350] ----D- C:\Program Files\Vuze O43 - CFD: 27/11/2010 - 10:07:56 - [4125210] ----D- C:\Program Files\Vuze_Remote O43 - CFD: 25/10/2009 - 22:55:32 - [1016832] ----D- C:\Program Files\Windows Calendar O43 - CFD: 25/10/2009 - 22:55:32 - [2733056] ----D- C:\Program Files\Windows Collaboration O43 - CFD: 25/10/2009 - 22:55:30 - [4476288] ----D- C:\Program Files\Windows Defender O43 - CFD: 25/10/2009 - 22:55:32 - [7080568] ----D- C:\Program Files\Windows Journal O43 - CFD: 12/07/2011 - 23:02:26 - [146580433] ----D- C:\Program Files\Windows Live O43 - CFD: 27/06/2011 - 10:23:06 - [10241032] ----D- C:\Program Files\Windows Mail O43 - CFD: 16/10/2010 - 11:45:58 - [4485833] ----D- C:\Program Files\Windows Media Player O43 - CFD: 21/08/2009 - 20:53:38 - [7957544] ----D- C:\Program Files\Windows NT O43 - CFD: 25/10/2009 - 22:55:30 - [8222370] ----D- C:\Program Files\Windows Photo Gallery O43 - CFD: 17/11/2009 - 21:16:22 - [134144] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 25/10/2009 - 22:55:32 - [6673704] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 16/05/2010 - 21:14:44 - [5316986] ----D- C:\Program Files\WinRAR O43 - CFD: 18/02/2011 - 08:02:06 - [16596848] ----D- C:\Program Files\WT Software O43 - CFD: 28/06/2011 - 12:11:16 - [3605658] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 25/10/2009 - 13:04:28 - [92976] ----D- C:\Program Files\Common Files\DESIGNER O43 - CFD: 25/09/2009 - 23:22:28 - [469525] ----D- C:\Program Files\Common Files\Hewlett-Packard O43 - CFD: 25/09/2009 - 23:21:50 - [5280332] ----D- C:\Program Files\Common Files\HP O43 - CFD: 25/11/2009 - 19:36:02 - [9342954] ----D- C:\Program Files\Common Files\InstallShield O43 - CFD: 22/07/2011 - 08:35:04 - [1258951] ----D- C:\Program Files\Common Files\Java O43 - CFD: 12/07/2011 - 23:01:26 - [428070163] ----D- C:\Program Files\Common Files\microsoft shared O43 - CFD: 23/07/2009 - 23:17:36 - [4101736] ----D- C:\Program Files\Common Files\PX Storage Engine O43 - CFD: 23/07/2009 - 23:17:36 - [74253365] ----D- C:\Program Files\Common Files\Roxio Shared O43 - CFD: 02/11/2006 - 08:18:34 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 21/08/2009 - 20:53:38 - [0] -SH-D- C:\Program Files\Common Files\Sistema O43 - CFD: 23/07/2009 - 23:18:32 - [6617736] ----D- C:\Program Files\Common Files\Sonic Shared O43 - CFD: 02/11/2006 - 08:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 23/07/2009 - 23:18:22 - [710656] ----D- C:\Program Files\Common Files\SureThing Shared O43 - CFD: 29/10/2009 - 22:19:20 - [43756204] ----D- C:\Program Files\Common Files\System O43 - CFD: 23/07/2009 - 23:20:56 - [366243006] ----D- C:\Program Files\Common Files\Windows Live O43 - CFD: 28/06/2011 - 12:11:08 - [479] ----D- C:\ProgramData\Adobe O43 - CFD: 05/10/2010 - 08:53:02 - [7992592] ----D- C:\ProgramData\Alwil Software O43 - CFD: 21/11/2009 - 17:44:20 - [20] ----D- C:\ProgramData\Azureus O43 - CFD: 07/08/2010 - 15:07:18 - [2018] ----D- C:\ProgramData\CyberLink O43 - CFD: 21/08/2009 - 20:53:38 - [0] -SH-D- C:\ProgramData\Dados de aplicativos O43 - CFD: 23/07/2009 - 23:20:46 - [0] ----D- C:\ProgramData\Dell O43 - CFD: 21/08/2009 - 20:53:38 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 21/08/2009 - 20:53:38 - [0] -SH-D- C:\ProgramData\Documentos O43 - CFD: 02/03/2010 - 01:45:24 - [0] ----D- C:\ProgramData\eMule O43 - CFD: 21/08/2009 - 20:53:38 - [0] -SH-D- C:\ProgramData\Favoritos O43 - CFD: 20/03/2011 - 12:08:16 - [10273] ----D- C:\ProgramData\GbPlugin O43 - CFD: 25/09/2009 - 23:28:08 - [81438] ----D- C:\ProgramData\Hewlett-Packard O43 - CFD: 25/09/2009 - 23:30:40 - [1480123] ----D- C:\ProgramData\HP O43 - CFD: 12/05/2011 - 18:27:50 - [8960] ----D- C:\ProgramData\HP Product Assistant O43 - CFD: 23/07/2009 - 23:18:14 - [781] ----D- C:\ProgramData\InstallShield O43 - CFD: 31/07/2011 - 08:40:00 - [0] ----D- C:\ProgramData\Lavasoft O43 - CFD: 02/08/2011 - 20:25:14 - [7145000] ----D- C:\ProgramData\Malwarebytes O43 - CFD: 21/04/2010 - 15:22:16 - [0] ----D- C:\ProgramData\McAfee O43 - CFD: 21/08/2009 - 20:53:38 - [0] -SH-D- C:\ProgramData\Menu Iniciar O43 - CFD: 20/10/2010 - 10:04:36 - [248765346] -S--D- C:\ProgramData\Microsoft O43 - CFD: 14/07/2011 - 08:01:56 - [81842] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 21/08/2009 - 20:53:38 - [0] -SH-D- C:\ProgramData\Modelos O43 - CFD: 18/09/2009 - 00:38:32 - [580] ----D- C:\ProgramData\Office Genuine Advantage O43 - CFD: 07/08/2010 - 15:33:20 - [0] ----D- C:\ProgramData\Roxio O43 - CFD: 30/06/2011 - 22:39:10 - [63859212] ----D- C:\ProgramData\Skype O43 - CFD: 27/06/2011 - 17:26:44 - [5582524] ----D- C:\ProgramData\Skype Extras O43 - CFD: 23/07/2009 - 23:17:40 - [1589] ----D- C:\ProgramData\Sonic O43 - CFD: 30/03/2010 - 19:05:40 - [259] ----D- C:\ProgramData\Sun O43 - CFD: 25/09/2009 - 23:30:08 - [247] ----D- C:\ProgramData\WEBREG O43 - CFD: 28/06/2010 - 18:06:06 - [0] ----D- C:\ProgramData\WindowsSearch O43 - CFD: 08/08/2010 - 18:10:04 - [1901] ----D- C:\ProgramData\Xerox O43 - CFD: 08/04/2011 - 20:41:46 - [3787506] ----D- C:\Users\corujinha\AppData\Roaming\Adobe O43 - CFD: 30/08/2010 - 23:39:28 - [246955] ----D- C:\Users\corujinha\AppData\Roaming\AnvSoft O43 - CFD: 29/07/2011 - 08:43:16 - [4439746] ----D- C:\Users\corujinha\AppData\Roaming\Azureus O43 - CFD: 22/08/2009 - 00:40:28 - [0] ----D- C:\Users\corujinha\AppData\Roaming\CyberLink O43 - CFD: 31/07/2011 - 21:58:16 - [199] ----D- C:\Users\corujinha\AppData\Roaming\dvdcss O43 - CFD: 22/10/2010 - 23:22:42 - [4356] ----D- C:\Users\corujinha\AppData\Roaming\FastStone O43 - CFD: 28/11/2009 - 15:46:52 - [206238] ----D- C:\Users\corujinha\AppData\Roaming\HP O43 - CFD: 07/08/2010 - 15:07:30 - [0] ----D- C:\Users\corujinha\AppData\Roaming\HPAppData O43 - CFD: 27/07/2010 - 20:40:18 - [29657] ----D- C:\Users\corujinha\AppData\Roaming\HpUpdate O43 - CFD: 21/08/2009 - 20:58:04 - [0] ----D- C:\Users\corujinha\AppData\Roaming\Identities O43 - CFD: 17/10/2009 - 12:21:18 - [544] ----D- C:\Users\corujinha\AppData\Roaming\InstallShield O43 - CFD: 21/08/2009 - 20:59:56 - [844] ----D- C:\Users\corujinha\AppData\Roaming\Macromedia O43 - CFD: 02/08/2011 - 20:25:28 - [2134] ----D- C:\Users\corujinha\AppData\Roaming\Malwarebytes O43 - CFD: 08/04/2011 - 20:41:46 - [1575104] -S--D- C:\Users\corujinha\AppData\Roaming\Microsoft O43 - CFD: 21/08/2009 - 22:27:58 - [20605060] ----D- C:\Users\corujinha\AppData\Roaming\Mozilla O43 - CFD: 31/08/2010 - 01:56:40 - [144] ----D- C:\Users\corujinha\AppData\Roaming\Philips O43 - CFD: 31/08/2010 - 01:53:38 - [7621818] ----D- C:\Users\corujinha\AppData\Roaming\Philips-Songbird O43 - CFD: 07/08/2010 - 15:09:14 - [640] ----D- C:\Users\corujinha\AppData\Roaming\Roxio O43 - CFD: 02/08/2011 - 22:14:06 - [7376954] ----D- C:\Users\corujinha\AppData\Roaming\Skype O43 - CFD: 30/06/2011 - 16:08:50 - [41232] ----D- C:\Users\corujinha\AppData\Roaming\skypePM O43 - CFD: 31/07/2011 - 22:00:32 - [480947] ----D- C:\Users\corujinha\AppData\Roaming\vlc O43 - CFD: 22/10/2010 - 09:32:18 - [298] ----D- C:\Users\corujinha\AppData\Roaming\Windows Live Writer O43 - CFD: 13/11/2009 - 10:50:42 - [12] ----D- C:\Users\corujinha\AppData\Roaming\WinRAR O43 - CFD: 05/04/2011 - 11:51:06 - [135834691] ----D- C:\Users\corujinha\AppData\Local\Adobe O43 - CFD: 08/12/2009 - 14:19:54 - [0] ----D- C:\Users\corujinha\AppData\Local\CutePDF Writer O43 - CFD: 21/08/2009 - 20:57:20 - [0] -SH-D- C:\Users\corujinha\AppData\Local\Dados de aplicativos O43 - CFD: 02/03/2010 - 01:45:26 - [0] ----D- C:\Users\corujinha\AppData\Local\eMule O43 - CFD: 21/08/2009 - 20:57:20 - [0] -SH-D- C:\Users\corujinha\AppData\Local\Histórico O43 - CFD: 28/11/2009 - 15:46:52 - [233079] ----D- C:\Users\corujinha\AppData\Local\HP O43 - CFD: 25/11/2009 - 22:07:08 - [0] ----D- C:\Users\corujinha\AppData\Local\Logitech-LS O43 - CFD: 16/07/2011 - 09:18:22 - [1279181697] ----D- C:\Users\corujinha\AppData\Local\Microsoft O43 - CFD: 10/07/2011 - 09:50:18 - [215748] ----D- C:\Users\corujinha\AppData\Local\Microsoft Help O43 - CFD: 07/08/2010 - 15:26:00 - [52568] ----D- C:\Users\corujinha\AppData\Local\MicroVision Applications O43 - CFD: 21/08/2009 - 22:27:42 - [44688141] ----D- C:\Users\corujinha\AppData\Local\Mozilla O43 - CFD: 31/08/2010 - 01:53:58 - [75744166] ----D- C:\Users\corujinha\AppData\Local\Philips-Songbird O43 - CFD: 07/08/2010 - 15:07:20 - [15624] ----D- C:\Users\corujinha\AppData\Local\PowerDVD DX O43 - CFD: 06/01/2011 - 22:27:00 - [25262] ----D- C:\Users\corujinha\AppData\Local\QuickStores O43 - CFD: 31/07/2011 - 00:31:52 - [0] ----D- C:\Users\corujinha\AppData\Local\Sunbelt Software O43 - CFD: 02/08/2011 - 22:11:54 - [272164] ----D- C:\Users\corujinha\AppData\Local\temp O43 - CFD: 21/08/2009 - 20:57:20 - [0] -SH-D- C:\Users\corujinha\AppData\Local\Temporary Internet Files O43 - CFD: 21/08/2009 - 20:58:28 - [15265] ----D- C:\Users\corujinha\AppData\Local\Toshiba O43 - CFD: 25/08/2009 - 01:04:54 - [59] ----D- C:\Users\corujinha\AppData\Local\vdownloader O43 - CFD: 25/09/2009 - 23:29:02 - [2016156] ----D- C:\Users\corujinha\AppData\Local\VirtualStore O43 - CFD: 23/07/2011 - 13:39:26 - [126976] ----D- C:\Users\corujinha\AppData\Local\Windows Live O43 - CFD: 14/07/2011 - 09:06:02 - [377104] ----D- C:\Users\corujinha\AppData\Local\Windows Live Writer O43 - CFD: 21/04/2011 - 15:25:02 - [0] ----D- C:\Users\corujinha\AppData\Local\{018F1EE4-B58E-4C0E-89F2-6856FDC3B917} O43 - CFD: 15/05/2011 - 18:00:36 - [0] ----D- C:\Users\corujinha\AppData\Local\{02E3BFB1-F94F-49C0-A723-C17E74C7C86D} O43 - CFD: 14/05/2011 - 17:46:52 - [0] ----D- C:\Users\corujinha\AppData\Local\{033494B9-870C-4B48-ADC7-726945ACBC2E} O43 - CFD: 07/04/2011 - 22:54:50 - [0] ----D- C:\Users\corujinha\AppData\Local\{0830C722-31DA-410B-AA69-7E09E896B674} O43 - CFD: 30/05/2011 - 22:04:56 - [0] ----D- C:\Users\corujinha\AppData\Local\{09D9838D-523A-4CEC-B956-27E4F3FAD5D4} O43 - CFD: 16/07/2011 - 19:14:58 - [0] ----D- C:\Users\corujinha\AppData\Local\{1815FE0F-CEF2-4385-87A3-A5092FBADB74} O43 - CFD: 05/04/2011 - 22:21:50 - [0] ----D- C:\Users\corujinha\AppData\Local\{182AA854-CFA1-4226-96B8-620690662D70} O43 - CFD: 28/05/2011 - 18:53:08 - [0] ----D- C:\Users\corujinha\AppData\Local\{19A279D9-2BC7-4F25-9A9F-4082762CB71F} O43 - CFD: 26/04/2011 - 00:16:32 - [0] ----D- C:\Users\corujinha\AppData\Local\{19C44CF4-5394-4A2B-8DB7-A38EB69566AA} O43 - CFD: 22/04/2011 - 08:08:22 - [0] ----D- C:\Users\corujinha\AppData\Local\{1BA08E1B-367A-4E24-8DB8-4E802F26C096} O43 - CFD: 27/07/2011 - 10:55:42 - [0] ----D- C:\Users\corujinha\AppData\Local\{1DD1BBDB-AAEA-497F-9866-223BB3386D2A} O43 - CFD: 11/04/2011 - 10:58:40 - [0] ----D- C:\Users\corujinha\AppData\Local\{1E54A9D3-B8A5-41D3-B397-44F65D857166} O43 - CFD: 04/05/2011 - 22:03:18 - [0] ----D- C:\Users\corujinha\AppData\Local\{20442B02-EE02-4BE7-8D5C-31E2E311C2C2} O43 - CFD: 22/05/2011 - 02:10:44 - [0] ----D- C:\Users\corujinha\AppData\Local\{220AAF6D-65ED-4533-853D-B99DA59D2241} O43 - CFD: 26/07/2011 - 18:45:48 - [0] ----D- C:\Users\corujinha\AppData\Local\{23754063-EA57-4EEE-9BB5-641158765AC7} O43 - CFD: 30/05/2011 - 09:53:22 - [0] ----D- C:\Users\corujinha\AppData\Local\{26B93DA6-9987-4B5D-8DCE-987C38C45805} O43 - CFD: 25/05/2011 - 09:08:06 - [0] ----D- C:\Users\corujinha\AppData\Local\{276E4A9F-9E05-4238-8106-74817A68C34B} O43 - CFD: 17/05/2011 - 19:00:34 - [0] ----D- C:\Users\corujinha\AppData\Local\{291D1164-A302-44B0-99E7-662598AD085A} O43 - CFD: 27/05/2011 - 22:37:06 - [0] ----D- C:\Users\corujinha\AppData\Local\{2C31306C-3041-44BA-A997-13F8DF8905CB} O43 - CFD: 23/04/2011 - 10:09:22 - [0] ----D- C:\Users\corujinha\AppData\Local\{2E8C98D2-CF4A-402D-8761-DFC3220EC7F8} O43 - CFD: 19/04/2011 - 00:12:56 - [0] ----D- C:\Users\corujinha\AppData\Local\{3513A5C6-FAC5-43E8-AFD7-9AEECCD50684} O43 - CFD: 14/07/2011 - 09:12:34 - [0] ----D- C:\Users\corujinha\AppData\Local\{361EC55B-75F5-4962-9FF8-5DF8101CC9FC} O43 - CFD: 15/05/2011 - 09:03:12 - [0] ----D- C:\Users\corujinha\AppData\Local\{39490D63-6C8C-4D14-9B3E-825BD3495CEA} O43 - CFD: 27/05/2011 - 09:39:06 - [0] ----D- C:\Users\corujinha\AppData\Local\{3D816EEE-5CFD-45BC-9AAC-199481578C60} O43 - CFD: 12/05/2011 - 19:56:06 - [0] ----D- C:\Users\corujinha\AppData\Local\{40D9B0D1-80E9-4376-A168-7B1C4764909B} O43 - CFD: 17/07/2011 - 16:18:32 - [0] ----D- C:\Users\corujinha\AppData\Local\{430A6A3C-DDC4-4A79-9177-A29D0B2C74C9} O43 - CFD: 20/05/2011 - 08:27:20 - [0] ----D- C:\Users\corujinha\AppData\Local\{4320AE73-0039-4571-9B3B-D3A0BA50065A} O43 - CFD: 23/04/2011 - 11:05:14 - [0] ----D- C:\Users\corujinha\AppData\Local\{437E607F-39DA-4C7C-9EBA-7075E144F85E} O43 - CFD: 31/03/2011 - 23:08:46 - [0] ----D- C:\Users\corujinha\AppData\Local\{4488F9FB-2637-4B6A-86DB-3B3A655A943B} O43 - CFD: 25/07/2011 - 19:20:40 - [0] ----D- C:\Users\corujinha\AppData\Local\{46361E9F-4220-4B50-811A-1148B2E696C5} O43 - CFD: 10/04/2011 - 22:12:38 - [0] ----D- C:\Users\corujinha\AppData\Local\{48D5F168-D4DD-4DDC-A8E3-D3A8F6992FA7} O43 - CFD: 01/05/2011 - 10:36:26 - [0] ----D- C:\Users\corujinha\AppData\Local\{4A643743-5186-4B96-B8D8-36D68F05BFFE} O43 - CFD: 17/04/2011 - 23:52:02 - [0] ----D- C:\Users\corujinha\AppData\Local\{5895521B-458B-48EF-BC61-BF15B0D88E53} O43 - CFD: 08/05/2011 - 23:21:58 - [0] ----D- C:\Users\corujinha\AppData\Local\{591679C5-5AB9-47CC-A0C7-59916D1BB608} O43 - CFD: 05/04/2011 - 00:03:02 - [0] ----D- C:\Users\corujinha\AppData\Local\{61B656A6-1814-4E34-B1B2-AFC00E641178} O43 - CFD: 26/04/2011 - 23:49:32 - [0] ----D- C:\Users\corujinha\AppData\Local\{61F61048-4EE7-4DAB-8F48-5FDC55FC5837} O43 - CFD: 16/05/2011 - 23:02:24 - [0] ----D- C:\Users\corujinha\AppData\Local\{64444A28-25F2-4EC2-B749-365B05B43961} O43 - CFD: 11/04/2011 - 23:03:36 - [0] ----D- C:\Users\corujinha\AppData\Local\{660FD213-DB6D-416E-AA1D-C2EADD2861F3} O43 - CFD: 31/05/2011 - 23:27:50 - [0] ----D- C:\Users\corujinha\AppData\Local\{67CC578C-2443-424E-BCC3-BDDB70C72941} O43 - CFD: 02/05/2011 - 22:59:40 - [0] ----D- C:\Users\corujinha\AppData\Local\{6D366B1D-C967-4105-9620-C9C74CAB5C3B} O43 - CFD: 13/04/2011 - 23:32:04 - [0] ----D- C:\Users\corujinha\AppData\Local\{6DB46326-3860-495B-9AD9-E89B862E08B3} O43 - CFD: 03/04/2011 - 13:10:10 - [0] ----D- C:\Users\corujinha\AppData\Local\{7623BD5E-92E7-4E78-9DED-8C88845F1793} O43 - CFD: 03/05/2011 - 20:03:36 - [0] ----D- C:\Users\corujinha\AppData\Local\{7D4856D2-463C-45C6-8B72-30074C0A917F} O43 - CFD: 13/04/2011 - 01:10:24 - [0] ----D- C:\Users\corujinha\AppData\Local\{80532E09-B064-43CB-A673-862024BE7918} O43 - CFD: 08/04/2011 - 11:23:10 - [0] ----D- C:\Users\corujinha\AppData\Local\{8A270BBC-89DF-4525-9E54-F1CBA6F1CF80} O43 - CFD: 14/04/2011 - 21:17:16 - [0] ----D- C:\Users\corujinha\AppData\Local\{8EA54010-8F98-424A-BF02-B5F6EC43A09D} O43 - CFD: 23/07/2011 - 13:39:50 - [0] ----D- C:\Users\corujinha\AppData\Local\{92D99913-B48E-4626-A5DD-64B40D24A835} O43 - CFD: 02/04/2011 - 08:53:26 - [0] ----D- C:\Users\corujinha\AppData\Local\{94164EE7-A538-4CA4-A2B5-A3B9A620D169} O43 - CFD: 03/04/2011 - 00:19:14 - [0] ----D- C:\Users\corujinha\AppData\Local\{979F10EF-11D5-4AAD-BBB0-03EDF83D6FDD} O43 - CFD: 07/04/2011 - 10:08:52 - [0] ----D- C:\Users\corujinha\AppData\Local\{9A87BF15-756B-4BD8-825E-BE27891FD80E} O43 - CFD: 04/04/2011 - 11:17:26 - [0] ----D- C:\Users\corujinha\AppData\Local\{9B74FACC-1B01-449D-9C3B-CA34226B112B} O43 - CFD: 29/04/2011 - 10:14:50 - [0] ----D- C:\Users\corujinha\AppData\Local\{9D2803EF-C278-4FDC-8124-6C3314F4F853} O43 - CFD: 01/04/2011 - 11:13:16 - [0] ----D- C:\Users\corujinha\AppData\Local\{9EE48F95-64CD-4BF6-8001-AF927EA8A2C0} O43 - CFD: 30/04/2011 - 19:10:16 - [0] ----D- C:\Users\corujinha\AppData\Local\{A1F05D62-E694-48E9-BD1A-2F51001D1FF1} O43 - CFD: 29/04/2011 - 22:34:36 - [0] ----D- C:\Users\corujinha\AppData\Local\{A21B45C7-ABC9-4E8E-A1B1-BDB8F5055AC9} O43 - CFD: 28/04/2011 - 10:19:22 - [0] ----D- C:\Users\corujinha\AppData\Local\{AB2A4824-A627-4438-90A8-EC873868C7CD} O43 - CFD: 08/05/2011 - 10:39:06 - [0] ----D- C:\Users\corujinha\AppData\Local\{B684B369-4CE5-4674-A55A-FB2D322DD414} O43 - CFD: 19/04/2011 - 23:39:30 - [0] ----D- C:\Users\corujinha\AppData\Local\{B94EDB4A-759D-48D4-A4F8-8E0541B990E7} O43 - CFD: 24/04/2011 - 08:05:58 - [0] ----D- C:\Users\corujinha\AppData\Local\{BC3B7749-C416-47CF-8F4F-964555371CB8} O43 - CFD: 06/04/2011 - 21:18:26 - [0] ----D- C:\Users\corujinha\AppData\Local\{BC3DC12D-6F6F-4234-A4BD-D68F6AF93D2F} O43 - CFD: 14/05/2011 - 17:21:52 - [0] ----D- C:\Users\corujinha\AppData\Local\{C15F4F68-CC5D-4ECC-B969-AB2437990134} O43 - CFD: 12/04/2011 - 11:04:12 - [0] ----D- C:\Users\corujinha\AppData\Local\{C27B8DA0-8AA5-4B0D-AB74-0010B8A2B13A} O43 - CFD: 23/05/2011 - 08:28:04 - [0] ----D- C:\Users\corujinha\AppData\Local\{C8C4D6A4-1A42-4B4F-ABC4-C3AF12780862} O43 - CFD: 09/04/2011 - 12:46:14 - [0] ----D- C:\Users\corujinha\AppData\Local\{CFA97154-3488-4A2D-8723-657C8E3A3D09} O43 - CFD: 07/05/2011 - 00:38:46 - [0] ----D- C:\Users\corujinha\AppData\Local\{D2DF8878-733E-4F68-AF84-EBE953DCE55D} O43 - CFD: 10/04/2011 - 06:39:22 - [0] ----D- C:\Users\corujinha\AppData\Local\{D4E05098-888B-4C4B-A8CF-EBBF90DD3452} O43 - CFD: 06/04/2011 - 11:35:32 - [0] ----D- C:\Users\corujinha\AppData\Local\{E81CBFF5-D574-405D-BD52-74BF421DA953} O43 - CFD: 11/05/2011 - 21:03:56 - [0] ----D- C:\Users\corujinha\AppData\Local\{F5DB81BC-3EAA-4275-BF8B-13908249F151} O43 - CFD: 25/04/2011 - 01:02:18 - [0] ----D- C:\Users\corujinha\AppData\Local\{F8FF16DC-0FD7-4DD4-A0A8-AEDAE6BF00AF} O43 - CFD: 14/07/2011 - 09:06:16 - [0] ----D- C:\Users\corujinha\AppData\Local\{FDFB3E75-5A96-44F0-BF1D-54E4D4BA7FB7} ~ Scan Program Folder in 00mn 21s ---\\ Last modified or created files under Windows and System32 (O44) O44 - LFC:[MD5.DFD1C106AC5571EAB429F6D4094CFEC1] - 02/08/2011 - 20:44:09 ---A- . (...) -- C:\Windows\WindowsUpdate.log [50540] O44 - LFC:[MD5.67A683BDDB00F5FE45556EF1BF83D9F7] - 02/08/2011 - 20:20:59 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.BBAECB736ED630E68703D1D1FC21EFF4] - 02/08/2011 - 19:46:03 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1497792] O44 - LFC:[MD5.E1BB6A82723A9C9BE911E7EDB681DE07] - 02/08/2011 - 19:46:03 ---A- . (...) -- C:\Windows\System32\perfc009.dat [1437432] O44 - LFC:[MD5.61C5E7EFC7544539D8038618FB517C7A] - 02/08/2011 - 19:46:03 ---A- . (...) -- C:\Windows\System32\perfh009.dat [1986330] O44 - LFC:[MD5.3D1008C6678483FC43AC959E4EC37540] - 02/08/2011 - 19:46:03 ---A- . (...) -- C:\Windows\System32\prfc0416.dat [1458422] O44 - LFC:[MD5.F3A985EDADC388FA7599A1A3B0549513] - 02/08/2011 - 19:46:03 ---A- . (...) -- C:\Windows\System32\prfh0416.dat [2033890] O44 - LFC:[MD5.0505DA5D357F18A5D42FC5DEDE6BC9A0] - 31/07/2011 - 00:35:54 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\System32\drivers\SBREDrv.sys [101720] O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 30/07/2011 - 16:08:39 ---A- . (...) -- C:\Windows\system.ini [215] O44 - LFC:[MD5.152F54C5F3AC5012891C8AED8934C397] - 30/07/2011 - 00:56:23 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [395888] O44 - LFC:[MD5.2340832B8B1EFB379280A30140D1B7ED] - 22/07/2011 - 08:33:39 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\java.exe [145184] O44 - LFC:[MD5.FD8AB373BD7834A65114DD899199D00B] - 22/07/2011 - 08:33:39 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184] O44 - LFC:[MD5.4EDDB64328BE19A164657230C647913E] - 22/07/2011 - 08:33:39 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\System32\javaws.exe [157472] O44 - LFC:[MD5.13833FDB77FFECE3C227173A9866AB92] - 22/07/2011 - 08:33:28 ---A- . (...) -- C:\Windows\System32\jupdate-1.6.0_26-b03.log [3735] O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 07/07/2011 - 21:58:38 ---A- . (...) -- C:\Windows\System32\config.nt [2577] O44 - LFC:[MD5.9E631C8599E6D4EE4F6B99CA23726F99] - 06/07/2011 - 21:53:35 ---A- . (...) -- C:\Windows\System32\spsys.log [2088] O44 - LFC:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 06/07/2011 - 19:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [22712] O44 - LFC:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 06/07/2011 - 19:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [41272] ~ Scan Files in 00mn 06s ---\\ Safe Boot Control (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys . (.Microsoft Corporation - WDF Dinâmico.) -- C:\Windows\System32\Drivers\Wdf01000.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Driver de porta de mouse serial.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys . (.Microsoft Corporation - WDF Dinâmico.) -- C:\Windows\System32\Drivers\Wdf01000.sys ~ Scan CSB in 00mn 00s ---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\Windows\System32\ir50_32.dll O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\Windows\System32\ir41_32.ax O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (.Intel® Corporation - No comment.) -- C:\Windows\System32\ir32_32.dll O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (.Intel® Corporation - No comment.) -- C:\Windows\System32\ir32_32.dll O52 - TDSD: \Drivers32\"VIDC.FMVC"="fmcodec.dll" . (.Fox Magic Software - FM Screen Capture Codec (VFW).) -- C:\Windows\System32\fmcodec.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"ir32_32.dll"="Indeo® video R3.2 by Intel" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"ir41_32.ax"="Indeo® video interactive R4.3 by Intel" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.) O52 - TDSD: \drivers.desc\"iyvu9_32.dll"="Indeo® video Raw YVU9 by Intel" . (...) -- C:\Windows\System32\iyvu9_32.dll O52 - TDSD: \drivers.desc\"C:\Windows\system32\Iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Software de áudio Indeo®.) -- C:\Windows\system32\Iac25_32.ax ~ Scan Keys in 00mn 00s ---\\ Microsoft Control Security Providers (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableRegistryTools"=0 O55 - MWPS:[HKCU\...\Policies\System] - "disableregistrytools"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0 ~ Scan Keys in 00mn 00s ---\\ System Drivers List (SDL) (O58) O58 - SDL:[MD5.F8A6018193BE629B8EA4C5D7B2452B70] - 13/05/2010 - 13:26:40 ---A- . (...) -- C:\Windows\system32\drivers\ADFUUD.SYS [12634] O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 23:23:45 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968] O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 23:23:50 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600] O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 23:23:50 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432] O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 23:23:51 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560] O58 - SDL:[MD5.9325E49D555D8F12CE1735227DBB3D80] - 24/07/2009 - 13:21:46 ---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -- C:\Windows\system32\drivers\Apfiltr.sys [164400] O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 23:23:48 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416] O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 23:23:49 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928] O58 - SDL:[MD5.861CB512E4E850E87DD2316F88D69330] - 21/08/2009 - 08:32:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [19544] O58 - SDL:[MD5.FF83C93AEEE8B0CF4B464CA667A67ACD] - 24/11/2009 - 08:32:20 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [54104] O58 - SDL:[MD5.8DB043BF96BB6D334E5B4888E709E1C7] - 21/08/2009 - 08:32:32 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [25432] O58 - SDL:[MD5.17230708A2028CD995656DF455F2E303] - 01/03/2011 - 08:36:43 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [441176] O58 - SDL:[MD5.DBEDD9D43B00630966EF05D2D8D04CEE] - 21/08/2009 - 08:36:32 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [309848] O58 - SDL:[MD5.984CFCE2168286C2511695C2F9621475] - 21/08/2009 - 08:35:23 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [43608] O58 - SDL:[MD5.997E25F5B7D53C94C0AD2DC080F6868E] - 24/07/2009 - 13:34:52 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athr.sys [912384] O58 - SDL:[MD5.E642B131FB74CAF4BB8A014F31113142] - 02/11/2006 - 04:36:43 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [2028032] O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 05:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568] O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 05:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248] O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 05:25:24 ---A- . (.Brother Industries Ltd. - Brother Serial I/F Driver (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808] O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 05:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336] O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 05:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160] O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 05:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904] O58 - SDL:[MD5.223DEA13C9D064BABC882B4727F6F905] - 23/07/2009 - 05:00:00 ---A- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdr4_xp.sys [9072] O58 - SDL:[MD5.9E26599599D178E71AFB5599E146031A] - 23/07/2009 - 05:00:00 ---A- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\system32\drivers\cdralw2k.sys [9200] O58 - SDL:[MD5.58BC03301EC3052F866532946BF51AD6] - 24/07/2009 - 13:18:42 ---A- . (.Conexant Systems Inc. - High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\CHDRT32.sys [221184] O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 06:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272] O58 - SDL:[MD5.908ED85B7806E8AF3AF5E9B74F7809D4] - 20/01/2008 - 23:23:50 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\e1e6032.sys [220672] O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 20/01/2008 - 23:23:49 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784] O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 23:23:46 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584] O58 - SDL:[MD5.4AC51459805264AFFD5F6FDFB9D9235F] - 02/09/2010 - 21:18:40 ---A- . (.GEAR Software Inc. - CD/DVD Class Filter Driver.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [15664] O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 23:23:51 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504] O58 - SDL:[MD5.CFBC2B81972E298F0E19EE68FA9E73DA] - 24/07/2009 - 13:29:42 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\Windows\system32\drivers\HSXHWAZL.sys [208384] O58 - SDL:[MD5.72CC6A8CA7891031D6380DB5025C773C] - 24/07/2009 - 13:29:44 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\Windows\system32\drivers\HSX_CNXT.sys [661504] O58 - SDL:[MD5.99F85640054BA65190B860D878A7C9AE] - 24/07/2009 - 13:29:44 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\Windows\system32\drivers\HSX_DPV.sys [980992] O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 23:23:47 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064] O58 - SDL:[MD5.63C56DAC467EF814B60FF2AA2286C917] - 24/07/2009 - 13:25:58 ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\Windows\system32\drivers\igdkmd32.sys [2354176] O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 06:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576] O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 06:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944] O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 06:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944] O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 23:23:48 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312] O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 23:23:50 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656] O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 23:23:47 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312] O58 - SDL:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 02/08/2011 - 19:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [22712] O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 02/08/2011 - 19:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [41272] O58 - SDL:[MD5.0CEA2D0D3FA284B85ED5B68365114F76] - 24/07/2009 - 13:29:44 ---A- . (.Conexant - Diagnostic Interface x86 Driver.) -- C:\Windows\system32\drivers\mdmxsdk.sys [12672] O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 23:23:51 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288] O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 23:23:51 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616] O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 06:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384] O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 06:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160] O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 04:36:50 ---A- . (.N-trig Innovative Technologies - Driver nativo digitalizador de tablet N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608] O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 