Ir ao conteúdo
  • Cadastre-se
Entre para seguir isso  
Mynamae

Problema ao acessar o google

Recommended Posts

Bom sempre que tento acessar o google, ele pede pra baixar uma atualização.exe, que diz ser uma atualização do Google Defensor ou algo parecido, e eu estou desconfiado dessa suposta atualização, acredito que seja um malware, então queria a ajuda de vocês.

Logs:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 7.0.6000.16386 BrowserJavaVersion: 1.6.0_27

Run by Rafael at 15:39:39 on 2011-10-17

Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1252.55.1046.18.3583.2473 [GMT -3:00]

.

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://br.ask.com/?l=dis&o=14672

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice

mRun: [PlusService] c:\program files\yuna software\messenger plus!\PlusService.exe

mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"

mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe

mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mPolicies-system: EnableLUA = 0 (0x0)

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

TCP: DhcpNameServer = 10.1.1.1

TCP: Interfaces\{829228B5-DC30-4B1D-9AA3-11AEF6EBC96A} : DhcpNameServer = 10.1.1.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GR99D3~1.DLL

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\rafael\appdata\roaming\mozilla\firefox\profiles\wmuhx170.default\

FF - prefs.js: browser.startup.homepage - google.com/firefox

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll

FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll

.

============= SERVICES / DRIVERS ===============

.

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-12-21 115008]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2010-12-21 94872]

R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-12-21 137144]

R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2011-1-12 810144]

R2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\drivers\RtNdPt60.sys [2011-10-5 27648]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-5-20 378472]

S0 OemBiosDevice;Royalty OEM Bios Extension;c:\windows\system32\drivers\royal.sys [2011-10-5 240128]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-10-5 2214504]

S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\drivers\RtTeam60.sys [2011-10-5 35328]

S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.0);c:\windows\system32\drivers\RtVlan60.sys [2011-10-5 19968]

S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\drivers\RtTeam60.sys [2011-10-5 35328]

.

=============== Created Last 30 ================

.

2011-10-14 02:43:57 -------- d-----w- c:\program files\Valve

2011-10-14 02:43:41 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iuser.dll

2011-10-14 02:43:40 724992 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iKernel.dll

2011-10-14 02:43:40 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\ctor.dll

2011-10-14 02:43:40 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\DotNetInstaller.exe

2011-10-14 02:43:40 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iscript.dll

2011-10-14 02:43:37 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\Setup.dll

2011-10-14 02:43:37 184452 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iGdi.dll

2011-10-14 02:31:19 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2011-10-14 02:31:17 773080 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll

2011-10-14 02:31:17 1833944 ----a-w- c:\program files\mozilla firefox\mozjs.dll

2011-10-14 02:31:16 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll

2011-10-14 02:31:16 478168 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll

2011-10-14 02:31:16 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll

2011-10-14 02:31:16 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll

2011-10-14 02:31:15 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll

2011-10-13 04:32:15 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll

2011-10-13 04:32:15 32592 ----a-w- c:\windows\system32\msonpmon.dll

2011-10-13 04:29:07 -------- d-----w- c:\program files\Microsoft Visual Studio 8

2011-10-13 04:28:27 -------- d-----w- c:\users\rafael\appdata\local\Microsoft Help

2011-10-13 03:58:06 2421760 ----a-w- c:\windows\system32\wucltux.dll

2011-10-13 03:57:25 87552 ----a-w- c:\windows\system32\wudriver.dll

2011-10-13 03:57:06 33792 ----a-w- c:\windows\system32\wuapp.exe

2011-10-13 03:57:06 171608 ----a-w- c:\windows\system32\wuwebv.dll

2011-10-13 03:44:59 -------- d-----w- c:\programdata\regid.1986-12.com.adobe

2011-10-13 00:55:15 89600 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\HPZPPLHN.DLL

2011-10-12 21:07:32 -------- d-----w- c:\program files\FreeTime

2011-10-12 18:10:00 -------- d-----w- c:\program files\DsNET Corp

2011-10-10 04:37:40 -------- d-----w- c:\windows\system32\appmgmt

2011-10-10 04:32:46 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-06 00:53:26 -------- d-----w- c:\programdata\Messenger Plus!

2011-10-05 21:33:06 -------- d-----w- c:\program files\Yuna Software

2011-10-05 17:34:50 -------- d-----w- c:\users\rafael\appdata\roaming\2K Sports

2011-10-05 17:31:51 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll

2011-10-05 17:27:15 -------- d-----w- c:\program files\2K Sports

2011-10-05 17:24:56 -------- d-----w- C:\TurbonetMAXX

2011-10-05 17:07:34 -------- d-----w- c:\users\rafael\Tracing

2011-10-05 17:07:22 476904 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

2011-10-05 17:07:22 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-10-05 17:05:30 -------- d-----w- c:\program files\Microsoft

2011-10-05 17:05:13 -------- d-----w- c:\program files\Windows Live SkyDrive

2011-10-05 17:02:11 -------- d-----w- c:\program files\common files\Windows Live

2011-10-05 16:55:40 -------- d-----w- c:\program files\CCleaner

2011-10-05 16:54:20 -------- d-----w- c:\program files\ESET

2011-10-05 16:52:32 168448 ----a-w- c:\windows\system32\unrar.dll

2011-10-05 16:52:31 839680 ----a-w- c:\windows\system32\lameACM.acm

2011-10-05 16:52:31 795648 ----a-w- c:\windows\system32\xvidcore.dll

2011-10-05 16:52:31 217088 ----a-w- c:\windows\system32\yv12vfw.dll

2011-10-05 16:52:31 130048 ----a-w- c:\windows\system32\xvidvfw.dll

2011-10-05 16:52:31 118784 ----a-w- c:\windows\system32\ac3acm.acm

2011-10-05 16:52:30 86016 ----a-w- c:\windows\system32\dpl100.dll

2011-10-05 16:52:30 84480 ----a-w- c:\windows\system32\ff_vfw.dll

2011-10-05 16:52:30 684032 ----a-w- c:\windows\system32\divx.dll

2011-10-05 16:52:30 3596288 ----a-w- c:\windows\system32\qt-dx331.dll

2011-10-05 16:52:29 348160 ----a-w- c:\windows\system32\msvcr71.dll

2011-10-05 16:52:29 -------- d-----w- c:\program files\K-Lite Codec Pack

2011-10-05 16:43:38 66664 ----a-w- c:\windows\system32\nvshext.dll

2011-10-05 16:43:38 2560616 ----a-w- c:\windows\system32\nvsvcr.dll

2011-10-05 16:43:32 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll

2011-10-05 16:43:27 -------- d-----w- c:\programdata\NVIDIA Corporation

2011-10-05 16:41:24 -------- d-----w- c:\windows\nvidia icons

2011-10-05 16:41:15 768544 ----a-w- c:\windows\system32\nvcplui.exe

2011-10-05 16:41:15 420384 ----a-w- c:\windows\system32\nvcpl.cpl

2011-10-05 16:41:15 313888 ----a-w- c:\windows\system32\nvexpbar.dll

2011-10-05 16:41:15 1079840 ----a-w- c:\windows\system32\nvcpluir.dll

2011-10-05 16:40:45 442368 ----a-w- c:\windows\system32\nvudisp.exe

2011-10-05 16:39:48 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll

2011-10-05 16:39:48 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll

2011-10-05 16:39:47 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll

2011-10-05 16:39:47 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe

2011-10-05 16:39:43 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll

2011-10-05 16:39:38 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll

2011-10-05 16:39:37 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll

2011-10-05 16:39:04 442368 ----a-w- c:\windows\system32\NVUNINST.EXE

2011-10-05 16:36:08 -------- d-----w- c:\users\rafael\appdata\local\Adobe

2011-10-05 16:35:21 -------- d-sh--w- c:\windows\Installer

2011-10-05 16:34:49 35328 ----a-r- c:\windows\system32\drivers\RtTeam60.sys

2011-10-05 16:34:46 19968 ----a-r- c:\windows\system32\drivers\RtVlan60.sys

2011-10-05 16:34:42 27648 ----a-r- c:\windows\system32\drivers\RtNdPt60.sys

2011-10-05 16:33:35 73728 ----a-w- c:\windows\system32\RtNicProp32.dll

2011-10-05 16:33:35 164864 ----a-w- c:\windows\system32\drivers\Rtlh86.sys

2011-10-05 16:31:59 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll

2011-10-05 16:31:59 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll

2011-10-05 16:31:16 53248 ----a-r- c:\windows\system32\CSVer.dll

2011-10-05 16:30:53 -------- d-----w- C:\Intel

2011-10-05 16:30:41 7680 ----a-w- c:\windows\system32\drivers\ASACPI.sys

2011-10-05 16:30:30 10296 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS

2011-10-05 16:27:26 240128 ----a-w- c:\windows\system32\drivers\royal.sys

2011-10-05 16:22:12 -------- d-sh--we c:\program files\common files\Sistema

2011-10-05 16:22:11 -------- d-sh--we c:\programdata\Modelos

2011-10-05 16:22:11 -------- d-sh--we c:\programdata\Menu Iniciar

2011-10-05 16:22:11 -------- d-sh--we c:\programdata\Favoritos

2011-10-05 16:22:11 -------- d-sh--we c:\programdata\Documentos

2011-10-05 16:22:11 -------- d-sh--we c:\programdata\Dados de aplicativos

2011-10-05 16:22:11 -------- d-sh--we c:\program files\Arquivos Comuns

2011-10-05 16:22:11 -------- d-sh--we C:\Arquivos de programas

2011-10-05 16:17:27 -------- d-----w- c:\windows\system32\catroot2

2011-10-05 16:15:05 -------- d-----w- c:\windows\Panther

2011-10-05 16:14:52 -------- d-sh--w- C:\Boot

.

==================== Find3M ====================

.

2011-10-05 16:32:20 319456 ----a-w- c:\windows\DIFxAPI.dll

.

============= FINISH: 15:40:13,27 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Ultimate

Boot Device: \Device\HarddiskVolume4

Install Date: 05/10/2011 13:19:19

System Uptime: 17/10/2011 15:38:21 (0 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P5KPL/EPU

Processor: Intel® Core2 Duo CPU E7300 @ 2.66GHz | Socket 775 | 2128/266mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 78 GiB total, 40,827 GiB free.

D: is FIXED (NTFS) - 149 GiB total, 49,366 GiB free.

E: is FIXED (NTFS) - 75 GiB total, 74,437 GiB free.

F: is FIXED (NTFS) - 71 GiB total, 67,393 GiB free.

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP32: 12/10/2011 16:33:19 - Removed Ask Toolbar.

RP33: 13/10/2011 00:56:49 - Windows Update

RP35: 13/10/2011 01:27:54 - Installed Microsoft Office Enterprise 2007

RP37: 13/10/2011 23:43:45 - ??????????? Counter-Strike 1.6

RP38: 14/10/2011 16:46:00 - Ponto de Verificação Agendado

RP39: 15/10/2011 16:45:33 - Ponto de Verificação Agendado

RP40: 16/10/2011 18:50:51 - Ponto de Verificação Agendado

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Community Help

Adobe Flash Player 11 Plugin

Adobe Media Player

Adobe Photoshop CS5

Adobe Reader 8.1.1

Arquivo do WinRAR

Assistente de Conexão do Windows Live

µTorrent

Atualizações da NVIDIA 1.3.5

aTube Catcher

CCleaner

Counter-Strike 1.6

Diagnostic Utility

ESET NOD32 Antivirus

Ferramenta de Carregamento do Windows Live

FormatFactory 2.70

Java Auto Updater

Java 6 Update 27

K-Lite Codec Pack 4.8.5 (Full)

Messenger Plus! 5

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Mozilla Firefox 7.0.1 (x86 pt-BR)

MSVCRT

NBA 2K12

NVIDIA 3D Vision Controller Driver

NVIDIA Driver de controle do 3D Vision 275.33

NVIDIA Driver de gráficos 275.33

NVIDIA Driver do 3D Vision 275.33

NVIDIA Install Application

NVIDIA PhysX

NVIDIA Software do sistema PhysX 9.10.0514

NVIDIA Stereoscopic 3D Driver

NVIDIA Update Components

Painel de controle da NVIDIA 275.33

PDF Settings CS5

Realtek 8136 8168 8169 Ethernet Driver

Realtek High Definition Audio Driver

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Media Player Firefox Plugin

.

==== End Of File ===========================

Compartilhar este post


Link para o post
Compartilhar em outros sites

Olá

Desculpe a demora :)

Se ainda precisa de ajuda refaça os logs, pois preciso dos mesmos com datas atualizadas: Leia Antes de Postar - Criando um novo Tópico

ATENÇÃO 1: Não precisa abrir um novo tópico, coloque os novos logs neste mesmo tópico, obrigado!

ATENÇÃO 2: Não edite seu tópico, use o botão responder, obrigado!

ATENÇÃO 3: Não coloque os logs entre TAGS, obrigado!

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

DDS:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 7.0.6000.16386 BrowserJavaVersion: 1.6.0_27

Run by Rafael at 18:49:10 on 2011-10-19

Microsoft® Windows Vista™ Ultimate 6.0.6000.0.1252.55.1046.18.3583.2428 [GMT -3:00]

.

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\conime.exe

C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://br.ask.com/?l=dis&o=14672

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice

mRun: [PlusService] c:\program files\yuna software\messenger plus!\PlusService.exe

mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"

mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe

mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mPolicies-system: EnableLUA = 0 (0x0)

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

TCP: DhcpNameServer = 10.1.1.1

TCP: Interfaces\{829228B5-DC30-4B1D-9AA3-11AEF6EBC96A} : DhcpNameServer = 10.1.1.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GR99D3~1.DLL

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\rafael\appdata\roaming\mozilla\firefox\profiles\wmuhx170.default\

FF - prefs.js: browser.startup.homepage - google.com/firefox

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll

FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll

FF - plugin: c:\users\rafael\appdata\roaming\mozilla\plugins\npoctoshape.dll

.

============= SERVICES / DRIVERS ===============

.

