Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

Relatório OTL / Extras

By: Atenevir on May 26th, 2012  |  syntax: None  |  size: 99.04 KB  |  views: 44  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. OTL logfile created on: 25/05/2012 22:56:19 - Run 1
  2. OTL by OldTimer - Version 3.2.43.1     Folder = C:\Users\Jonathas\Desktop
  3. 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.0.8112.16421)
  5. Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
  6.  
  7. 4,00 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 65,29% Memory free
  8. 7,99 Gb Paging File | 6,46 Gb Available in Paging File | 80,79% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 83,51 Gb Total Space | 42,06 Gb Free Space | 50,37% Space Free | Partition Type: NTFS
  13. Drive D: | 512,56 Gb Total Space | 358,61 Gb Free Space | 69,96% Space Free | Partition Type: NTFS
  14.  
  15. Computer Name: JONATHAS-PC | User Name: Jonathas | Logged in as Administrator.
  16. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
  17. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  18.  
  19. [color=#E56717]========== Processes (SafeList) ==========[/color]
  20.  
  21. PRC - [2012/05/25 22:48:36 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jonathas\Desktop\OTL.exe
  22. PRC - [2012/05/09 09:02:12 | 000,214,088 | ---- | M] ( ) -- C:\PROGRA~2\GbPlugin\GbpSv.exe
  23. PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
  24. PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
  25. PRC - [2012/01/19 08:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
  26. PRC - [2011/10/03 01:25:39 | 000,340,520 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe
  27. PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  28. PRC - [2010/07/30 09:53:18 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
  29. PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
  30. PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
  31. PRC - [2007/05/28 13:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
  32.  
  33.  
  34. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  35.  
  36.  
  37. [color=#E56717]========== Win32 Services (SafeList) ==========[/color]
  38.  
  39. SRV:[b]64bit:[/b] - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
  40. SRV:[b]64bit:[/b] - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe -- (STacSV)
  41. SRV:[b]64bit:[/b] - [2009/08/18 02:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
  42. SRV:[b]64bit:[/b] - [2009/07/13 22:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip)
  43. SRV:[b]64bit:[/b] - [2009/07/13 22:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
  44. SRV:[b]64bit:[/b] - [2009/06/03 02:13:02 | 000,721,712 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vfsFPService.exe -- (vfsFPService)
  45. SRV:[b]64bit:[/b] - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
  46. SRV - [2012/05/23 19:09:02 | 000,024,576 | ---- | M] (Atribune.org) [On_Demand | Stopped] -- C:\Windows\SysWow64\VundoFixSVC.exe -- (VundoFixSvc)
  47. SRV - [2012/05/09 09:02:12 | 000,214,088 | ---- | M] ( ) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv)
  48. SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
  49. SRV - [2012/01/19 08:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
  50. SRV - [2011/10/03 01:26:57 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
  51. SRV - [2011/10/03 01:25:39 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP)
  52. SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
  53. SRV - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe -- (STacSV)
  54. SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  55. SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
  56. SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  57. SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
  58. SRV - [2009/06/03 02:12:50 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vfsFPService.exe -- (vfsFPService)
  59. SRV - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters)
  60. SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
  61. SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
  62. SRV - [2007/05/28 13:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
  63.  
  64.  
  65. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  66.  