23:23:45 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968] O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 23:23:45 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112] O58 - SDL:[MD5.49452BFCEC22F36A7A9B9C2181BC3042] - 23/07/2009 - 05:00:00 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\system32\drivers\pxhelp20.sys [43872] O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 23:23:49 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360] O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 06:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088] O58 - SDL:[MD5.C2EF513BBE069F0D4EE0938A76F975D3] - 24/07/2009 - 13:28:08 ---A- . (.REDC - RICOH SD Driver.) -- C:\Windows\system32\drivers\rimmptsk.sys [46592] O58 - SDL:[MD5.2FC33077F85D7DC0D03678C06D43898C] - 24/07/2009 - 13:35:28 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [122368] O58 - SDL:[MD5.0505DA5D357F18A5D42FC5DEDE6BC9A0] - 31/07/2011 - 00:35:54 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys [101720] O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 03:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480] O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 23:23:51 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808] O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 06:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944] O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 06:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848] O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 06:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920] O58 - SDL:[MD5.2C15B4856F929AC7DD144044D8334B54] - 24/07/2009 - 06:06:00 ---A- . (.TOSHIBA Corporation - TOSHIBA Bluetooth Port Emulation Driver.) -- C:\Windows\system32\drivers\tosporte.sys [41472] O58 - SDL:[MD5.4AC571026155442678E3A0B564A374B1] - 24/07/2009 - 06:06:04 ---A- . (.TOSHIBA CORPORATION - Bluetooth RF Bus Driver.) -- C:\Windows\system32\drivers\tosrfbd.sys [131712] O58 - SDL:[MD5.181E217A7A326817D97946D045B3CB46] - 24/07/2009 - 06:06:06 ---A- . (.TOSHIBA Corporation - Bluetooth RFBNEP Driver.) -- C:\Windows\system32\drivers\tosrfbnp.sys [36608] O58 - SDL:[MD5.E90ACE3B4FA7A85F992BC21EB779C407] - 24/07/2009 - 06:06:08 ---A- . (.TOSHIBA Corporation - Bluetooth RFCOMM Driver.) -- C:\Windows\system32\drivers\tosrfcom.sys [64128] O58 - SDL:[MD5.D3F87C46C7C9E5DB99FBD3D17121B891] - 24/07/2009 - 06:06:10 ---A- . (.TOSHIBA Corporation. - Bluetooth HID Driver from TOSHIBA.) -- C:\Windows\system32\drivers\Tosrfhid.sys [74112] O58 - SDL:[MD5.C52FD27B9ADF3A1F22CB90E6BCF9B0CB] - 24/07/2009 - 06:06:12 ---A- . (.TOSHIBA Corporation. - Bluetooth BNEP Driver.) -- C:\Windows\system32\drivers\tosrfnds.sys [18612] O58 - SDL:[MD5.98C04A6432CE9C2AD328F57B9384D348] - 24/07/2009 - 06:06:16 ---A- . (.TOSHIBA CORPORATION - Bluetooth USB Miniport Driver.) -- C:\Windows\system32\drivers\tosrfusb.sys [41856] O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 23:23:45 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648] O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 06:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408] O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 23:23:47 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816] O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 23:23:48 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616] O58 - SDL:[MD5.DAB33CFA9DD24251AAA389FF36B64D4B] - 24/07/2009 - 13:29:48 ---A- . (.Conexant Systems, Inc. - Modem Audio Device Driver.) -- C:\Windows\system32\drivers\XAudio.sys [8704] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 04:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029] O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 04:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097] O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 04:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768] O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 04:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809] O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 04:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537] O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 04:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866] O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 04:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146] O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 04:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370] O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 04:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274] O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 04:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146] O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 04:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952] O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 04:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672] O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 04:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776] O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 04:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536] O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 04:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672] ~ Scan Drivers in 00mn 13s ---\\ List all tools cleaner (LATC) (O63) O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (.Microsoft Corporation - Driver Win32 multiusuário.) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.cmd> <cmdfile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.com> <comfile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <exefile>[HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- C:\Windows\System32\shell32.dll O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL comum do Shell do Windows.