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2010-12-21 115008]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2010-12-21 94872]

R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-12-21 137144]

R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2011-1-12 810144]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-10-5 2214504]

R2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\drivers\RtNdPt60.sys [2011-10-5 27648]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-5-20 378472]

S0 OemBiosDevice;Royalty OEM Bios Extension;c:\windows\system32\drivers\royal.sys [2011-10-5 240128]

S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\drivers\RtTeam60.sys [2011-10-5 35328]

S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.0);c:\windows\system32\drivers\RtVlan60.sys [2011-10-5 19968]

S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\drivers\RtTeam60.sys [2011-10-5 35328]

.

=============== Created Last 30 ================

.

2011-10-20 01:15:15 -------- d-----w- c:\users\rafael\appdata\roaming\Malwarebytes

2011-10-20 01:15:11 -------- d-----w- c:\programdata\Malwarebytes

2011-10-20 01:15:07 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-10-20 01:15:07 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-10-19 16:53:11 -------- d-----w- c:\users\rafael\appdata\local\Octoshape

2011-10-19 02:38:47 -------- d-----w- c:\users\rafael\appdata\roaming\Octoshape

2011-10-18 23:59:40 -------- d-----w- c:\program files\Sony

2011-10-18 02:27:29 -------- d-----w- c:\users\rafael\appdata\local\Sony

2011-10-18 02:15:33 -------- d-----w- c:\program files\Sony Setup

2011-10-14 02:43:57 -------- d-----w- c:\program files\Valve

2011-10-14 02:43:41 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iuser.dll

2011-10-14 02:43:40 724992 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iKernel.dll

2011-10-14 02:43:40 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\ctor.dll

2011-10-14 02:43:40 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\DotNetInstaller.exe

2011-10-14 02:43:40 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iscript.dll

2011-10-14 02:43:37 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\Setup.dll

2011-10-14 02:43:37 184452 ----a-w- c:\program files\common files\installshield\professional\runtime\09\00\intel32\iGdi.dll

2011-10-14 02:31:19 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

2011-10-14 02:31:17 773080 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll

2011-10-14 02:31:17 1833944 ----a-w- c:\program files\mozilla firefox\mozjs.dll

2011-10-14 02:31:16 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll

2011-10-14 02:31:16 478168 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll

2011-10-14 02:31:16 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll

2011-10-14 02:31:16 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll

2011-10-14 02:31:15 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll

2011-10-13 04:32:15 33104 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\msonpppr.dll

2011-10-13 04:32:15 32592 ----a-w- c:\windows\system32\msonpmon.dll

2011-10-13 04:29:07 -------- d-----w- c:\program files\Microsoft Visual Studio 8

2011-10-13 04:28:27 -------- d-----w- c:\users\rafael\appdata\local\Microsoft Help

2011-10-13 03:58:06 2421760 ----a-w- c:\windows\system32\wucltux.dll

2011-10-13 03:57:25 87552 ----a-w- c:\windows\system32\wudriver.dll

2011-10-13 03:57:06 33792 ----a-w- c:\windows\system32\wuapp.exe

2011-10-13 03:57:06 171608 ----a-w- c:\windows\system32\wuwebv.dll

2011-10-13 03:44:59 -------- d-----w- c:\programdata\regid.1986-12.com.adobe

2011-10-13 00:55:15 89600 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\HPZPPLHN.DLL

2011-10-12 21:07:32 -------- d-----w- c:\program files\FreeTime

2011-10-12 18:10:00 -------- d-----w- c:\program files\DsNET Corp

2011-10-10 04:37:40 -------- d-----w- c:\windows\system32\appmgmt

2011-10-10 04:32:46 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-10-06 00:53:26 -------- d-----w- c:\programdata\Messenger Plus!

2011-10-05 21:33:06 -------- d-----w- c:\program files\Yuna Software

2011-10-05 17:34:50 -------- d-----w- c:\users\rafael\appdata\roaming\2K Sports

2011-10-05 17:31:51 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll

2011-10-05 17:27:15 -------- d-----w- c:\program files\2K Sports

2011-10-05 17:24:56 -------- d-----w- C:\TurbonetMAXX

2011-10-05 17:07:34 -------- d-----w- c:\users\rafael\Tracing

2011-10-05 17:07:22 476904 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll

2011-10-05 17:07:22 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-10-05 17:05:30 -------- d-----w- c:\program files\Microsoft

2011-10-05 17:05:13 -------- d-----w- c:\program files\Windows Live SkyDrive

2011-10-05 17:02:11 -------- d-----w- c:\program files\common files\Windows Live

2011-10-05 16:55:40 -------- d-----w- c:\program files\CCleaner

2011-10-05 16:54:20 -------- d-----w- c:\program files\ESET

2011-10-05 16:52:32 168448 ----a-w- c:\windows\system32\unrar.dll

2011-10-05 16:52:31 839680 ----a-w- c:\windows\system32\lameACM.acm

2011-10-05 16:52:31 795648 ----a-w- c:\windows\system32\xvidcore.dll

2011-10-05 16:52:31 217088 ----a-w- c:\windows\system32\yv12vfw.dll

2011-10-05 16:52:31 130048 ----a-w- c:\windows\system32\xvidvfw.dll

2011-10-05 16:52:31 118784 ----a-w- c:\windows\system32\ac3acm.acm

2011-10-05 16:52:30 86016 ----a-w- c:\windows\system32\dpl100.dll

2011-10-05 16:52:30 84480 ----a-w- c:\windows\system32\ff_vfw.dll

2011-10-05 16:52:30 684032 ----a-w- c:\windows\system32\divx.dll

2011-10-05 16:52:30 3596288 ----a-w- c:\windows\system32\qt-dx331.dll

2011-10-05 16:52:29 348160 ----a-w- c:\windows\system32\msvcr71.dll

2011-10-05 16:52:29 -------- d-----w- c:\program files\K-Lite Codec Pack

2011-10-05 16:43:38 66664 ----a-w- c:\windows\system32\nvshext.dll

2011-10-05 16:43:38 2560616 ----a-w- c:\windows\system32\nvsvcr.dll

2011-10-05 16:43:32 543336 ----a-w- c:\windows\system32\easyupdatusapiu.dll

2011-10-05 16:43:27 -------- d-----w- c:\programdata\NVIDIA Corporation

2011-10-05 16:41:24 -------- d-----w- c:\windows\nvidia icons

2011-10-05 16:41:15 768544 ----a-w- c:\windows\system32\nvcplui.exe

2011-10-05 16:41:15 420384 ----a-w- c:\windows\system32\nvcpl.cpl

2011-10-05 16:41:15 313888 ----a-w- c:\windows\system32\nvexpbar.dll

2011-10-05 16:41:15 1079840 ----a-w- c:\windows\system32\nvcpluir.dll

2011-10-05 16:40:45 442368 ----a-w- c:\windows\system32\nvudisp.exe

2011-10-05 16:39:48 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll

2011-10-05 16:39:48 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll

2011-10-05 16:39:47 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll

2011-10-05 16:39:47 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe

2011-10-05 16:39:43 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll

2011-10-05 16:39:38 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll

2011-10-05 16:39:37 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll

2011-10-05 16:39:04 442368 ----a-w- c:\windows\system32\NVUNINST.EXE

2011-10-05 16:36:08 -------- d-----w- c:\users\rafael\appdata\local\Adobe

2011-10-05 16:35:21 -------- d-sh--w- c:\windows\Installer

2011-10-05 16:34:49 35328 ----a-r- c:\windows\system32\drivers\RtTeam60.sys

2011-10-05 16:34:46 19968 ----a-r- c:\windows\system32\drivers\RtVlan60.sys

2011-10-05 16:34:42 27648 ----a-r- c:\windows\system32\drivers\RtNdPt60.sys

2011-10-05 16:33:35 73728 ----a-w- c:\windows\system32\RtNicProp32.dll

2011-10-05 16:33:35 164864 ----a-w- c:\windows\system32\drivers\Rtlh86.sys

2011-10-05 16:31:59 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\setup.dll

2011-10-05 16:31:59 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\intel32\iGdi.dll

2011-10-05 16:31:16 53248 ----a-r- c:\windows\system32\CSVer.dll

2011-10-05 16:30:53 -------- d-----w- C:\Intel

2011-10-05 16:30:41 7680 ----a-w- c:\windows\system32\drivers\ASACPI.sys

2011-10-05 16:30:30 10296 ----a-w- c:\windows\system32\drivers\ASUSHWIO.SYS

2011-10-05 16:27:26 240128 ----a-w- c:\windows\system32\drivers\royal.sys

2011-10-05 16:22:12 -------- d-sh--we c:\program files\common files\Sistema

2011-10-05 16:22:11 -------- d-sh--we c:\programdata\Modelos

2011-10-05 16:22:11 -------- d-sh--we c:\programdata\Menu Iniciar

2011-10-05 16:22:11 -------- d-sh--we c:\programdata\Favoritos

2011-10-05 16:22:11 -------- d-sh--we c:\programdata\Documentos

2011-10-05 16:22:11 -------- d-sh--we c:\programdata\Dados de aplicativos

2011-10-05 16:22:11 -------- d-sh--we c:\program files\Arquivos Comuns

2011-10-05 16:22:11 -------- d-sh--we C:\Arquivos de programas

2011-10-05 16:17:27 -------- d-----w- c:\windows\system32\catroot2

2011-10-05 16:15:05 -------- d-----w- c:\windows\Panther

2011-10-05 16:14:52 -------- d-sh--w- C:\Boot

.

==================== Find3M ====================

.

2011-10-05 16:32:20 319456 ----a-w- c:\windows\DIFxAPI.dll

.

============= FINISH: 18:49:21,07 ===============

Attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft® Windows Vista™ Ultimate

Boot Device: \Device\HarddiskVolume4

Install Date: 05/10/2011 13:19:19

System Uptime: 19/10/2011 18:15:38 (0 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P5KPL/EPU

Processor: Intel® Core2 Duo CPU E7300 @ 2.66GHz | Socket 775 | 2660/266mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 78 GiB total, 39,687 GiB free.

D: is FIXED (NTFS) - 149 GiB total, 49,209 GiB free.

E: is FIXED (NTFS) - 75 GiB total, 74,437 GiB free.

F: is FIXED (NTFS) - 71 GiB total, 67,393 GiB free.

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP39: 15/10/2011 16:45:33 - Ponto de Verificação Agendado

RP40: 16/10/2011 18:50:51 - Ponto de Verificação Agendado

RP41: 17/10/2011 16:18:36 - Ponto de Verificação Agendado

RP42: 17/10/2011 23:15:44 - Instalado Microsoft Visual C++ 2005 Redistributable

RP43: 17/10/2011 23:19:00 - Installed Vegas Movie Studio Platinum 9.0

RP44: 18/10/2011 20:52:05 - Removed Vegas Movie Studio Platinum 9.0

RP45: 18/10/2011 20:59:04 - Installed Vegas Pro 9.0

.

==== Installed Programs ======================

.

Adobe AIR

Adobe Community Help

Adobe Flash Player 11 Plugin

Adobe Media Player

Adobe Photoshop CS5

Adobe Reader 8.1.1

Arquivo do WinRAR

Assistente de Conexão do Windows Live

µTorrent

Atualizações da NVIDIA 1.3.5

aTube Catcher

CCleaner

Counter-Strike 1.6

Diagnostic Utility

ESET NOD32 Antivirus

Ferramenta de Carregamento do Windows Live

FormatFactory 2.70

Java Auto Updater

Java 6 Update 27

K-Lite Codec Pack 4.8.5 (Full)

Malwarebytes' Anti-Malware versão 1.51.2.1300

Messenger Plus! 5

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Mozilla Firefox 7.0.1 (x86 pt-BR)

MSVCRT

NBA 2K12

NVIDIA 3D Vision Controller Driver

NVIDIA Driver de controle do 3D Vision 275.33

NVIDIA Driver de gráficos 275.33

NVIDIA Driver do 3D Vision 275.33

NVIDIA Install Application

NVIDIA PhysX

NVIDIA Software do sistema PhysX 9.10.0514

NVIDIA Stereoscopic 3D Driver

NVIDIA Update Components

Octoshape Streaming Services

Painel de controle da NVIDIA 275.33

PDF Settings CS5

Realtek 8136 8168 8169 Ethernet Driver

Realtek High Definition Audio Driver

Vegas Pro 9.0

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Media Player Firefox Plugin

.

==== End Of File ===========================

Gmer:

GMER 1.0.15.15641 - http://www.gmer.net

Rootkit scan 2011-10-19 18:42:46

Windows 6.0.6000 Harddisk2\DR2 -> \Device\Ide\IdeDeviceP2T1L0-5 SAMSUNG_HD161GJ rev.1AC01118

Running: gmer.exe; Driver: C:\Users\Rafael\AppData\Local\Temp\uwlyqpow.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwAssignProcessToJobObject [0x8FC22610]

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDebugActiveProcess [0x8FC22C10]

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwDuplicateObject [0x8FC22730]

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwOpenProcess [0x8FC224B0]

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwProtectVirtualMemory [0x8FC226D0]

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwQueueApcThread [0x8FC22790]

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetContextThread [0x8FC22690]

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSetInformationThread [0x8FC22650]

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendProcess [0x8FC22510]

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwSuspendThread [0x8FC22590]

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateProcess [0x8FC224D0]

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwTerminateThread [0x8FC225D0]

SSDT \SystemRoot\system32\DRIVERS\ehdrv.sys (ESET Helper driver/ESET) ZwWriteVirtualMemory [0x8FC22750]

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwCallbackReturn + 73C 81C80AB8 4 Bytes [90, 26, C2, 8F]

? C:\Users\Rafael\AppData\Local\Temp\mbr.sys O sistema não pode encontrar o arquivo especificado. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe[2588] kernel32.dll!SetUnhandledExceptionFilter 76F2D187 4 Bytes [C2, 04, 00, 00]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\system32\SearchProtocolHost.exe[3644] @ C:\Windows\system32\ole32.dll [uSER32.dll!DialogBoxParamW] [7122D52B] C:\Windows\AppPatch\AcSpecfc.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Windows\system32\SearchProtocolHost.exe[3644] @ C:\Windows\system32\SHLWAPI.dll [uSER32.dll!DialogBoxParamW] [7122D52B] C:\Windows\AppPatch\AcSpecfc.DLL (Windows Compatibility DLL/Microsoft Corporation)

IAT C:\Windows\system32\SearchProtocolHost.exe[3644] @ C:\Windows\system32\SHELL32.dll [uSER32.dll!DialogBoxParamW] [7122D52B] C:\Windows\AppPatch\AcSpecfc.DLL (Windows Compatibility DLL/Microsoft Corporation)

---- Devices - GMER 1.0.15 ----

AttachedDevice \Driver\tdx \Device\Tcp epfwtdir.sys (ESET Antivirus Network Redirector/ESET)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro(a) Mynamae

Recomendo que salve este tópico em seus Favoritos para facilitar na hora de encontrá-lo.