  67. DRV:[b]64bit:[/b] - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
  68. DRV:[b]64bit:[/b] - [2012/03/02 16:02:00 | 000,034,304 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandmodem64.sys -- (ANDModem)
  69. DRV:[b]64bit:[/b] - [2012/03/02 16:02:00 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lganddiag64.sys -- (AndDiag)
  70. DRV:[b]64bit:[/b] - [2012/03/02 16:02:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandgps64.sys -- (AndGps)
  71. DRV:[b]64bit:[/b] - [2012/03/02 16:02:00 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandbus64.sys -- (Andbus)
  72. DRV:[b]64bit:[/b] - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  73. DRV:[b]64bit:[/b] - [2011/11/10 21:54:51 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
  74. DRV:[b]64bit:[/b] - [2011/10/03 01:25:39 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
  75. DRV:[b]64bit:[/b] - [2011/08/01 14:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
  76. DRV:[b]64bit:[/b] - [2011/08/01 14:59:06 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr)
  77. DRV:[b]64bit:[/b] - [2011/07/28 17:37:10 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
  78. DRV:[b]64bit:[/b] - [2011/06/30 19:24:18 | 000,024,064 | ---- | M] (Shrew Soft Inc) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vfilter.sys -- (vflt)
  79. DRV:[b]64bit:[/b] - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
  80. DRV:[b]64bit:[/b] - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
  81. DRV:[b]64bit:[/b] - [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  82. DRV:[b]64bit:[/b] - [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  83. DRV:[b]64bit:[/b] - [2010/11/20 10:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  84. DRV:[b]64bit:[/b] - [2010/11/20 08:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  85. DRV:[b]64bit:[/b] - [2010/11/20 08:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  86. DRV:[b]64bit:[/b] - [2010/11/20 06:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
  87. DRV:[b]64bit:[/b] - [2010/09/02 04:18:46 | 000,017,408 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\virtualnet.sys -- (vnet)
  88. DRV:[b]64bit:[/b] - [2010/07/30 09:53:20 | 000,032,880 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
  89. DRV:[b]64bit:[/b] - [2010/05/27 22:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
  90. DRV:[b]64bit:[/b] - [2010/03/23 14:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
  91. DRV:[b]64bit:[/b] - [2010/01/06 16:23:18 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)
  92. DRV:[b]64bit:[/b] - [2009/10/20 16:20:36 | 000,114,608 | ---- | M] (Philips Applied Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\phaudlwr.sys -- (phaudlwr)
  93. DRV:[b]64bit:[/b] - [2009/10/14 20:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG)
  94. DRV:[b]64bit:[/b] - [2009/10/10 14:57:54 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
  95. DRV:[b]64bit:[/b] - [2009/10/10 14:57:54 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
  96. DRV:[b]64bit:[/b] - [2009/10/10 14:57:54 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
  97. DRV:[b]64bit:[/b] - [2009/09/14 13:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
  98. DRV:[b]64bit:[/b] - [2009/09/01 14:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
  99. DRV:[b]64bit:[/b] - [2009/08/18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
  100. DRV:[b]64bit:[/b] - [2009/07/29 16:21:58 | 000,717,312 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
  101. DRV:[b]64bit:[/b] - [2009/07/20 04:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
  102. DRV:[b]64bit:[/b] - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  103. DRV:[b]64bit:[/b] - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  104. DRV:[b]64bit:[/b] - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  105. DRV:[b]64bit:[/b] - [2009/07/13 21:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
  106. DRV:[b]64bit:[/b] - [2009/07/13 21:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
  107. DRV:[b]64bit:[/b] - [2009/07/08 00:45:50 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
  108. DRV:[b]64bit:[/b] - [2009/06/28 19:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir)
  109. DRV:[b]64bit:[/b] - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  110. DRV:[b]64bit:[/b] - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  111. DRV:[b]64bit:[/b] - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  112. DRV:[b]64bit:[/b] - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  113. DRV:[b]64bit:[/b] - [2009/06/04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
  114. DRV:[b]64bit:[/b] - [2009/04/29 07:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
  115. DRV:[b]64bit:[/b] - [2009/04/24 12:49:24 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
  116. DRV:[b]64bit:[/b] - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
  117. DRV:[b]64bit:[/b] - [2008/11/14 12:27:00 | 000,396,800 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembunic.sys -- (sembunic) Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (WDM)
  118. DRV:[b]64bit:[/b] - [2008/11/14 12:27:00 | 000,362,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembwwan.sys -- (sembwwan) Sony Ericsson PC300 Mobile Broadband Ethernet Control Drivers (WDM)
  119. DRV:[b]64bit:[/b] - [2008/11/14 12:27:00 | 000,033,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembnd5.sys -- (sembnd5) Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (NDIS)
  120. DRV:[b]64bit:[/b] - [2008/11/14 12:26:58 | 000,445,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembmdm2.sys -- (sembmdm2)
  121. DRV:[b]64bit:[/b] - [2008/11/14 12:26:58 | 000,370,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembmgmt.sys -- (sembmgmt) Sony Ericsson PC300 Mobile Broadband Device Management Drivers (WDM)
  122. DRV:[b]64bit:[/b] - [2008/11/14 12:26:58 | 000,019,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembmdfl2.sys -- (sembmdfl2)
  123. DRV:[b]64bit:[/b] - [2008/11/14 12:26:56 | 000,362,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembcard.sys -- (sembcard) Sony Ericsson PC300 Mobile Broadband Command Interface Drivers (WDM)