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Editor do Registro.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (SMI) (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (SBI) (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com'>http://search.live.com O69 - SBI: SearchScopes [HKCU] {60524BF5-B7D9-4B43-8A10-2C1E59F1FD5C} - (Live Search) - http://search.live.com ~ Scan Keys in 00mn 00s ---\\ Search Particular Root Folder (SPRF) (O84) [MD5.9A14A477431A901A7014ED312E0C6C3C] [sPRF][01/08/2011] (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Users\corujinha\Desktop\mbam-setup-1.51.1.1800.exe [9466208] [MD5.3F9F1361F5131A92F7988DEC8AB51A18] [sPRF][01/08/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\corujinha\Desktop\ZHPDiag2.exe [2567524] [MD5.8CE7705CB43B03BB7970B04087C7758F] [sPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [29616] [MD5.01E2ECA759056F23C73A035FDABB2D6D] [sPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [201648] [MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [sPRF][11/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [484272] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{87F951B5-76E8-447A-9E14-91D05EEB6172}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerDVD DX.) -- C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe O87 - FAEL: "{EEFFC3D6-583B-4C9E-8AD1-FBAA021FB37A}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerDVD Resident Program.) -- C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe O87 - FAEL: "{57035D66-4A48-4DCE-AF8E-92B360DCAA42}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Software Update Client.) -- C:\Program Files\HP\hp software update\hpwucli.exe O87 - FAEL: "{B64F8F62-EBB0-4783-8545-A18A695363CF}" | In - Public - P6 - TRUE | .(.Vuze Inc. - No comment.) -- C:\Program Files\Vuze\Azureus.exe O87 - FAEL: "{B658EB87-E9DD-4E98-8BFD-32F3E7A6EA1A}" | In - Public - P17 - TRUE | .(.Vuze Inc. - No comment.) -- C:\Program Files\Vuze\Azureus.exe O87 - FAEL: "{9701EFAE-A603-44F2-8095-7DC65D8E407B}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O87 - FAEL: "{4EB0376B-0075-44B9-B11F-F28214CF1EB0}" | In - Private - P6 - TRUE | .(.Vuze Inc. - No comment.) -- C:\Program Files\Vuze\Azureus.exe O87 - FAEL: "{2BD83907-9821-4AD9-8BD3-537B467EB308}" | In - Private - P17 - TRUE | .(.Vuze Inc. - No comment.) -- C:\Program Files\Vuze\Azureus.exe ~ Scan Firewall in 00mn 02s ---\\ Additionnal Scan (O88) Database Version : 8584 - (01/08/2011) Clés trouvées (Keys found) : 5 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 2 Fichiers trouvés (Files found) : 0 [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{201f27d4-3704-41d6-89c1-aa35e39143ed}] =>Toolbar.Ask [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit [HKLM\Software\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit [HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar C:\Program Files\Vuze_Remote =>Toolbar.Conduit C:\Users\corujinha\AppData\LocalLow\Vuze_Remote =>Toolbar.Conduit ~ Scan Additionnel in 00mn 08s ---\\ Router Hijack DNS (O89) Servidor: UnKnown Address: 192.168.0.1 Nome = www.l.google.com Addresses: 74.125.234.16 74.125.234.18 74.125.234.20 74.125.234.17 74.125.234.19 Aliases: www.google.fr www.google.com ~ Scan DNS in 00mn 02s ---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 28/06/2011 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 04/07/2011 42184 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe SS - | Demand 23/07/2009 69632 | (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe SR - | Auto 23/07/2009 128360 | (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe SR - | Auto 20/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe SR - | Auto 24/07/2009 386560 | (XAudioService) . (.Conexant Systems, Inc..) - C:\Windows\system32\DRIVERS\xaudio.exe ~ Scan Services in 00mn 03s ---\\ Search Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by corujinha at 02/08/2011 22:15:35 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS hal.dll pciide.sys PCIIDEX.SYS atapi.sys 1 ntkrnlpa!IofCallDriver[0x82848912] -> \Device\Harddisk0\DR0[0x86120780] 3 CLASSPNP[0x837A28B3] -> ntkrnlpa!IofCallDriver[0x82848912] -> \Device\Ide\IdeDeviceP0T0L0-0[0x859C7B98] kernel: MBR read successfully user & kernel MBR OK ~ Scan MBR in 00mn 05s End of the scan (1214 lines in 01mn 22s)(0) Le trojan semble s´être envolé, cependant j´attends votre ultime confirmation pour savoir si tout est ok. Encore merci. cozal

Bonjour, Mon PC, qui tourne sous Windows Vista, vient d´être infecté par un trojan js:Banker-j. J´ai l´antivirus avast!, et celui-ci est évidemment impuissant à éliminer le trojan. J´ai téléchargé le logiciel ComboFix, que j´ai exécuté. Voici le rapport : ComboFix 11-07-29.03 - corujinha 30/07/2011 15:43:18.1.2 - x86 Microsoft® Windows Vista™ Business 6.0.6002.2.1252.55.1046.18.2038.869 [GMT -3:00] Executando de: c:\users\corujinha\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\corujinha\AppData\Roaming\Desktopicon c:\users\corujinha\AppData\Roaming\Desktopicon\mc.ico c:\windows\IsUn0416.exe . . (((((((((((((((( Arquivos/Ficheiros criados de 2011-06-28 to 2011-07-30 )))))))))))))))))))))))))))) . . 2011-07-29 11:41 . 2011-07-29 11:41 -------- d-----w- c:\program files\CCleaner 2011-07-29 11:40 . 2011-07-13 03:39 6881616 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{95F044EB-4B29-427C-A79C-9D2475B4B0C9}\mpengine.dll 2011-07-22 11:35 . 2011-07-22 11:35 -------- d-----w- c:\program files\Common Files\Java 2011-07-14 01:16 . 2011-06-02 13:34 2043392 ----a-w- c:\windows\system32\win32k.sys 2011-07-14 01:15 . 