Por favor, atente para o seguinte:

  • Caso fique sem resposta durante 3 dias, me envie uma Mensagem Privada (MP);
  • O que será passado aqui, somente será com relação ao problema do seu computador portanto, não faça mais em nenhum outro;
  • Siga, por favor, atentamente as instruções passadas e em caso de dúvidas não hesite em perguntá-las;
  • Sempre coloque suas respostas neste tópico... Não abra outro!
  • Procure sempre me manter informado, durante a remoção, sobre o que acontece com seu computador.
  • Observação: Não tome outra medida além das passadas aqui; atente para que, caso peça ajuda em outro fórum, não deixe de nos informar, sob risco de desconfigurar seu computador!

# Etapa nº 1 #

Faça o download do TFC by OldTimer e salve em seu desktop.

Link Alternativo

  • Você deve estar logado como usuário Administrador (caso só tenha um usuário, não é necessário);
  • Feche todos os programa, incluindo navegadores (desconectar da net);
  • Clique duas vezes no ícone 4142006374_3925f886cc_o.gif
  • Clique em executar;
  • Clique no botão 4141248971_25f34a3f85_o.jpg para começar o processo de limpeza;
  • Não interrompa;

Importante:
se o TFC pedir para reiniciar faça; caso não também faça para que a limpeza seja completada!

# Etapa nº 2 #

Faça o donwload do OTL by OldTimer e salve em seu Desktop.

  • Clique duas vezes no ícone 3984478580_7ed4cabc45_o.gif
  • Deixe a tela principal configurada conforme figura abaixo:

5369448421_6bf795eb1a_b.jpg

  • Copie e cole o conteúdo abaixo, no espaço logo após 5369460409_ee749edc8e_m.jpg
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dl
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
/md5stop

  • Clique no botão 5370056362_e3d07d5d8a_m.jpg
  • Não interrompa o scan em hipótese alguma;
  • Quando terminar será gerado dois logs: OTL.txt e Extras.txt;
  • Reinicie o computador;
  • Poste os dois logs em sua próxima resposta.
  • Não exclua o OTL

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

OTL:

OTL logfile created on: 20/10/2011 18:58:13 - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Rafael\Desktop

Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6000.16386)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

3,50 Gb Total Physical Memory | 2,73 Gb Available Physical Memory | 77,94% Memory free

7,16 Gb Paging File | 6,46 Gb Available in Paging File | 90,13% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 78,12 Gb Total Space | 40,27 Gb Free Space | 51,54% Space Free | Partition Type: NTFS

Drive D: | 149,04 Gb Total Space | 49,21 Gb Free Space | 33,02% Space Free | Partition Type: NTFS

Drive E: | 74,53 Gb Total Space | 74,44 Gb Free Space | 99,88% Space Free | Partition Type: NTFS

Drive F: | 70,92 Gb Total Space | 67,39 Gb Free Space | 95,02% Space Free | Partition Type: NTFS

Computer Name: RAFAEL-PC | User Name: Rafael | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/20 18:52:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rafael\Desktop\OTL.exe

PRC - [2011/09/20 12:39:48 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe

PRC - [2011/05/25 04:25:02 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Arquivos de programas\NVIDIA Corporation\Display\nvxdsync.exe

PRC - [2011/05/25 04:24:56 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Arquivos de programas\NVIDIA Corporation\Display\nvtray.exe

PRC - [2011/05/20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Arquivos de programas\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

PRC - [2011/01/12 16:41:24 | 002,219,184 | ---- | M] (ESET) -- C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe

PRC - [2006/11/02 09:33:08 | 001,196,032 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Sidebar\sidebar.exe

PRC - [2006/11/02 09:32:25 | 001,004,136 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Defender\MSASCui.exe

PRC - [2006/11/02 06:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2006/10/27 00:47:42 | 000,031,016 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

========== Modules (No Company Name) ==========

MOD - [2009/08/16 17:06:04 | 000,141,312 | ---- | M] () -- C:\Arquivos de programas\WinRAR\RarExt.dll

========== Win32 Services (SafeList) ==========

SRV - [2011/05/25 04:24:45 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2011/05/20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2011/01/12 16:44:02 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)

SRV - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)

SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2006/11/02 09:32:25 | 000,263,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de Programas\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011/10/05 13:27:26 | 000,240,128 | ---- | M] (PARADOX) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\royal.sys -- (OemBiosDevice)

DRV - [2011/05/25 04:24:42 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2010/12/21 15:04:06 | 000,137,144 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)

DRV - [2010/12/21 15:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)

DRV - [2010/12/21 13:47:38 | 000,094,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\epfwtdir.sys -- (epfwtdir)

DRV - [2009/05/25 03:50:44 | 000,164,864 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)

DRV - [2008/10/23 23:54:44 | 000,035,328 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtTeam60.sys -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0)

DRV - [2008/10/23 23:54:44 | 000,035,328 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0)

DRV - [2007/12/10 23:50:20 | 000,027,648 | R--- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\RtNdPt60.sys -- (RtNdPt60)

DRV - [2007/12/02 23:19:42 | 000,019,968 | R--- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.0)

DRV - [2006/10/18 02:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2576660725-3699909911-2840743539-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://br.ask.com/?l=dis&o=14672

IE - HKU\S-1-5-21-2576660725-3699909911-2840743539-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-2576660725-3699909911-2840743539-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "Ask.com"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "google.com/firefox"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Rafael\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/14 21:31:56 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/13 23:31:15 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/10/05 13:54:20 | 000,000,000 | ---D | M]

[2011/10/05 14:04:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafael\AppData\Roaming\mozilla\Extensions

[2011/10/12 16:34:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafael\AppData\Roaming\mozilla\Firefox\Profiles\wmuhx170.default\extensions

[2011/10/12 16:32:27 | 000,002,401 | ---- | M] () -- C:\Users\Rafael\AppData\Roaming\Mozilla\Firefox\Profiles\wmuhx170.default\searchplugins\askcom.xml

[2011/10/13 23:31:19 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de Programas\Mozilla Firefox\extensions

[2011/10/05 14:07:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Arquivos de Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

[2011/10/10 01:36:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Arquivos de Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

[2011/10/14 21:31:56 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011/07/19 05:05:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2011/09/22 22:38:46 | 000,001,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\buscape.xml

[2011/09/22 22:38:46 | 000,001,212 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mercadolivre.xml

[2011/09/22 22:38:46 | 000,001,168 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-br.xml

[2011/09/22 22:38:46 | 000,000,952 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-br.xml

O1 HOSTS File: ([2011/10/13 00:46:12 | 000,001,360 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O1 - Hosts: 127.0.0.1 adobeereg.com

O1 - Hosts: 127.0.0.1 activate.adobe.com

O1 - Hosts: 127.0.0.1 practivate.adobe.com

O1 - Hosts: 127.0.0.1 ereg.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com

O1 - Hosts: 127.0.0.1 wip3.adobe.com

O1 - Hosts: 127.0.0.1 3dns 3.adobe.com-

O1 - Hosts: 127.0.0.1 3dns 2.adobe.com-

O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com

O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com

O1 - Hosts: 127.0.0.1 ativar sea.adobe.com-

O1 - Hosts: 127.0.0.1 WWIS-dubc1 vip60.adobe.com-

O1 - Hosts: 127.0.0.1 ativar sjc0.adobe.com-

O1 - Hosts: 127.0.0.1 WWIS-dubc1 vip60.adobe.com-

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de Programas\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de Programas\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)

O4 - HKLM..\Run: [PlusService] C:\Arquivos de Programas\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)

O4 - HKLM..\Run: [switchBoard] C:\Arquivos de Programas\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-2576660725-3699909911-2840743539-1001..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de Programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de Programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{829228B5-DC30-4B1D-9AA3-11AEF6EBC96A}: DhcpNameServer = 10.1.1.1

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de Programas\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Rafael\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel de Parede da Galeria de Fotos do Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Rafael\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel de Parede da Galeria de Fotos do Windows.jpg

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 18:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2011/10/05 12:41:58 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla - File not found

NetSvcs: Ntmssvc - File not found

NetSvcs: NWCWorkstation - File not found

NetSvcs: Nwsapagent - File not found

NetSvcs: SRService - File not found

NetSvcs: WmdmPmSp - File not found

NetSvcs: LogonHours - File not found

NetSvcs: PCAudit - File not found

NetSvcs: helpsvc - File not found

NetSvcs: uploadmgr - File not found

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus estender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: NTDS - File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus estender - Driver Group

SafeBootMin: WinDefend - C:\Arquivos de Programas\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus estender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS - File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus estender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: WinDefend - C:\Arquivos de Programas\Windows Defender\MpSvc.dll (Microsoft Corporation)

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {49C187D7-91E1-459E-9759-2925384BD397} - .NET Framework

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)

Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)

Drivers32: VIDC.DIVX - C:\Windows\System32\divx.dll (DivX, Inc.)

Drivers32: VIDC.FFDS - C:\Windows\System32\ff_vfw.dll ()

Drivers32: VIDC.FMVC - C:\Windows\System32\fmcodec.DLL (Fox Magic Software)

Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()

Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)

========== Files/Folders - Created Within 30 Days ==========

[2011/10/20 18:52:53 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Rafael\Desktop\OTL.exe

[2011/10/20 18:50:04 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\Rafael\Desktop\TFC.exe

[2011/10/19 22:15:15 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Malwarebytes

[2011/10/19 22:15:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/10/19 22:15:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/10/19 22:15:07 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011/10/19 22:15:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/10/19 21:05:43 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Microsoft Games

[2011/10/19 13:53:11 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Octoshape

[2011/10/18 23:38:49 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Octoshape Streaming Services

[2011/10/18 23:38:47 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Octoshape

[2011/10/18 21:00:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

[2011/10/18 21:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony

[2011/10/18 20:59:40 | 000,000,000 | ---D | C] -- C:\Program Files\Sony

[2011/10/17 23:29:33 | 000,000,000 | ---D | C] -- C:\Users\Rafael\Desktop\Logs

[2011/10/17 23:27:33 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Publish Providers

[2011/10/17 23:27:29 | 000,000,000 | ---D | C] -- C:\Users\Rafael\Documents\Vegas Movie Studio PE 9.0 Projects

[2011/10/17 23:27:29 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Sony

[2011/10/17 23:27:29 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Sony

[2011/10/17 23:15:33 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Setup

[2011/10/17 15:39:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2011/10/15 21:55:56 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2011/10/13 23:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\Valve

[2011/10/13 01:32:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

[2011/10/13 01:32:15 | 000,032,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll

[2011/10/13 01:31:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works

[2011/10/13 01:31:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio

[2011/10/13 01:31:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER

[2011/10/13 01:30:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET

[2011/10/13 01:29:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8

[2011/10/13 01:28:27 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Microsoft Help

[2011/10/13 01:28:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office

[2011/10/13 01:28:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help

[2011/10/13 01:28:00 | 000,000,000 | RH-D | C] -- C:\MSOCache

[2011/10/13 00:58:06 | 002,421,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll

[2011/10/13 00:58:06 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll

[2011/10/13 00:57:25 | 000,575,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll

[2011/10/13 00:57:25 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll

[2011/10/13 00:57:25 | 000,035,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll

[2011/10/13 00:57:06 | 000,171,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll

[2011/10/13 00:57:06 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe

[2011/10/13 00:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe

[2011/10/13 00:20:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe

[2011/10/13 00:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player

[2011/10/13 00:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR

[2011/10/12 18:08:08 | 000,000,000 | ---D | C] -- C:\Users\Rafael\Documents\FFOutput

[2011/10/12 18:08:07 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll

[2011/10/12 18:07:40 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory

[2011/10/12 18:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime

[2011/10/12 15:10:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher

[2011/10/12 15:10:00 | 000,000,000 | ---D | C] -- C:\Program Files\DsNET Corp

[2011/10/11 22:56:51 | 000,000,000 | ---D | C] -- C:\Users\Rafael\Documents\Meus arquivos recebidos

[2011/10/10 01:37:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt

[2011/10/10 01:36:34 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2011/10/10 01:36:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2011/10/10 01:36:34 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2011/10/10 01:32:46 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2011/10/05 23:54:43 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\WinRAR

[2011/10/05 21:53:52 | 000,000,000 | ---D | C] -- C:\Users\Rafael\Documents\Messenger Plus

[2011/10/05 21:53:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Messenger Plus!