  124. DRV:[b]64bit:[/b] - [2008/11/14 12:26:56 | 000,302,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembbus.sys -- (sembbus) SEMC WMC Composite Device driver (WDM)
  125. DRV:[b]64bit:[/b] - [2008/11/14 12:26:54 | 000,022,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\semcreserved64.sys -- (SEMCReserved)
  126. DRV:[b]64bit:[/b] - [2008/11/14 12:26:52 | 000,023,040 | ---- | M] (Sony Ericsson) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\seu4scard64.sys -- (Sony_EricssonWWSC)
  127. DRV:[b]64bit:[/b] - [2008/05/21 13:30:58 | 000,583,168 | ---- | M] (                                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SPC530.sys -- (SPC530)
  128. DRV:[b]64bit:[/b] - [2008/05/21 13:30:58 | 000,008,192 | ---- | M] (                                                            ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SPC530m.sys -- (SPC530m)
  129. DRV - [2012/04/05 09:34:04 | 000,046,408 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\GbpKm.sys -- (GbpKm)
  130. DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
  131. DRV - [2009/02/10 17:23:10 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
  132.  
  133.  
  134. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  135.  
  136.  
  137. [color=#E56717]========== Internet Explorer ==========[/color]
  138.  
  139. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  140. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  141. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  142. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  143. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  144.  
  145. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/
  146. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp
  147. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
  148. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CE 8C 6C D1 69 81 CC 01  [binary data]
  149. IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  150. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  151. IE - HKCU\..\SearchScopes\{1D2A6415-5302-417F-B105-CF2E11123B95}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=kw&q={searchTerms}&locale=&apn_ptnrs=FV&apn_dtid=YYYYYYYYBR&apn_uid=07650984-e6be-429c-ad26-0411206e8f03&apn_sauid=5BF36375-DF3E-4E75-888E-9A3CA215CC26&
  152. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  153.  
  154. [color=#E56717]========== FireFox ==========[/color]
  155.  
  156. FF - prefs.js..browser.search.defaultengine: "Ask.com"
  157. FF - prefs.js..browser.search.defaultenginename: "Ask.com"
  158. FF - prefs.js..browser.search.order.1: "Ask.com"
  159. FF - prefs.js..browser.search.selectedEngine: "Google"
  160. FF - prefs.js..browser.search.useDBForOrder: true
  161. FF - prefs.js..browser.startup.homepage: "www.google.com.br"
  162. FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
  163. FF - user.js - File not found
  164.  
  165. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found
  166. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
  167. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
  168. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
  169. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
  170. FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
  171. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
  172. FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
  173. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
  174. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  175. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jonathas\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
  176. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jonathas\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
  177.  
  178. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/24 08:49:38 | 000,000,000 | ---D | M]
  179. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/20 13:41:23 | 000,000,000 | ---D | M]
  180.  
  181. [2011/10/02 22:37:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jonathas\AppData\Roaming\mozilla\Extensions
  182. [2012/05/25 22:53:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jonathas\AppData\Roaming\mozilla\Firefox\Profiles\cetve9sy.default\extensions
  183. [2011/12/21 08:04:51 | 000,000,000 | ---D | M] (Adicional de Seguranca CAIXA) -- C:\Users\Jonathas\AppData\Roaming\mozilla\Firefox\Profiles\cetve9sy.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886D}
  184. [2012/05/25 22:53:55 | 000,000,000 | ---D | M] (Guardiao Itau 30 horas) -- C:\Users\Jonathas\AppData\Roaming\mozilla\Firefox\Profiles\cetve9sy.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8873}
  185. [2012/03/31 20:12:11 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jonathas\AppData\Roaming\mozilla\Firefox\Profiles\cetve9sy.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
  186. [2011/10/11 00:45:22 | 000,002,399 | ---- | M] () -- C:\Users\Jonathas\AppData\Roaming\Mozilla\Firefox\Profiles\cetve9sy.default\searchplugins\askcom.xml
  187. [2012/01/20 13:41:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
  188. [2012/01/20 13:41:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}
  189. [2011/10/03 00:27:28 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru
  190. [2011/11/24 08:49:37 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
  191. [2012/01/20 13:41:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
  192. [2010/07/12 13:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
  193. [2011/09/28 21:55:26 | 000,001,027 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\buscape.xml
  194. [2011/09/28 21:55:26 | 000,001,212 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolivre.xml
  195. [2011/11/24 08:49:38 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml
  196. [2011/09/28 21:55:26 | 000,001,168 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-br.xml
  197. [2011/09/28 21:55:26 | 000,000,952 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-br.xml
  198.  