2011-04-20 15:55 375808 ----a-w- c:\windows\system32\winsrv.dll 2011-07-14 01:15 . 2011-04-20 15:50 49152 ----a-w- c:\windows\system32\csrsrv.dll 2011-07-13 02:01 . 2011-07-13 02:01 18328 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2011-07-13 02:00 . 2009-09-04 20:44 69464 ----a-w- c:\windows\system32\XAPOFX1_3.dll 2011-07-13 02:00 . 2009-09-04 20:44 515416 ----a-w- c:\windows\system32\XAudio2_5.dll 2011-07-13 02:00 . 2009-09-04 20:29 453456 ----a-w- c:\windows\system32\d3dx10_42.dll . . . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-07-04 11:43 . 2010-10-05 11:53 40112 ----a-w- c:\windows\avastSS.scr 2011-07-04 11:43 . 2009-08-22 01:42 199304 ----a-w- c:\windows\system32\aswBoot.exe 2011-07-04 11:36 . 2011-03-01 12:12 441176 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2011-07-04 11:36 . 2009-08-22 01:42 309848 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-07-04 11:35 . 2009-08-22 01:42 43608 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-07-04 11:32 . 2009-08-22 01:42 25432 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-07-04 11:32 . 2009-08-22 01:42 54104 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2011-07-04 11:32 . 2009-08-22 01:42 19544 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-05-24 22:14 . 2009-10-03 17:47 222080 ------w- c:\windows\system32\MpSigStub.exe 2011-05-13 19:03 . 2011-05-13 19:03 49016 ----a-w- c:\windows\system32\sirenacm.dll 2011-05-13 18:42 . 2011-05-13 18:42 302448 ----a-w- c:\windows\WLXPGSS.SCR 2011-05-04 07:52 . 2010-04-22 17:44 472808 ----a-w- c:\windows\system32\deployJava1.dll 2011-05-02 17:16 . 2011-06-27 00:08 739328 ----a-w- c:\windows\system32\inetcomm.dll 2011-06-27 00:10 . 2011-05-06 01:10 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por padrão não são apresentadas. REGEDIT4 . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448] "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-11-23 3908192] . [HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}] . [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] 2010-11-23 20:55 3908192 ----a-w- c:\program files\ConduitEngine\ConduitEngine.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] 2010-11-23 20:55 3908192 ----a-w- c:\program files\Vuze_Remote\tbVuze.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2010-02-04 19:50 1197448 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448] "{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-11-23 3908192] "{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\ConduitEngine.dll" [2010-11-23 3908192] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] . [HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}] . [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448] "{BA14329E-9550-4989-B3F2-9732E92D17CC}"= "c:\program files\Vuze_Remote\tbVuze.dll" [2010-11-23 3908192] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2011-07-04 11:43 122512 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2011-06-15 15141768] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-07-10 163840] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-10 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-10 170520] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-10 141848] "ITSecMng"="c:\program files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe" [2007-09-28 75136] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-02-26 128296] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-10-15 49152] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Philips Device Listener"="c:\program files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe" [2010-05-27 375296] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2008-3-14 2938184] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S0 MrFilter;EasyWrite Driver; [x] S1 aswSnx;aswSnx; [x] S1 aswSP;aswSP; [x] S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952] S2 aswFsBlk;aswFsBlk; [x] S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-07-04 54104] . . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Conteúdo da pasta 'Tarefas Agendadas' . 2011-07-30 c:\windows\Tasks\User_Feed_Synchronization-{5560F1BD-5211-442D-ADCA-8EE1E2EC9450}.job - c:\windows\system32\msfeedssync.exe [2008-01-21 02:25] . . ------- Scan Suplementar ------- . uStart Page = hxxp://www.bol.com.br/ IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.09\AMVConverter\grab.html IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: E&xportar para o Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.09\MediaManager\grab.html TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\users\corujinha\AppData\Roaming\Mozilla\Firefox\Profiles\hlkv4or2.default\ FF - prefs.js: network.proxy.type - 2 . - - - - ORFÃOS REMOVIDOS - - - - . HKLM-Run-hpqSRMon - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2011-07-30 16:08 Windows 6.0.6002 Service Pack 2 NTFS . Procurando processos ocultos ... . Procurando entradas auto inicializáveis ocultas ... . Procurando ficheiros/arquivos ocultos ... . . c:\users\CORUJI~1\AppData\Local\Temp\catchme.dll 53248 bytes executable C:\## aswSnx private storage . Varredura completada com sucesso arquivos/ficheiros ocultos: 2 . ************************************************************************** . --------------------- CHAVES DO REGISTRO BLOQUEADAS --------------------- . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Tempo para conclusão: 2011-07-30 16:14:30 ComboFix-quarantined-files.txt 2011-07-30 19:14 . Pré-execução: 18.732.507.136 bytes disponíveis Pós execução: 19.285.553.152 bytes disponíveis . Current=1 Default=1 Failed=0 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10 - - End Of File - - EE872539606EF3C2232DC58599A8EA29 Merci d´avance pour votre aide. Cozal