[2011/10/05 18:33:06 | 000,000,000 | ---D | C] -- C:\Program Files\Yuna Software

[2011/10/05 14:34:50 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\2K Sports

[2011/10/05 14:32:58 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent

[2011/10/05 14:32:44 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\uTorrent

[2011/10/05 14:32:44 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\uTorrent

[2011/10/05 14:32:13 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll

[2011/10/05 14:32:13 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll

[2011/10/05 14:32:13 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll

[2011/10/05 14:32:12 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll

[2011/10/05 14:32:12 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll

[2011/10/05 14:32:12 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll

[2011/10/05 14:32:12 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll

[2011/10/05 14:32:12 | 000,069,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll

[2011/10/05 14:32:12 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll

[2011/10/05 14:32:11 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll

[2011/10/05 14:32:11 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll

[2011/10/05 14:32:11 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll

[2011/10/05 14:32:11 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll

[2011/10/05 14:32:10 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll

[2011/10/05 14:32:10 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll

[2011/10/05 14:32:10 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll

[2011/10/05 14:32:10 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll

[2011/10/05 14:32:10 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll

[2011/10/05 14:32:10 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll

[2011/10/05 14:32:09 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll

[2011/10/05 14:32:09 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll

[2011/10/05 14:32:09 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll

[2011/10/05 14:32:09 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll

[2011/10/05 14:32:09 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll

[2011/10/05 14:32:08 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll

[2011/10/05 14:32:08 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll

[2011/10/05 14:32:08 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll

[2011/10/05 14:32:08 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll

[2011/10/05 14:32:07 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll

[2011/10/05 14:32:07 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll

[2011/10/05 14:32:07 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll

[2011/10/05 14:32:07 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll

[2011/10/05 14:32:07 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll

[2011/10/05 14:32:07 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll

[2011/10/05 14:32:06 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll

[2011/10/05 14:32:06 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll

[2011/10/05 14:32:06 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll

[2011/10/05 14:32:05 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll

[2011/10/05 14:32:05 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll

[2011/10/05 14:32:05 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll

[2011/10/05 14:32:05 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll

[2011/10/05 14:32:04 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll

[2011/10/05 14:32:04 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll

[2011/10/05 14:32:04 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll

[2011/10/05 14:32:04 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll

[2011/10/05 14:32:04 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll

[2011/10/05 14:32:03 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll

[2011/10/05 14:32:03 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll

[2011/10/05 14:32:02 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll

[2011/10/05 14:32:02 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll

[2011/10/05 14:32:02 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll

[2011/10/05 14:32:01 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll

[2011/10/05 14:32:01 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll

[2011/10/05 14:32:01 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll

[2011/10/05 14:32:01 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll

[2011/10/05 14:32:00 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll

[2011/10/05 14:32:00 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll

[2011/10/05 14:32:00 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll

[2011/10/05 14:32:00 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll

[2011/10/05 14:32:00 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll

[2011/10/05 14:31:59 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll

[2011/10/05 14:31:59 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll

[2011/10/05 14:31:59 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll

[2011/10/05 14:31:53 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll

[2011/10/05 14:31:53 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll

[2011/10/05 14:31:53 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll

[2011/10/05 14:31:52 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll

[2011/10/05 14:31:51 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll

[2011/10/05 14:31:51 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll

[2011/10/05 14:31:51 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll

[2011/10/05 14:31:50 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll

[2011/10/05 14:31:50 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll

[2011/10/05 14:31:14 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2K Sports

[2011/10/05 14:27:15 | 000,000,000 | ---D | C] -- C:\Program Files\2K Sports

[2011/10/05 14:24:56 | 000,000,000 | ---D | C] -- C:\TurbonetMAXX

[2011/10/05 14:07:34 | 000,000,000 | ---D | C] -- C:\Users\Rafael\Tracing

[2011/10/05 14:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2011/10/05 14:07:22 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2011/10/05 14:06:35 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Macromedia

[2011/10/05 14:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft

[2011/10/05 14:05:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft

[2011/10/05 14:05:13 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive

[2011/10/05 14:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live

[2011/10/05 14:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live

[2011/10/05 14:04:42 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH

[2011/10/05 14:04:07 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Mozilla

[2011/10/05 14:04:07 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Mozilla

[2011/10/05 14:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2011/10/05 14:03:29 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Adobe

[2011/10/05 14:02:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live

[2011/10/05 13:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2011/10/05 13:55:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011/10/05 13:54:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET

[2011/10/05 13:54:20 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET

[2011/10/05 13:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2011/10/05 13:52:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack

[2011/10/05 13:52:31 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm

[2011/10/05 13:52:31 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll

[2011/10/05 13:52:31 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm

[2011/10/05 13:52:30 | 000,684,032 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx.dll

[2011/10/05 13:52:30 | 000,086,016 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\dpl100.dll

[2011/10/05 13:52:29 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack

[2011/10/05 13:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2011/10/05 13:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2011/10/05 13:51:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed

[2011/10/05 13:50:53 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

[2011/10/05 13:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

[2011/10/05 13:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2011/10/05 13:47:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

[2011/10/05 13:44:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2011/10/05 13:43:38 | 002,560,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll

[2011/10/05 13:43:38 | 000,066,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll

[2011/10/05 13:43:32 | 000,543,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\easyupdatusapiu.dll

[2011/10/05 13:43:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2011/10/05 13:42:54 | 016,456,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll

[2011/10/05 13:42:54 | 006,555,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll

[2011/10/05 13:42:54 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2011/10/05 13:42:53 | 011,992,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll

[2011/10/05 13:42:53 | 010,589,800 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys

[2011/10/05 13:42:53 | 005,301,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll

[2011/10/05 13:42:53 | 002,804,328 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll

[2011/10/05 13:42:53 | 002,082,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll

[2011/10/05 13:42:53 | 000,899,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3220150.dll

[2011/10/05 13:42:53 | 000,865,896 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco322090.dll

[2011/10/05 13:42:52 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll

[2011/10/05 13:42:52 | 002,335,848 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll

[2011/10/05 13:42:52 | 000,012,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd

[2011/10/05 13:42:31 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

[2011/10/05 13:42:12 | 000,000,000 | ---D | C] -- C:\NVIDIA

[2011/10/05 13:41:24 | 000,000,000 | ---D | C] -- C:\Windows\nvidia icons

[2011/10/05 13:41:15 | 001,079,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpluir.dll

[2011/10/05 13:41:15 | 000,768,544 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcplui.exe

[2011/10/05 13:41:15 | 000,420,384 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.cpl

[2011/10/05 13:41:15 | 000,313,888 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvexpbar.dll

[2011/10/05 13:40:45 | 000,442,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvudisp.exe

[2011/10/05 13:39:04 | 000,442,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\NVUNINST.EXE

[2011/10/05 13:36:08 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Adobe

[2011/10/05 13:35:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe

[2011/10/05 13:35:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2011/10/05 13:35:55 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe

[2011/10/05 13:35:21 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

[2011/10/05 13:34:49 | 000,035,328 | R--- | C] (Realtek Corporation) -- C:\Windows\System32\drivers\RtTeam60.sys

[2011/10/05 13:34:46 | 000,019,968 | R--- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\RtVlan60.sys

[2011/10/05 13:34:42 | 000,027,648 | R--- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\RtNdPt60.sys

[2011/10/05 13:34:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek

[2011/10/05 13:33:35 | 000,164,864 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys

[2011/10/05 13:32:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM

[2011/10/05 13:32:20 | 000,319,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll

[2011/10/05 13:32:18 | 001,784,352 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll

[2011/10/05 13:32:18 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll

[2011/10/05 13:32:18 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll

[2011/10/05 13:32:18 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll

[2011/10/05 13:32:18 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll

[2011/10/05 13:32:17 | 002,897,440 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll

[2011/10/05 13:32:17 | 001,157,664 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll

[2011/10/05 13:32:17 | 000,326,176 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll

[2011/10/05 13:32:17 | 000,048,672 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll

[2011/10/05 13:32:14 | 000,551,456 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl

[2011/10/05 13:32:13 | 001,933,312 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll

[2011/10/05 13:32:13 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll

[2011/10/05 13:32:13 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll

[2011/10/05 13:32:13 | 000,159,744 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll

[2011/10/05 13:32:12 | 000,159,232 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\FMAPO.dll

[2011/10/05 13:32:12 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll

[2011/10/05 13:32:11 | 000,142,848 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll

[2011/10/05 13:32:11 | 000,125,952 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll

[2011/10/05 13:32:11 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek

[2011/10/05 13:32:10 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information

[2011/10/05 13:32:02 | 000,540,672 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll

[2011/10/05 13:32:02 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp

[2011/10/05 13:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield

[2011/10/05 13:31:16 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll

[2011/10/05 13:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\Intel

[2011/10/05 13:30:53 | 000,000,000 | ---D | C] -- C:\Intel

[2011/10/05 13:27:26 | 000,240,128 | ---- | C] (PARADOX) -- C:\Windows\System32\drivers\royal.sys

[2011/10/05 13:24:33 | 000,000,000 | R--D | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2011/10/05 13:24:33 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Searches

[2011/10/05 13:24:33 | 000,000,000 | R--D | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2011/10/05 13:24:25 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Identities

[2011/10/05 13:24:24 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Contacts

[2011/10/05 13:24:24 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\VirtualStore

[2011/10/05 13:24:21 | 000,000,000 | --SD | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Videos

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Saved Games

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Pictures

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Music

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Links

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Favorites

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Downloads

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Documents

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Desktop

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\AppData\Local\Temporary Internet Files

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\SendTo

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Recent

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Modelos

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Documents\Minhas músicas

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Documents\Minhas imagens

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Documents\Meus vídeos

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Meus documentos

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Menu Iniciar

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\AppData\Local\Histórico

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Dados de aplicativos

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\AppData\Local\Dados de aplicativos

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Cookies

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Configurações locais

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Ambiente de rede

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Ambiente de impressão

[2011/10/05 13:24:21 | 000,000,000 | -H-D | C] -- C:\Users\Rafael\AppData

[2011/10/05 13:24:21 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Temp

[2011/10/05 13:24:21 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Microsoft

[2011/10/05 13:24:21 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Media Center Programs

[2011/10/05 13:22:12 | 000,000,000 | -HSD | C] -- C:\Program Files\Common Files\Sistema

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelos

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas músicas

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas imagens

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Meus vídeos

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Iniciar

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritos

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documentos

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dados de aplicativos

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\Arquivos de programas

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\Program Files\Arquivos Comuns

[2011/10/05 13:18:33 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2011/10/05 13:17:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2

[2011/10/05 13:17:18 | 000,000,000 | ---D | C] -- C:\Windows\Debug

[2011/10/05 13:17:18 | 000,000,000 | ---D | C] -- C:\Windows\CSC

[2011/10/05 13:16:03 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

[2011/10/05 13:15:05 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[2011/10/05 13:14:52 | 000,000,000 | -HSD | C] -- C:\Boot

[2011/10/05 09:25:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2011/10/20 18:56:20 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/10/20 18:56:20 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/10/20 18:56:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/10/20 18:56:13 | 3757,236,224 | -HS- | M] () -- C:\hiberfil.sys

[2011/10/20 18:53:34 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/10/20 18:53:34 | 000,505,400 | ---- | M] () -- C:\Windows\System32\prfh0416.dat

[2011/10/20 18:53:34 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/10/20 18:53:34 | 000,082,780 | ---- | M] () -- C:\Windows\System32\prfc0416.dat

[2011/10/20 18:52:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rafael\Desktop\OTL.exe

[2011/10/20 18:50:08 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\Rafael\Desktop\TFC.exe

[2011/10/19 22:15:11 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/10/18 21:07:49 | 000,011,776 | ---- | M] () -- C:\Users\Rafael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/10/18 21:00:22 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\Vegas Pro 9.0.lnk

[2011/10/13 23:43:57 | 000,001,451 | ---- | M] () -- C:\Users\Public\Desktop\Counter-Strike 1.6.lnk

[2011/10/13 23:31:19 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011/10/13 01:45:58 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf

[2011/10/13 01:36:28 | 003,725,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/10/13 00:58:06 | 002,421,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll

[2011/10/13 00:58:06 | 000,044,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll

[2011/10/13 00:57:25 | 000,575,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll

[2011/10/13 00:57:25 | 000,087,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll

[2011/10/13 00:57:25 | 000,035,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll

[2011/10/13 00:57:06 | 000,171,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll

[2011/10/13 00:57:06 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe

[2011/10/13 00:46:12 | 000,001,360 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.msn

[2011/10/13 00:46:12 | 000,001,360 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2011/10/12 18:07:40 | 000,000,991 | ---- | M] () -- C:\Users\Rafael\Desktop\Format Factory.lnk

[2011/10/12 15:10:39 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk

[2011/10/12 02:12:24 | 000,000,284 | ---- | M] () -- C:\sqmnoopt00.sqm

[2011/10/10 01:32:46 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl

[2011/10/05 22:04:48 | 000,001,645 | ---- | M] () -- C:\Users\Rafael\Desktop\Musics.lnk

[2011/10/05 14:51:28 | 000,000,959 | ---- | M] () -- C:\Users\Rafael\Desktop\Windows Live Messenger.lnk

[2011/10/05 14:33:01 | 000,000,752 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk

[2011/10/05 14:31:14 | 000,000,951 | ---- | M] () -- C:\Users\Rafael\Desktop\NBA 2K12.lnk

[2011/10/05 13:55:40 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011/10/05 13:32:20 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll

[2011/10/05 13:30:44 | 000,016,115 | ---- | M] () -- C:\Windows\Ascd_tmp.ini

[2011/10/05 13:30:33 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini

[2011/10/05 13:29:51 | 000,000,680 | ---- | M] () -- C:\Users\Rafael\AppData\Local\d3d9caps.dat

[2011/10/05 13:27:26 | 000,240,128 | ---- | M] (PARADOX) -- C:\Windows\System32\drivers\royal.sys

[2011/10/05 13:19:16 | 000,051,585 | ---- | M] () -- C:\Windows\System32\license.rtf

[2011/10/05 13:19:16 | 000,000,354 | RHS- | M] () -- C:\boot.ini

========== Files Created - No Company Name ==========

[2011/10/19 22:15:11 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011/10/18 21:00:22 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\Vegas Pro 9.0.lnk

[2011/10/13 23:43:57 | 000,001,451 | ---- | C] () -- C:\Users\Public\Desktop\Counter-Strike 1.6.lnk

[2011/10/13 23:31:19 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2011/10/13 00:23:02 | 000,001,000 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk

[2011/10/13 00:22:13 | 000,000,962 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk

[2011/10/13 00:21:50 | 000,001,055 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk

[2011/10/13 00:20:25 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk

[2011/10/13 00:20:18 | 000,001,308 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk

[2011/10/13 00:19:22 | 000,000,874 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk

[2011/10/12 18:07:40 | 000,000,991 | ---- | C] () -- C:\Users\Rafael\Desktop\Format Factory.lnk

[2011/10/12 15:10:39 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk

[2011/10/12 02:12:24 | 000,000,284 | ---- | C] () -- C:\sqmnoopt00.sqm

[2011/10/05 22:04:25 | 000,001,645 | ---- | C] () -- C:\Users\Rafael\Desktop\Musics.lnk

[2011/10/05 22:04:21 | 000,011,776 | ---- | C] () -- C:\Users\Rafael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/10/05 14:51:28 | 000,000,959 | ---- | C] () -- C:\Users\Rafael\Desktop\Windows Live Messenger.lnk

[2011/10/05 14:33:01 | 000,000,752 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk

[2011/10/05 14:31:14 | 000,000,951 | ---- | C] () -- C:\Users\Rafael\Desktop\NBA 2K12.lnk