  199. [color=#E56717]========== Chrome  ==========[/color]
  200.  
  201. CHR - default_search_provider: Google (Enabled)
  202. CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
  203. CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
  204. CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jonathas\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll
  205. CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
  206. CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
  207. CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
  208. CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
  209. CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
  210. CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
  211. CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
  212. CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
  213. CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
  214. CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
  215. CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
  216. CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
  217. CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
  218. CHR - plugin: Native Client (Enabled) = C:\Users\Jonathas\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll
  219. CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jonathas\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll
  220. CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
  221. CHR - plugin: Google Update (Enabled) = C:\Users\Jonathas\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll
  222. CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
  223. CHR - plugin: Default Plug-in (Enabled) = default_plugin
  224.  
  225. Hosts file not found
  226. O2:[b]64bit:[/b] - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)
  227. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
  228. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
  229. O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
  230. O2 - BHO: (Reg Error: Value error.) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - Reg Error: Value error. File not found
  231. O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRA~2\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco)
  232. O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540015} - C:\Program Files (x86)\GbPlugin\gbiehisg.dll (Infoseg - Senasp)
  233. O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
  234. O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
  235. O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
  236. O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
  237. O4:[b]64bit:[/b] - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
  238. O4:[b]64bit:[/b] - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
  239. O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Arquivos de Programas\IDT\WDM\sttray64.exe (IDT, Inc.)
  240. O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
  241. O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab)
  242. O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
  243. O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
  244. O4 - HKCU..\Run: [AdobeBridge]  File not found
  245. O4 - HKCU..\Run: [PCSpeedUp] C:\Program Files (x86)\Velocidade Do PC\PCSpeedUp.lnk File not found
  246. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  247. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  248. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 4
  249. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
  250. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  251. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
  252. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
  253. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
  254. O8:[b]64bit:[/b] - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
  255. O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
  256. O9:[b]64bit:[/b] - Extra Button: &Teclado virtual - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)
  257. O9:[b]64bit:[/b] - Extra Button: Veri&ficação de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab)
  258. O9 - Extra Button: &Teclado virtual - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
  259. O9 - Extra Button: Veri&ficação de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab)
  260. O13[b]64bit:[/b] - gopher Prefix: missing
  261. O13 - gopher Prefix: missing
  262. O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www] * in Sites confiáveis)
  263. O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www14] * in Sites confiáveis)
  264. O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www2] * in Sites confiáveis)
  265. O15 - HKCU\..Trusted Domains: bb.com.br ([www] * in Sites confiáveis)
  266. O15 - HKCU\..Trusted Domains: caixa.gov.br ([]https in Sites confiáveis)
  267. O15 - HKCU\..Trusted Domains: caixa.gov.br ([internetbanking] https in Sites confiáveis)
  268. O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
  269. O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
  270. O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Key error.)
  271. O16 - DPF: {7E866715-C9B6-4C64-AAB8-342E0D137213} http://10.1.100.7/EDVR.CAB (DVR4204 Client Control)
  272. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
  273. O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
  274. O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
  275. O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} https://clickbanking.itau.com.br/itau/gbplugin/gbplugin2/cab/GbPluginUni.cab (GbPluginObj Class)
  276. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1
  277. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F4DED35-F83F-4B6D-8FC5-35005FC7400F}: DhcpNameServer = 10.1.1.1
  278. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A46D2E7-57D3-4C97-B991-45CF51B35783}: DhcpNameServer = 10.1.1.1
  279. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{641840B6-57B7-4B49-AEE3-723EA2B2DC34}: DhcpNameServer = 192.168.0.1
  280. O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
  281. O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
  282. O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
  283. O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
  284. O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
  285. O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
  286. O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
  287. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  288. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  289. O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
  290. O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
  291. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  292. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  293. O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
  294. O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  295. O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab)
  296. O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
  297. O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\Program Files (x86)\GbPlugin\gbiehCef.dll) -  File not found
  298. O20 - Winlogon\Notify\ GbPluginIsg: DllName - (C:\Program Files (x86)\GbPlugin\gbiehIsg.dll) - C:\Program Files (x86)\GbPlugin\gbiehIsg.dll (Infoseg - Senasp)
  299. O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\PROGRA~2\GbPlugin\gbiehUni.dll) - C:\PROGRA~2\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)
  300. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  301. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  302. O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - No CLSID value found.