[2011/10/05 14:04:05 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011/10/05 13:55:40 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011/10/05 13:52:32 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2011/10/05 13:52:31 | 000,795,648 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2011/10/05 13:52:31 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2011/10/05 13:52:31 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml

[2011/10/05 13:52:31 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2011/10/05 13:52:30 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll

[2011/10/05 13:52:30 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2011/10/05 13:42:53 | 000,004,364 | ---- | C] () -- C:\Windows\System32\nvinfo.pb

[2011/10/05 13:40:42 | 000,008,360 | ---- | C] () -- C:\Windows\System32\nvdisp.nvu

[2011/10/05 13:35:58 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk

[2011/10/05 13:33:35 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

[2011/10/05 13:30:41 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

[2011/10/05 13:30:33 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

[2011/10/05 13:30:31 | 000,016,115 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

[2011/10/05 13:30:30 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS

[2011/10/05 13:24:34 | 000,000,949 | ---- | C] () -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2011/10/05 13:24:33 | 000,000,944 | ---- | C] () -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

[2011/10/05 13:24:24 | 000,000,915 | ---- | C] () -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

[2011/10/05 13:24:22 | 000,000,680 | ---- | C] () -- C:\Users\Rafael\AppData\Local\d3d9caps.dat

[2011/10/05 13:20:56 | 3757,236,224 | -HS- | C] () -- C:\hiberfil.sys

[2011/10/05 13:14:52 | 000,438,840 | RHS- | C] () -- C:\bootmgr

[2011/10/05 09:28:26 | 000,000,354 | RHS- | C] () -- C:\boot.ini

[2011/05/20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe

[2006/11/05 22:25:34 | 000,505,400 | ---- | C] () -- C:\Windows\System32\prfh0416.dat

[2006/11/05 22:25:34 | 000,318,818 | ---- | C] () -- C:\Windows\System32\prfi0416.dat

[2006/11/05 22:25:34 | 000,082,780 | ---- | C] () -- C:\Windows\System32\prfc0416.dat

[2006/11/05 22:25:34 | 000,037,412 | ---- | C] () -- C:\Windows\System32\prfd0416.dat

[2006/11/02 09:55:52 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006/11/02 09:46:27 | 003,725,608 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006/11/02 09:34:29 | 000,063,488 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

[2006/11/02 09:34:23 | 000,080,010 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en

[2006/11/02 09:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 07:33:01 | 000,609,944 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006/11/02 07:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006/11/02 07:33:01 | 000,103,726 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006/11/02 07:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006/11/02 07:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll

[2006/11/02 07:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006/11/02 05:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006/11/02 05:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006/11/02 04:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006/11/02 04:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2006/11/02 04:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2006/11/02 04:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

========== LOP Check ==========

[2011/10/05 14:34:50 | 000,000,000 | ---D | M] -- C:\Users\Rafael\AppData\Roaming\2K Sports

[2011/10/18 23:38:47 | 000,000,000 | ---D | M] -- C:\Users\Rafael\AppData\Roaming\Octoshape

[2011/10/17 23:27:33 | 000,000,000 | ---D | M] -- C:\Users\Rafael\AppData\Roaming\Publish Providers

[2011/10/18 21:05:42 | 000,000,000 | ---D | M] -- C:\Users\Rafael\AppData\Roaming\Sony

[2011/10/13 23:31:44 | 000,000,000 | ---D | M] -- C:\Users\Rafael\AppData\Roaming\uTorrent

[2011/10/20 18:55:11 | 000,014,236 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< MD5 for: ATAPI.SYS >

[2006/11/02 06:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\drivers\atapi.sys

[2006/11/02 06:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys

< MD5 for: CNGAUDIT.DLL >

[2006/11/02 06:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll

[2006/11/02 06:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: NETLOGON.DLL >

[2006/11/02 06:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll

[2006/11/02 06:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll

< MD5 for: NVSTOR.SYS >

[2006/11/02 06:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys

[2006/11/02 06:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys

< MD5 for: SCECLI.DLL >

[2006/11/02 06:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll

[2006/11/02 06:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll

< End of report >

Compartilhar este post


Link para o post
Compartilhar em outros sites

Extras:

OTL Extras logfile created on: 20/10/2011 18:58:13 - Run 1

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Rafael\Desktop

Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6000.16386)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

3,50 Gb Total Physical Memory | 2,73 Gb Available Physical Memory | 77,94% Memory free

7,16 Gb Paging File | 6,46 Gb Available in Paging File | 90,13% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 78,12 Gb Total Space | 40,27 Gb Free Space | 51,54% Space Free | Partition Type: NTFS

Drive D: | 149,04 Gb Total Space | 49,21 Gb Free Space | 33,02% Space Free | Partition Type: NTFS

Drive E: | 74,53 Gb Total Space | 74,44 Gb Free Space | 99,88% Space Free | Partition Type: NTFS

Drive F: | 70,92 Gb Total Space | 67,39 Gb Free Space | 95,02% Space Free | Partition Type: NTFS

Computer Name: RAFAEL-PC | User Name: Rafael | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-2576660725-3699909911-2840743539-1000\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\S-1-5-21-2576660725-3699909911-2840743539-1000]

"EnableNotifications" = 0

"EnableNotificationsRef" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{3280FFB7-EA2E-44E2-B296-257A44B8C989}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

"{CCDFFFCD-BA17-4436-BC8D-6B98948F56C8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

"{FE7DE875-CA82-489F-9CBE-49EEFA2786F8}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0B0670E2-2A73-4F44-A901-311A9D74E6EF}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{1A15AB2D-27FA-4A7A-A1A0-5033B66FF1E2}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |

"{2A8A509B-98D5-45E8-AB21-9EA372427D08}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |

"{31325A32-D564-4E14-A46C-AF5AB5BB97E8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{4984959F-0846-4D8D-B823-FCA162833E55}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe |

"{6E4A8652-4E81-4E8F-A421-44FAAD5B26E1}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{A80FDA4E-C7EE-48EA-B368-4E8BE2F48190}" = protocol=6 | dir=in | app=c:\program files\2k sports\nba 2k12\nba2k12.exe |

"{D76F7B93-5424-4695-896A-E0353AD52B5A}" = protocol=17 | dir=in | app=c:\program files\2k sports\nba 2k12\nba2k12.exe |

"{E1F0F388-C834-4DB6-84FC-38DA2F7CCE73}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"TCP Query User{10E14F17-4EDB-480A-B759-54ACDCD0B038}C:\users\rafael\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=6 | dir=in | app=c:\users\rafael\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |

"TCP Query User{98E013A8-4AE6-4C2A-9B35-FFCD7377AE64}C:\program files\valve\hl.exe" = protocol=6 | dir=in | app=c:\program files\valve\hl.exe |

"UDP Query User{93386726-D201-4A48-A620-503076E000FA}C:\program files\valve\hl.exe" = protocol=17 | dir=in | app=c:\program files\valve\hl.exe |

"UDP Query User{AF56C246-5368-4E4C-B1FF-AB9B5099FEB7}C:\users\rafael\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe" = protocol=17 | dir=in | app=c:\users\rafael\appdata\roaming\octoshape\octoshape streaming services\octoshapeclient.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{04E9B02B-4F85-4B73-B865-27B9B8B35877}" = NBA 2K12

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{0FFEA8EE-7BC7-4C9D-8CC6-5B8C891BA3F2}" = Windows Live Essentials

"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java 6 Update 27

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}" = Assistente de Conexão do Windows Live

"{590035D9-BFA0-406A-A7F0-479C72C0DDB2}" = Windows Live Call

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{7236672F-6430-439E-9B27-27EDEAF1D676}" = Diagnostic Utility

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver

"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007

"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

"{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}" = Counter-Strike 1.6

"{9ADC3E4F-34DA-48CD-8727-BB26D90257BD}" = Windows Live Messenger

"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR

"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5

"{AC76BA86-7AD7-1033-7B44-A81100000003}" = Adobe Reader 8.1.1

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA Driver do 3D Vision 275.33

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = Painel de controle da NVIDIA 275.33

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Driver de gráficos 275.33

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA Driver de controle do 3D Vision 275.33

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA Software do sistema PhysX 9.10.0514

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = Atualizações da NVIDIA 1.3.5

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{DC785DB7-D389-48C3-B146-96FE99BF4E2B}" = Vegas Pro 9.0

"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player

"{E99BF4BB-E0D7-4A79-8D21-327AC1AE499D}" = ESET NOD32 Antivirus

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"Adobe AIR" = Adobe AIR

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"aTube Catcher" = aTube Catcher

"CCleaner" = CCleaner

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player

"ENTERPRISE" = Microsoft Office Enterprise 2007

"FormatFactory" = FormatFactory 2.70

"KLiteCodecPack_is1" = K-Lite Codec Pack 4.8.5 (Full)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware versão 1.51.2.1300

"Messenger Plus!" = Messenger Plus! 5

"Mozilla Firefox 7.0.1 (x86 pt-BR)" = Mozilla Firefox 7.0.1 (x86 pt-BR)

"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"uTorrent" = µTorrent

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = Arquivo do WinRAR

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2576660725-3699909911-2840743539-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Octoshape Streaming Services" = Octoshape Streaming Services

========== Last 10 Event Log Errors ==========

[ Application Events ]

Error - 05/10/2011 13:32:13 | Computer Name = Rafael-PC | Source = System Restore | ID = 8193

Description =

Error - 06/10/2011 22:11:36 | Computer Name = Rafael-PC | Source = Application Hang | ID = 1002

Description = O programa nba2k12.exe versão 1.0.1.1 parou de interagir com o Windows

e foi fechado. Para saber se há mais informações disponíveis sobre o problema,

verifique o histórico do problema no painel de controle Relatórios de Problemas

e Soluções. ID do Processo: ba8 Hora de Início: 01cc84965b96c4b0 Hora de Término: 9

Error - 13/10/2011 00:27:54 | Computer Name = Rafael-PC | Source = VSS | ID = 8194

Description =

Error - 13/10/2011 22:43:45 | Computer Name = Rafael-PC | Source = VSS | ID = 8194

Description =

Error - 19/10/2011 17:48:43 | Computer Name = Rafael-PC | Source = VSS | ID = 12298

Description =

Error - 19/10/2011 17:51:19 | Computer Name = Rafael-PC | Source = System Restore | ID = 8193

Description =

Error - 19/10/2011 17:51:19 | Computer Name = Rafael-PC | Source = System Restore | ID = 8210

Description =

Error - 19/10/2011 17:53:44 | Computer Name = Rafael-PC | Source = VSS | ID = 12298

Description =

Error - 19/10/2011 17:28:29 | Computer Name = Rafael-PC | Source = Perflib | ID = 1008

Description =

Error - 19/10/2011 17:28:29 | Computer Name = Rafael-PC | Source = Perflib | ID = 1010

Description =

[ System Events ]

Error - 18/10/2011 19:28:26 | Computer Name = Rafael-PC | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a Placa de Rede com endereço

de rede 90E6BACCEF72 foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

Error - 19/10/2011 12:50:30 | Computer Name = Rafael-PC | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a Placa de Rede com endereço

de rede 90E6BACCEF72 foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

Error - 19/10/2011 17:10:28 | Computer Name = Rafael-PC | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a Placa de Rede com endereço

de rede 90E6BACCEF72 foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

Error - 19/10/2011 17:48:27 | Computer Name = Rafael-PC | Source = volsnap | ID = 393224

Description = A operação de gravações para mover e manter no volume C: expirou durante

a espera por um comando de gravações de liberação.

Error - 19/10/2011 17:53:43 | Computer Name = Rafael-PC | Source = volsnap | ID = 393224

Description = A operação de gravações para mover e manter no volume C: expirou durante

a espera por um comando de gravações de liberação.

Error - 19/10/2011 17:15:55 | Computer Name = Rafael-PC | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a Placa de Rede com endereço

de rede 90E6BACCEF72 foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

Error - 19/10/2011 20:04:07 | Computer Name = Rafael-PC | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a Placa de Rede com endereço

de rede 90E6BACCEF72 foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

Error - 19/10/2011 20:05:23 | Computer Name = Rafael-PC | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a Placa de Rede com endereço

de rede 90E6BACCEF72 foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

Error - 20/10/2011 17:47:10 | Computer Name = Rafael-PC | Source = Dhcp | ID = 1002

Description = A concessão 10.1.1.2 do endereço IP para a Placa de Rede com endereço

de rede 90E6BACCEF72 foi negada pelo servidor DHCP 10.1.1.1 (O servidor DHCP enviou

uma mensagem DHCPNACK).

Error - 20/10/2011 17:54:41 | Computer Name = Rafael-PC | Source = Service Control Manager | ID = 7034

Description =

< End of report >

Desculpe o Double Post, mas não consegui postar os 2 logs em um único post!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro Mynamae

Novamente com o OTL

  • Clique duas vezes no ícone 3984478580_7ed4cabc45_o.gif
  • Copie e cole o conteúdo abaixo, no espaço logo após 5369460409_ee749edc8e_m.jpg

:OTL
IE - HKU\S-1-5-21-2576660725-3699909911-2840743539-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://br.ask.com/?l=dis&o=14672
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
[2011/10/12 16:32:27 | 000,002,401 | ---- | M] () -- C:\Users\Rafael\AppData\Roaming\Mozilla\Firefox\Pr ofiles\wmuhx170.default\searchplugins\askcom.xml

:Commands
[purity]
[emptyflash]
[resethosts]
[createrestorepoint]
[emptytemp]

  • Clique no botão 5370056394_358505935a_m.jpg
  • Quando reiniciar vai aparecer uma janela, clique em executar;
  • Salve (arquivo > salvar como) o log no desktop com um nome que desejar;
  • Atenção: se fechar o log sem ter salvo antes ele sumirá.
  • Abra novamente o OTL e clique no botão 5370056476_bf9f840a51_m.jpg
  • Não interrompa o scan em hipótese algum;
  • Quando terminar será gerado o OTL.txt;
  • Poste então em sua próxima resposta o log gerado.

Observação: Se por acaso perder o log depois do reinício do computador você poderá acessá-lo na pasta C:\_OTL\Moved Files

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

OTL:

OTL logfile created on: 24/10/2011 13:20:41 - Run 2

OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Rafael\Desktop\Hardware

Windows Vista Ultimate Edition (Version = 6.0.6000) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6000.16386)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

3,50 Gb Total Physical Memory | 2,54 Gb Available Physical Memory | 72,58% Memory free

7,16 Gb Paging File | 6,37 Gb Available in Paging File | 88,88% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 78,12 Gb Total Space | 43,16 Gb Free Space | 55,24% Space Free | Partition Type: NTFS

Drive D: | 149,04 Gb Total Space | 49,21 Gb Free Space | 33,02% Space Free | Partition Type: NTFS

Drive E: | 74,53 Gb Total Space | 74,44 Gb Free Space | 99,88% Space Free | Partition Type: NTFS

Drive F: | 70,92 Gb Total Space | 67,39 Gb Free Space | 95,02% Space Free | Partition Type: NTFS

Computer Name: RAFAEL-PC | User Name: Rafael | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/21 12:20:03 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Arquivos de programas\Lavasoft\Ad-Aware\AAWTray.exe

PRC - [2011/10/21 12:20:02 | 002,151,640 | ---- | M] (Lavasoft Limited) -- C:\Arquivos de programas\Lavasoft\Ad-Aware\AAWService.exe

PRC - [2011/10/20 18:52:58 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Rafael\Desktop\Hardware\OTL.exe

PRC - [2011/09/20 12:39:48 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Arquivos de programas\Yuna Software\Messenger Plus!\PlusService.exe

PRC - [2011/08/09 16:40:34 | 000,763,224 | ---- | M] (IObit) -- C:\Arquivos de programas\IObit\Advanced SystemCare 4\PMonitor.exe

PRC - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) -- C:\Arquivos de programas\IObit\Advanced SystemCare 4\ASCService.exe

PRC - [2011/05/25 04:25:02 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Arquivos de programas\NVIDIA Corporation\Display\nvxdsync.exe

PRC - [2011/05/25 04:24:56 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Arquivos de programas\NVIDIA Corporation\Display\nvtray.exe

PRC - [2011/05/20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Arquivos de programas\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) -- C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\ekrn.exe

PRC - [2011/01/12 16:41:24 | 002,219,184 | ---- | M] (ESET) -- C:\Arquivos de programas\ESET\ESET NOD32 Antivirus\egui.exe

PRC - [2006/11/02 09:33:08 | 001,196,032 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Sidebar\sidebar.exe

PRC - [2006/11/02 06:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2006/10/27 00:47:42 | 000,031,016 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe

========== Modules (No Company Name) ==========

========== Win32 Services (SafeList) ==========

SRV - [2011/10/21 12:20:02 | 002,151,640 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)

SRV - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) [Auto | Running] -- C:\Arquivos de Programas\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)

SRV - [2011/05/25 04:24:45 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Arquivos de Programas\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2011/05/20 22:35:16 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Arquivos de Programas\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2011/01/12 16:44:02 | 000,033,584 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)

SRV - [2011/01/12 16:41:42 | 000,810,144 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)

SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2006/11/02 09:32:25 | 000,263,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Arquivos de Programas\Windows Defender\MpSvc.dll -- (WinDefend)

========== Driver Services (SafeList) ==========

DRV - [2011/10/05 13:27:26 | 000,240,128 | ---- | M] (PARADOX) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\royal.sys -- (OemBiosDevice)

DRV - [2011/08/18 15:25:12 | 000,064,512 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\Lbd.sys -- (Lbd)

DRV - [2011/08/18 15:25:12 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Arquivos de Programas\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)

DRV - [2011/05/25 04:24:42 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2010/12/21 15:04:06 | 000,137,144 | ---- | M] (ESET) [File_System | Auto | Running] -- C:\Windows\System32\drivers\eamonm.sys -- (eamonm)

DRV - [2010/12/21 15:04:06 | 000,115,008 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\ehdrv.sys -- (ehdrv)

DRV - [2010/12/21 13:47:38 | 000,094,872 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\System32\drivers\epfwtdir.sys -- (epfwtdir)

DRV - [2009/05/25 03:50:44 | 000,164,864 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)

DRV - [2008/10/23 23:54:44 | 000,035,328 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtTeam60.sys -- (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0)

DRV - [2008/10/23 23:54:44 | 000,035,328 | R--- | M] (Realtek Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtTeam60.sys -- (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0)

DRV - [2007/12/10 23:50:20 | 000,027,648 | R--- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\RtNdPt60.sys -- (RtNdPt60)

DRV - [2007/12/02 23:19:42 | 000,019,968 | R--- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtVlan60.sys -- (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.0)

DRV - [2006/10/18 02:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: ""

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.order.1: ""

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "google.com/firefox"

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}:6.0.27

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@octoshape.com/Octoshape Streaming Services,version=1.0: C:\Users\Rafael\AppData\Roaming\Octoshape\Octoshape Streaming Services\sua-1101262-0-npoctoshape.dll (Octoshape ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/14 21:31:56 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/10/13 23:31:15 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2011/10/05 13:54:20 | 000,000,000 | ---D | M]

[2011/10/05 14:04:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafael\AppData\Roaming\mozilla\Extensions

[2011/10/12 16:34:02 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rafael\AppData\Roaming\mozilla\Firefox\Profiles\wmuhx170.default\extensions

[2011/10/12 16:32:27 | 000,002,401 | ---- | M] () -- C:\Users\Rafael\AppData\Roaming\Mozilla\Firefox\Profiles\wmuhx170.default\searchplugins\askcom.xml

[2011/10/13 23:31:19 | 000,000,000 | ---D | M] (No name found) -- C:\Arquivos de Programas\Mozilla Firefox\extensions

[2011/10/05 14:07:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Arquivos de Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

[2011/10/10 01:36:35 | 000,000,000 | ---D | M] (Java Console) -- C:\Arquivos de Programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

[2011/10/14 21:31:56 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011/07/19 05:05:25 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2011/09/22 22:38:46 | 000,001,027 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\buscape.xml

[2011/09/22 22:38:46 | 000,001,212 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\mercadolivre.xml

[2011/09/22 22:38:46 | 000,001,168 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-br.xml

[2011/09/22 22:38:46 | 000,000,952 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-br.xml

O1 HOSTS File: ([2011/10/24 13:18:22 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de Programas\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de Programas\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de Programas\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)

O4 - HKLM..\Run: [PlusService] C:\Arquivos de Programas\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)

O4 - HKLM..\Run: [switchBoard] C:\Arquivos de Programas\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de Programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de Programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{829228B5-DC30-4B1D-9AA3-11AEF6EBC96A}: DhcpNameServer = 10.1.1.1

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de Programas\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Users\Rafael\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel de Parede da Galeria de Fotos do Windows.jpg

O24 - Desktop BackupWallPaper: C:\Users\Rafael\AppData\Roaming\Microsoft\Windows Photo Gallery\Papel de Parede da Galeria de Fotos do Windows.jpg

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 18:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2011/10/05 12:41:58 | 000,000,000 | ---- | M] () - F:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (lsdelete)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/24 13:18:21 | 000,000,000 | ---D | C] -- C:\_OTL

[2011/10/22 22:42:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

[2011/10/22 22:40:53 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Google

[2011/10/22 22:40:53 | 000,000,000 | ---D | C] -- C:\Program Files\Google

[2011/10/21 15:42:31 | 000,000,000 | ---D | C] -- C:\Users\Rafael\Desktop\Hardware

[2011/10/21 12:20:22 | 000,101,720 | ---- | C] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys

[2011/10/21 12:17:49 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\Windows\System32\drivers\Lbd.sys

[2011/10/21 12:17:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE

[2011/10/21 12:17:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft

[2011/10/21 12:17:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft

[2011/10/21 12:17:38 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft

[2011/10/21 12:12:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 4

[2011/10/21 12:12:41 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\IObit

[2011/10/21 12:12:39 | 000,000,000 | ---D | C] -- C:\Program Files\IObit

[2011/10/19 22:15:15 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Malwarebytes

[2011/10/19 22:15:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011/10/19 22:15:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011/10/19 22:15:07 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2011/10/19 22:15:07 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2011/10/19 21:05:43 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Microsoft Games

[2011/10/19 13:53:11 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Octoshape

[2011/10/18 23:38:49 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Octoshape Streaming Services

[2011/10/18 23:38:47 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Octoshape

[2011/10/18 21:00:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

[2011/10/18 21:00:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony

[2011/10/18 20:59:40 | 000,000,000 | ---D | C] -- C:\Program Files\Sony

[2011/10/17 23:27:33 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Publish Providers

[2011/10/17 23:27:29 | 000,000,000 | ---D | C] -- C:\Users\Rafael\Documents\Vegas Movie Studio PE 9.0 Projects

[2011/10/17 23:27:29 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Sony

[2011/10/17 23:27:29 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Sony

[2011/10/17 23:15:33 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Setup

[2011/10/17 15:39:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump

[2011/10/15 21:55:56 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2011/10/13 23:43:57 | 000,000,000 | ---D | C] -- C:\Program Files\Valve

[2011/10/13 01:32:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

[2011/10/13 01:31:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works

[2011/10/13 01:31:04 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio

[2011/10/13 01:31:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER

[2011/10/13 01:30:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET

[2011/10/13 01:29:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio 8

[2011/10/13 01:28:27 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Microsoft Help

[2011/10/13 01:28:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office

[2011/10/13 01:28:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help

[2011/10/13 01:28:00 | 000,000,000 | RH-D | C] -- C:\MSOCache

[2011/10/13 00:44:59 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe

[2011/10/13 00:20:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe

[2011/10/13 00:20:54 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe Media Player

[2011/10/13 00:19:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe AIR

[2011/10/12 18:08:08 | 000,000,000 | ---D | C] -- C:\Users\Rafael\Documents\FFOutput

[2011/10/12 18:08:07 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll

[2011/10/12 18:07:40 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory

[2011/10/12 18:07:32 | 000,000,000 | ---D | C] -- C:\Program Files\FreeTime

[2011/10/12 15:10:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher

[2011/10/12 15:10:00 | 000,000,000 | ---D | C] -- C:\Program Files\DsNET Corp

[2011/10/11 22:56:51 | 000,000,000 | ---D | C] -- C:\Users\Rafael\Documents\Meus arquivos recebidos

[2011/10/10 01:37:40 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt

[2011/10/05 23:54:43 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\WinRAR

[2011/10/05 21:53:52 | 000,000,000 | ---D | C] -- C:\Users\Rafael\Documents\Messenger Plus

[2011/10/05 21:53:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Messenger Plus!

[2011/10/05 18:33:06 | 000,000,000 | ---D | C] -- C:\Program Files\Yuna Software

[2011/10/05 14:34:50 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\2K Sports

[2011/10/05 14:32:58 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent

[2011/10/05 14:32:44 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\uTorrent

[2011/10/05 14:32:44 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\uTorrent

[2011/10/05 14:31:14 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2K Sports

[2011/10/05 14:27:15 | 000,000,000 | ---D | C] -- C:\Program Files\2K Sports

[2011/10/05 14:24:56 | 000,000,000 | ---D | C] -- C:\TurbonetMAXX

[2011/10/05 14:07:34 | 000,000,000 | ---D | C] -- C:\Users\Rafael\Tracing

[2011/10/05 14:07:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2011/10/05 14:06:35 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Macromedia

[2011/10/05 14:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft

[2011/10/05 14:05:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft

[2011/10/05 14:05:13 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live SkyDrive

[2011/10/05 14:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live

[2011/10/05 14:04:58 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live

[2011/10/05 14:04:42 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH

[2011/10/05 14:04:07 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Mozilla

[2011/10/05 14:04:07 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Mozilla

[2011/10/05 14:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox

[2011/10/05 14:03:29 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Adobe

[2011/10/05 14:02:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live

[2011/10/05 13:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2011/10/05 13:55:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011/10/05 13:54:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET

[2011/10/05 13:54:20 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET

[2011/10/05 13:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2011/10/05 13:52:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack

[2011/10/05 13:52:31 | 000,839,680 | ---- | C] (http://www.mp3dev.org/) -- C:\Windows\System32\lameACM.acm

[2011/10/05 13:52:31 | 000,217,088 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll

[2011/10/05 13:52:31 | 000,118,784 | ---- | C] (fccHandler) -- C:\Windows\System32\ac3acm.acm

[2011/10/05 13:52:30 | 000,684,032 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\divx.dll

[2011/10/05 13:52:30 | 000,086,016 | ---- | C] (DivX, Inc.) -- C:\Windows\System32\dpl100.dll

[2011/10/05 13:52:29 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack

[2011/10/05 13:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2011/10/05 13:51:48 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java

[2011/10/05 13:51:28 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed

[2011/10/05 13:50:53 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

[2011/10/05 13:50:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR

[2011/10/05 13:50:51 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR

[2011/10/05 13:47:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

[2011/10/05 13:44:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA

[2011/10/05 13:43:27 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation

[2011/10/05 13:42:54 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll

[2011/10/05 13:42:31 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation

[2011/10/05 13:42:12 | 000,000,000 | ---D | C] -- C:\NVIDIA

[2011/10/05 13:41:24 | 000,000,000 | ---D | C] -- C:\Windows\nvidia icons

[2011/10/05 13:36:08 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Adobe

[2011/10/05 13:35:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe

[2011/10/05 13:35:55 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2011/10/05 13:35:55 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe

[2011/10/05 13:35:21 | 000,000,000 | -HSD | C] -- C:\Windows\Installer

[2011/10/05 13:34:49 | 000,035,328 | R--- | C] (Realtek Corporation) -- C:\Windows\System32\drivers\RtTeam60.sys

[2011/10/05 13:34:46 | 000,019,968 | R--- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\RtVlan60.sys

[2011/10/05 13:34:42 | 000,027,648 | R--- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\drivers\RtNdPt60.sys

[2011/10/05 13:34:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek

[2011/10/05 13:33:35 | 000,164,864 | ---- | C] (Realtek ) -- C:\Windows\System32\drivers\Rtlh86.sys

[2011/10/05 13:32:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM

[2011/10/05 13:32:18 | 001,784,352 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll

[2011/10/05 13:32:18 | 000,339,968 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll

[2011/10/05 13:32:18 | 000,185,776 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll

[2011/10/05 13:32:18 | 000,167,936 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll

[2011/10/05 13:32:18 | 000,135,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll

[2011/10/05 13:32:13 | 001,933,312 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll

[2011/10/05 13:32:13 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll

[2011/10/05 13:32:13 | 000,290,304 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll

[2011/10/05 13:32:13 | 000,159,744 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll

[2011/10/05 13:32:12 | 000,159,232 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\Windows\System32\FMAPO.dll

[2011/10/05 13:32:12 | 000,126,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll

[2011/10/05 13:32:11 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek

[2011/10/05 13:32:10 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information

[2011/10/05 13:32:02 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp

[2011/10/05 13:31:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield

[2011/10/05 13:31:16 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll

[2011/10/05 13:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\Intel

[2011/10/05 13:30:53 | 000,000,000 | ---D | C] -- C:\Intel

[2011/10/05 13:27:26 | 000,240,128 | ---- | C] (PARADOX) -- C:\Windows\System32\drivers\royal.sys

[2011/10/05 13:24:33 | 000,000,000 | R--D | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2011/10/05 13:24:33 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Searches

[2011/10/05 13:24:33 | 000,000,000 | R--D | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2011/10/05 13:24:25 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Identities

[2011/10/05 13:24:24 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Contacts

[2011/10/05 13:24:24 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\VirtualStore

[2011/10/05 13:24:21 | 000,000,000 | --SD | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Videos

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Saved Games

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Pictures

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Music

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Links

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Favorites

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Downloads

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Documents

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\Desktop

[2011/10/05 13:24:21 | 000,000,000 | R--D | C] -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\AppData\Local\Temporary Internet Files

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\SendTo

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Recent

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Modelos

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Documents\Minhas músicas

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Documents\Minhas imagens

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Documents\Meus vídeos

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Meus documentos

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Menu Iniciar

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\AppData\Local\Histórico

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Dados de aplicativos

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\AppData\Local\Dados de aplicativos

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Cookies

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Configurações locais

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Ambiente de rede

[2011/10/05 13:24:21 | 000,000,000 | -HSD | C] -- C:\Users\Rafael\Ambiente de impressão

[2011/10/05 13:24:21 | 000,000,000 | -H-D | C] -- C:\Users\Rafael\AppData

[2011/10/05 13:24:21 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Temp

[2011/10/05 13:24:21 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Local\Microsoft

[2011/10/05 13:24:21 | 000,000,000 | ---D | C] -- C:\Users\Rafael\AppData\Roaming\Media Center Programs

[2011/10/05 13:22:12 | 000,000,000 | -HSD | C] -- C:\Program Files\Common Files\Sistema

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Modelos

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas músicas

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Minhas imagens

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Meus vídeos

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Menu Iniciar

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoritos

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documentos

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dados de aplicativos

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\Arquivos de programas

[2011/10/05 13:22:11 | 000,000,000 | -HSD | C] -- C:\Program Files\Arquivos Comuns

[2011/10/05 13:18:33 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2011/10/05 13:17:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\catroot2

[2011/10/05 13:17:18 | 000,000,000 | ---D | C] -- C:\Windows\Debug

[2011/10/05 13:17:18 | 000,000,000 | ---D | C] -- C:\Windows\CSC

[2011/10/05 13:16:03 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

[2011/10/05 13:15:05 | 000,000,000 | ---D | C] -- C:\Windows\Panther

[2011/10/05 13:14:52 | 000,000,000 | -HSD | C] -- C:\Boot

[2011/10/05 09:25:41 | 000,000,000 | -HSD | C] -- C:\System Volume Information

========== Files - Modified Within 30 Days ==========

[2011/10/24 13:19:31 | 000,000,384 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job

[2011/10/24 13:19:25 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/10/24 13:19:21 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2011/10/24 13:19:21 | 000,003,552 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2011/10/24 13:19:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011/10/24 13:19:14 | 3757,236,224 | -HS- | M] () -- C:\hiberfil.sys

[2011/10/24 13:18:22 | 000,000,098 | ---- | M] () -- C:\Windows\System32\drivers\etc\Hosts

[2011/10/24 13:11:39 | 000,609,944 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2011/10/24 13:11:39 | 000,505,400 | ---- | M] () -- C:\Windows\System32\prfh0416.dat

[2011/10/24 13:11:39 | 000,103,726 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2011/10/24 13:11:39 | 000,082,780 | ---- | M] () -- C:\Windows\System32\prfc0416.dat

[2011/10/24 13:10:12 | 000,001,576 | ---- | M] () -- C:\Users\Rafael\Desktop\Tutorial_dlink500b.lnk

[2011/10/24 02:01:45 | 000,012,288 | ---- | M] () -- C:\Users\Rafael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/10/23 23:46:00 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/10/22 22:42:00 | 000,002,073 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2011/10/21 15:48:32 | 000,000,931 | ---- | M] () -- C:\Users\Rafael\Desktop\NBA 2K12.lnk

[2011/10/21 15:47:40 | 000,000,000 | -H-- | M] () -- C:\aaw7boot.cmd

[2011/10/21 12:20:19 | 000,101,720 | ---- | M] (Sunbelt Software) -- C:\Windows\System32\drivers\SBREDrv.sys

[2011/10/21 12:20:18 | 000,016,432 | ---- | M] () -- C:\Windows\System32\lsdelete.exe

[2011/10/21 12:17:51 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware.lnk

[2011/10/21 12:12:49 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk

[2011/10/18 21:00:22 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\Vegas Pro 9.0.lnk

[2011/10/13 23:43:57 | 000,001,451 | ---- | M] () -- C:\Users\Public\Desktop\Counter-Strike 1.6.lnk

[2011/10/13 23:31:19 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011/10/13 01:45:58 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\UMDF\Msft_User_WpdFs_01_00_00.Wdf

[2011/10/13 01:36:28 | 003,725,608 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2011/10/13 00:46:12 | 000,001,360 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.msn

[2011/10/12 18:07:40 | 000,000,991 | ---- | M] () -- C:\Users\Rafael\Desktop\Format Factory.lnk

[2011/10/12 15:10:39 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\aTube Catcher.lnk

[2011/10/12 02:12:24 | 000,000,284 | ---- | M] () -- C:\sqmnoopt00.sqm

[2011/10/05 22:04:48 | 000,001,645 | ---- | M] () -- C:\Users\Rafael\Desktop\Musics.lnk

[2011/10/05 14:51:28 | 000,000,959 | ---- | M] () -- C:\Users\Rafael\Desktop\Windows Live Messenger.lnk

[2011/10/05 14:33:01 | 000,000,752 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk

[2011/10/05 13:55:40 | 000,000,804 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011/10/05 13:30:44 | 000,016,115 | ---- | M] () -- C:\Windows\Ascd_tmp.ini

[2011/10/05 13:30:33 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini

[2011/10/05 13:29:51 | 000,000,680 | ---- | M] () -- C:\Users\Rafael\AppData\Local\d3d9caps.dat

[2011/10/05 13:27:26 | 000,240,128 | ---- | M] (PARADOX) -- C:\Windows\System32\drivers\royal.sys

[2011/10/05 13:19:16 | 000,051,585 | ---- | M] () -- C:\Windows\System32\license.rtf

[2011/10/05 13:19:16 | 000,000,354 | RHS- | M] () -- C:\boot.ini

========== Files Created - No Company Name ==========

[2011/10/24 13:19:30 | 000,000,384 | ---- | C] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job

[2011/10/24 13:10:12 | 000,001,576 | ---- | C] () -- C:\Users\Rafael\Desktop\Tutorial_dlink500b.lnk

[2011/10/22 22:42:00 | 000,002,073 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk

[2011/10/22 22:41:01 | 000,001,056 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2011/10/22 22:41:00 | 000,001,052 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2011/10/21 15:48:32 | 000,000,931 | ---- | C] () -- C:\Users\Rafael\Desktop\NBA 2K12.lnk

[2011/10/21 15:47:40 | 000,000,000 | -H-- | C] () -- C:\aaw7boot.cmd

[2011/10/21 12:23:40 | 000,016,432 | ---- | C] () -- C:\Windows\System32\lsdelete.exe

[2011/10/21 12:17:51 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware.lnk

[2011/10/21 12:12:49 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk

[2011/10/18 21:00:22 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\Vegas Pro 9.0.lnk

[2011/10/13 23:43:57 | 000,001,451 | ---- | C] () -- C:\Users\Public\Desktop\Counter-Strike 1.6.lnk

[2011/10/13 23:31:19 | 000,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2011/10/13 00:23:02 | 000,001,000 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk

[2011/10/13 00:22:13 | 000,000,962 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk

[2011/10/13 00:21:50 | 000,001,055 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk

[2011/10/13 00:20:25 | 000,001,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk

[2011/10/13 00:20:18 | 000,001,308 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk

[2011/10/13 00:19:22 | 000,000,874 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk

[2011/10/12 18:07:40 | 000,000,991 | ---- | C] () -- C:\Users\Rafael\Desktop\Format Factory.lnk

[2011/10/12 15:10:39 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\aTube Catcher.lnk

[2011/10/12 02:12:24 | 000,000,284 | ---- | C] () -- C:\sqmnoopt00.sqm

[2011/10/05 22:04:25 | 000,001,645 | ---- | C] () -- C:\Users\Rafael\Desktop\Musics.lnk

[2011/10/05 22:04:21 | 000,012,288 | ---- | C] () -- C:\Users\Rafael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/10/05 14:51:28 | 000,000,959 | ---- | C] () -- C:\Users\Rafael\Desktop\Windows Live Messenger.lnk

[2011/10/05 14:33:01 | 000,000,752 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk

[2011/10/05 14:04:05 | 000,000,846 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2011/10/05 13:55:40 | 000,000,804 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011/10/05 13:52:32 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2011/10/05 13:52:31 | 000,795,648 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2011/10/05 13:52:31 | 000,130,048 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2011/10/05 13:52:31 | 000,000,414 | ---- | C] () -- C:\Windows\System32\lame_acm.xml

[2011/10/05 13:52:31 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini

[2011/10/05 13:52:30 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll

[2011/10/05 13:52:30 | 000,084,480 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2011/10/05 13:42:53 | 000,004,364 | ---- | C] () -- C:\Windows\System32\nvinfo.pb

[2011/10/05 13:40:42 | 000,008,360 | ---- | C] () -- C:\Windows\System32\nvdisp.nvu

[2011/10/05 13:35:58 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 8.lnk

[2011/10/05 13:33:35 | 000,073,728 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

[2011/10/05 13:30:41 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\ASACPI.sys

[2011/10/05 13:30:33 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

[2011/10/05 13:30:31 | 000,016,115 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

[2011/10/05 13:30:30 | 000,010,296 | ---- | C] () -- C:\Windows\System32\drivers\ASUSHWIO.SYS

[2011/10/05 13:24:34 | 000,000,949 | ---- | C] () -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2011/10/05 13:24:33 | 000,000,944 | ---- | C] () -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk

[2011/10/05 13:24:24 | 000,000,915 | ---- | C] () -- C:\Users\Rafael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk

[2011/10/05 13:24:22 | 000,000,680 | ---- | C] () -- C:\Users\Rafael\AppData\Local\d3d9caps.dat

[2011/10/05 13:20:56 | 3757,236,224 | -HS- | C] () -- C:\hiberfil.sys

[2011/10/05 13:14:52 | 000,438,840 | RHS- | C] () -- C:\bootmgr

[2011/10/05 09:28:26 | 000,000,354 | RHS- | C] () -- C:\boot.ini

[2011/05/20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe

[2006/11/05 22:25:34 | 000,505,400 | ---- | C] () -- C:\Windows\System32\prfh0416.dat

[2006/11/05 22:25:34 | 000,318,818 | ---- | C] () -- C:\Windows\System32\prfi0416.dat

[2006/11/05 22:25:34 | 000,082,780 | ---- | C] () -- C:\Windows\System32\prfc0416.dat

[2006/11/05 22:25:34 | 000,037,412 | ---- | C] () -- C:\Windows\System32\prfd0416.dat

[2006/11/02 09:55:52 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2006/11/02 09:46:27 | 003,725,608 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2006/11/02 09:34:29 | 000,063,488 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

[2006/11/02 09:34:23 | 000,080,010 | ---- | C] () -- C:\Windows\System32\manage-bde.ini.en

[2006/11/02 09:34:20 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 07:33:01 | 000,609,944 | ---- | C] () -- C:\Windows\System32\perfh009.dat

[2006/11/02 07:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat

[2006/11/02 07:33:01 | 000,103,726 | ---- | C] () -- C:\Windows\System32\perfc009.dat

[2006/11/02 07:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat

[2006/11/02 07:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll

[2006/11/02 07:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat

[2006/11/02 05:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2006/11/02 05:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT

[2006/11/02 04:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

[2006/11/02 04:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat

[2006/11/02 04:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin

[2006/11/02 04:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin

========== LOP Check ==========

[2011/10/05 14:34:50 | 000,000,000 | ---D | M] -- C:\Users\Rafael\AppData\Roaming\2K Sports

[2011/10/21 12:12:50 | 000,000,000 | ---D | M] -- C:\Users\Rafael\AppData\Roaming\IObit

[2011/10/18 23:38:47 | 000,000,000 | ---D | M] -- C:\Users\Rafael\AppData\Roaming\Octoshape

[2011/10/17 23:27:33 | 000,000,000 | ---D | M] -- C:\Users\Rafael\AppData\Roaming\Publish Providers

[2011/10/18 21:05:42 | 000,000,000 | ---D | M] -- C:\Users\Rafael\AppData\Roaming\Sony

[2011/10/13 23:31:44 | 000,000,000 | ---D | M] -- C:\Users\Rafael\AppData\Roaming\uTorrent

[2011/10/24 13:19:31 | 000,000,384 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job

[2011/10/24 13:18:29 | 000,017,944 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

< End of report >

Compartilhar este post


Link para o post
Compartilhar em outros sites

Desculpe, pensei que era só o OTL, mais ai vai o outro:

Log:

All processes killed

========== OTL ==========

HKU\S-1-5-21-2576660725-3699909911-2840743539-1000\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

Prefs.js: "Ask.com" removed from browser.search.defaultengine

Prefs.js: "Ask.com" removed from browser.search.defaultenginename

Prefs.js: "Ask.com" removed from browser.search.order.1

File C:\Users\Rafael\AppData\Roaming\Mozilla\Firefox\Pr ofiles\wmuhx170.default\searchplugins\askcom.xml not found.

========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default

->Flash cache emptied: 0 bytes

User: Default User

->Flash cache emptied: 0 bytes

User: Public

User: Rafael

->Flash cache emptied: 470 bytes

User: UpdatusUser

Total Flash Files Cleaned = 0,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: Public

User: Rafael

->Temp folder emptied: 31832 bytes

->Temporary Internet Files folder emptied: 918590 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 38556014 bytes

->Flash cache emptied: 0 bytes

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 3044 bytes

RecycleBin emptied: 0 bytes

Total Files Cleaned = 38,00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 10242011_131821

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...

Compartilhar este post


Link para o post
Compartilhar em outros sites

Então, nesse momento não ta pedindo, e faz um tempinho ja que não tenho problemas, mas não sei se resolveu pois tem vez que ele volta ao normal sozinho, alguns dias fica normal e depois volta de novo.

OBS: O dia que eu criei o Tópico eu estava com o problema, porém logo no outro dia e até hj ainda não voltou a pedir nenhuma atualização.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro Mynamae

Desculpe a demora -_-

Fiquei sabendo que essa operadora estava com problemas. Entre em contato com eles e verifique isso, por favor.

Atualize o MalwareBytes e faça um novo scan.

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

Hoje, aconteceu novamente esse problema, google pedindo atualização, e eu fui entrar nas configurações do modem, percebi que minha senha havia mudado sozinha, ja aconteceu isso algumas vezes de a senha mudar sozinha, daí como nao tava entrando, eu resetei as configurações do modem e reconfigurei tudo de novo (como eu havia feito todas as outras vezes que a senha mudou), ai eu reparei que ao reconfigurar o modem, o google voltou ao normal, então acho que deve ser algum problema relacionado com o modem ou algo assim?? Dessa vez eu configurei no modo Bridging pra ver se acontece novamente.

Compartilhar este post


Link para o post
Compartilhar em outros sites

eu li no Linha Defensiva um alerta sobre este tipo de problema: Alteração do DNS dos roteadores wifi entregues por Oi, Vivo e GVT - basicamente o usuário deixa a senha padrão e gente do mal altera o DNs para estes sites de phishing...

Simples: altere a senha do router e avise os estúpidos das operadoras.

Compartilhar este post


Link para o post
Compartilhar em outros sites

Caro Mynamae

Não apareceu mais nada de surpresa pelo navegador?

Vamos alterar o DNS para uma outra checagem :)

Siga as intruções desse link:

http://www.dicasblogger.com.br/2009/12/como-alterar-o-dns-da-sua-conexao.html

Caso o DNS pedido acima não dê certo, o que duvido, troque por esse: 8.8.8.8 e 8.8.4.4

Faça um novo log com o DDS e poste aqui ;)

Abraços :D

Compartilhar este post


Link para o post
Compartilhar em outros sites

O navegador está normal.

Bom ja alterei o DNS

Logs:

DDS:

.

DDS (Ver_2011-06-23.01) - NTFSx86

Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_27

Run by Rafael at 14:28:55 on 2011-11-29

Microsoft® Windows Vista™ Ultimate 6.0.6002.2.1252.55.1046.18.3582.2180 [GMT -2:00]

.

AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {9FF26384-70D4-CE6B-3ECB-E759A6A40116}

AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}

SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Lavasoft Ad-Watch Live! *Disabled/Updated* {24938260-56EE-C1E5-047B-DC2BDD234BAB}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskeng.exe

C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conime.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File

BHO: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

TB: Ad-Aware Security Toolbar: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - c:\program files\adawaretb\adawareDx.dll

TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [PlusService] c:\program files\yuna software\messenger plus!\PlusService.exe

mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice

mRun: [Ad-Aware Browsing Protection] "c:\programdata\ad-aware browsing protection\adawarebp.exe"

mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe

mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin

mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab

TCP: Interfaces\{829228B5-DC30-4B1D-9AA3-11AEF6EBC96A} : NameServer = 208.67.222.222,208.67.220.220

TCP: Interfaces\{829228B5-DC30-4B1D-9AA3-11AEF6EBC96A} : DhcpNameServer = 10.1.1.1 10.1.1.1

TCP: Interfaces\{DA44F821-8132-4D48-BD47-9CA1AD20F3D9} : NameServer = 200.175.5.139 200.175.89.139

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GR99D3~1.DLL

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\rafael\appdata\roaming\mozilla\firefox\profiles\wmuhx170.default\

FF - prefs.js: browser.search.selectedEngine - DAEMON Search

FF - prefs.js: browser.startup.homepage - google.com/firefox

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll

FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll

FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll

FF - plugin: c:\users\rafael\appdata\roaming\mozilla\plugins\npoctoshape.dll

.

============= SERVICES / DRIVERS ===============

.

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2011-10-21 64512]

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2011-8-4 118104]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2011-8-4 103112]

R2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\iobit\advanced systemcare 4\ASCService.exe [2011-10-21 328536]

R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2011-8-9 163424]

R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2011-9-22 974944]

R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2011-11-3 2152152]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-10-5 2253120]

R2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\drivers\RtNdPt60.sys [2011-10-5 27648]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-10-15 381248]

R3 FontCache;Serviço de Cache de Fontes do Windows;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2011-11-22 21504]

R3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\lavasoft\ad-aware\kernexplorer.sys [2011-11-3 15232]

S0 OemBiosDevice;Royalty OEM Bios Extension;c:\windows\system32\drivers\royal.sys [2011-10-5 240128]

S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.0);c:\windows\system32\drivers\RtTeam60.sys [2011-10-5 35328]

S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.0);c:\windows\system32\drivers\RtVlan60.sys [2011-10-5 19968]

S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.0);c:\windows\system32\drivers\RtTeam60.sys [2011-10-5 35328]

.

=============== Created Last 30 ================

.

2011-11-22 21:57:32 -------- d-----w- c:\program files\GameVicio

2011-11-22 20:51:08 1015 ----a-w- C:\backup.reg

2011-11-22 20:43:11 167936 ----a-w- C:\sd4hide.exe

2011-11-22 20:41:54 -------- d-----w- c:\program files\EA GAMES

2011-11-22 18:12:35 -------- d-----w- c:\windows\system32\eu-ES

2011-11-22 18:12:35 -------- d-----w- c:\windows\system32\ca-ES

2011-11-22 18:12:34 -------- d-----w- c:\windows\system32\vi-VN

2011-11-22 18:09:10 -------- d-----w- c:\windows\system32\SPReview

2011-11-22 18:00:14 928768 ----a-w- c:\windows\system32\scavenge.dll

2011-11-22 18:00:08 57856 ----a-w- c:\windows\system32\compcln.exe

2011-11-22 17:54:54 -------- d-----w- c:\windows\system32\EventProviders

2011-11-22 17:28:46 -------- d-----w- C:\PerfLogs

2011-11-22 17:01:33 6656 ----a-w- c:\windows\system32\sdspres.dll

2011-11-22 17:01:31 193024 ----a-w- c:\windows\system32\recdisc.exe

2011-11-22 17:00:55 28160 ----a-w- c:\windows\system32\sxproxy.dll

2011-11-22 16:56:59 17408 ----a-w- c:\windows\system32\drivers\smclib.sys

2011-11-22 16:54:00 6656 ----a-w- c:\windows\system32\kbd106n.dll

2011-11-22 16:14:57 -------- d--h--w- c:\program files\common files\EAInstaller

2011-11-20 16:09:57 -------- d-----w- c:\users\rafael\appdata\local\Divinity 2

2011-11-20 15:39:39 -------- d-----w- c:\windows\B83FC356B7C0441F8A4DD71E088E7974.TMP

2011-11-20 15:39:36 -------- d-----w- c:\program files\common files\Wise Installation Wizard

2011-11-20 15:17:46 -------- d-----w- c:\program files\DAEMON Tools Toolbar

2011-11-20 15:17:24 691696 ----a-w- c:\windows\system32\drivers\sptd.sys

2011-11-20 15:17:03 -------- d-----w- c:\program files\DAEMON Tools Lite

2011-11-20 15:16:37 -------- d-----w- c:\users\rafael\appdata\roaming\DAEMON Tools Lite

2011-11-20 15:16:34 -------- d-----w- c:\programdata\DAEMON Tools Lite

2011-11-14 02:43:23 77824 ----a-w- c:\program files\mozilla firefox\gff4editor-1.0\editor.exe

2011-11-14 02:43:23 57856 ----a-w- c:\program files\mozilla firefox\gff4editor-1.0\daosavegame.exe

2011-11-14 02:43:23 25088 ----a-w- c:\program files\mozilla firefox\gff4editor-1.0\g2da.exe

2011-11-14 02:43:23 22016 ----a-w- c:\program files\mozilla firefox\gff4editor-1.0\erfextract.exe

2011-11-14 02:43:23 2134016 ----a-w- c:\program files\mozilla firefox\gff4editor-1.0\python26.dll

2011-11-13 17:08:43 -------- d-----w- c:\users\rafael\appdata\local\adaware

2011-11-13 17:08:42 -------- d-----w- c:\programdata\Ad-Aware Browsing Protection

2011-11-13 17:08:41 -------- d-----w- c:\program files\Toolbar Cleaner

2011-11-13 17:08:33 -------- d-----w- c:\program files\adawaretb

2011-11-07 02:20:28 -------- d-----w- c:\program files\AVIConverter

2011-11-06 18:04:20 -------- d-----w- c:\users\rafael\appdata\local\Ares

2011-11-06 18:04:17 -------- d-----w- c:\program files\Ares

2011-11-04 16:24:26 -------- d-----w- c:\users\rafael\appdata\roaming\NVIDIA

.

==================== Find3M ====================

.

2011-11-22 17:18:25 101888 ----a-w- c:\windows\system32\ifxcardm.dll

2011-11-22 17:18:15 82432 ----a-w- c:\windows\system32\axaltocm.dll

2011-11-14 14:20:11 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2011-11-03 15:06:56 64512 ----a-w- c:\windows\system32\drivers\Lbd.sys

2011-10-21 18:47:40 0 ---ha-w- C:\aaw7boot.cmd

2011-10-21 15:20:19 101720 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2011-10-21 15:20:18 16432 ----a-w- c:\windows\system32\lsdelete.exe

2011-10-15 03:54:52 321856 ----a-w- c:\windows\system32\nvStreaming.exe

2011-10-13 03:58:06 2421760 ----a-w- c:\windows\system32\wucltux.dll

2011-10-13 03:57:25 87552 ----a-w- c:\windows\system32\wudriver.dll

2011-10-13 03:57:06 33792 ----a-w- c:\windows\system32\wuapp.exe

2011-10-13 03:57:06 171608 ----a-w- c:\windows\system32\wuwebv.dll

2011-10-05 16:32:20 319456 ----a-w- c:\windows\DIFxAPI.dll

2011-10-05 16:27:26 240128 ----a-w- c:\windows\system32\drivers\royal.sys

2011-08-31 20:00:50 22216 ----a-w- c:\windows\system32\drivers\mbam.sys

.

============= FINISH: 14:29:23,89 ===============

Attach:

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-06-23.01)

.

Microsoft® Windows Vista™ Ultimate

Boot Device: \Device\HarddiskVolume4

Install Date: 05/10/2011 13:19:19

System Uptime: 29/11/2011 13:37:35 (1 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | P5KPL/EPU

Processor: Intel® Core2 Duo CPU E7300 @ 2.66GHz | Socket 775 | 2128/266mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 78 GiB total, 35,821 GiB free.

D: is FIXED (NTFS) - 149 GiB total, 48,451 GiB free.

E: is FIXED (NTFS) - 75 GiB total, 35,873 GiB free.

F: is FIXED (NTFS) - 71 GiB total, 67,393 GiB free.

G: is CDROM ()

H: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP116: 28/11/2011 13:35:36 - Installed Microsoft Fix it 50267

RP117: 28/11/2011 13:46:20 - Installed Microsoft Fix it 50267

RP118: 28/11/2011 14:15:27 - Installed Topaz Vivacity

.

==== Installed Programs ======================

.

Ad-Aware

Ad-Aware Security Toolbar

Adobe AIR

Adobe Community Help

Adobe Flash Player 11 Plugin

Adobe Flash Player ActiveX

Adobe Media Player

Adobe Photoshop CS5

Adobe Reader 8.1.1

Advanced SystemCare 4

Ares 2.1.7

Arquivo do WinRAR

Assistente de Conexão do Windows Live

µTorrent

Atualizações da NVIDIA 1.5.20

aTube Catcher

AVIConverter 4.0.1

CCleaner

Counter-Strike 1.6

Diagnostic Utility

Dragon Age II

ESET NOD32 Antivirus

Ferramenta de Carregamento do Windows Live

FormatFactory 2.70

IcoFX 1.6.4

Java Auto Updater

Java 6 Update 27

K-Lite Codec Pack 4.8.5 (Full)

Last.fm 1.5.4.27091

Malwarebytes' Anti-Malware versão 1.51.2.1300

Messenger Plus! 5

Microsoft Application Error Reporting

Microsoft Choice Guard

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft WSE 3.0 Runtime

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Mozilla Firefox 8.0 (x86 pt-BR)

MSVCRT

NBA 2K12

Need for Speed™ Most Wanted

NVIDIA 3D Vision Controller Driver

NVIDIA Driver de controle do 3D Vision 285.62

NVIDIA Driver de gráficos 285.62

NVIDIA Driver do 3D Vision 285.62

NVIDIA Install Application

NVIDIA PhysX

NVIDIA Software do sistema PhysX 9.11.0621

NVIDIA Stereoscopic 3D Driver

NVIDIA Update Components

Octoshape Streaming Services

Painel de controle da NVIDIA 285.62

PDF Settings CS5

Realtek 8136 8168 8169 Ethernet Driver

Realtek High Definition Audio Driver

Topaz Vivacity

Vegas Pro 9.0

Windows Live Call

Windows Live Communications Platform

Windows Live Essentials

Windows Live Messenger

Windows Media Player Firefox Plugin

.

==== End Of File ===========================

Compartilhar este post


Link para o post
Compartilhar em outros sites
Entre para seguir isso  





Sobre o Clube do Hardware

No ar desde 1996, o Clube do Hardware é uma das maiores, mais antigas e mais respeitadas publicações sobre tecnologia do Brasil. Leia mais

Direitos autorais

Não permitimos a cópia ou reprodução do conteúdo do nosso site, fórum, newsletters e redes sociais, mesmo citando-se a fonte. Leia mais

×