  303. O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRA~2\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco)
  304. O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399015} - C:\Program Files (x86)\GbPlugin\gbiehIsg.dll (Infoseg - Senasp)
  305. O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil)
  306. O32 - HKLM CDRom: AutoRun - 1
  307. O32 - AutoRun File - [2011/10/11 01:05:23 | 000,000,048 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
  308. O33 - MountPoints2\{f206a74f-ed4a-11e0-845f-806e6f6e6963}\Shell - "" = AutoRun
  309. O33 - MountPoints2\{f206a74f-ed4a-11e0-845f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe
  310. O34 - HKLM BootExecute: (autocheck autochk *)
  311. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  312. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  313. O35 - HKLM\..comfile [open] -- "%1" %*
  314. O35 - HKLM\..exefile [open] -- "%1" %*
  315. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  316. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  317. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  318. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  319. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  320. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  321. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  322.  
  323. CREATERESTOREPOINT
  324. Restore point Set: OTL Restore Point
  325.  
  326. NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
  327.  
  328. MsConfig:64bit - State: "startup" - Reg Error: Key error.
  329.  
  330. SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
  331. SafeBootMin:[b]64bit:[/b] Base - Driver Group
  332. SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group
  333. SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group
  334. SafeBootMin:[b]64bit:[/b] File system - Driver Group
  335. SafeBootMin:[b]64bit:[/b] Filter - Driver Group
  336. SafeBootMin:[b]64bit:[/b] HelpSvc - Service
  337. SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group
  338. SafeBootMin:[b]64bit:[/b] PEVSystemStart - Service
  339. SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group
  340. SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group
  341. SafeBootMin:[b]64bit:[/b] procexp90.Sys - Driver
  342. SafeBootMin:[b]64bit:[/b] sacsvr - Service
  343. SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group
  344. SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group
  345. SafeBootMin:[b]64bit:[/b] vmms - Service
  346. SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
  347. SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
  348. SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
  349. SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
  350. SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
  351. SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
  352. SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
  353. SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
  354. SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
  355. SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
  356. SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
  357. SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
  358. SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
  359. SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
  360. SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
  361. SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
  362. SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
  363. SafeBootMin: Base - Driver Group
  364. SafeBootMin: Boot Bus Extender - Driver Group
  365. SafeBootMin: Boot file system - Driver Group
  366. SafeBootMin: File system - Driver Group
  367. SafeBootMin: Filter - Driver Group
  368. SafeBootMin: HelpSvc - Service
  369. SafeBootMin: PCI Configuration - Driver Group
  370. SafeBootMin: PEVSystemStart - Service
  371. SafeBootMin: PNP Filter - Driver Group
  372. SafeBootMin: Primary disk - Driver Group
  373. SafeBootMin: procexp90.Sys - Driver
  374. SafeBootMin: sacsvr - Service
  375. SafeBootMin: SCSI Class - Driver Group
  376. SafeBootMin: System Bus Extender - Driver Group
  377. SafeBootMin: vmms - Service
  378. SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
  379. SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
  380. SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
  381. SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
  382. SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
  383. SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
  384. SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
  385. SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
  386. SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
  387. SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
  388. SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
  389. SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
  390. SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
  391. SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
  392. SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
  393. SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
  394. SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
  395.  
  396. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  397.  
  398. [2012/05/25 22:48:32 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Jonathas\Desktop\OTL.exe
  399. [2012/05/23 20:43:54 | 000,000,000 | ---D | C] -- C:\LinhaDefensiva
  400. [2012/05/23 20:43:50 | 000,178,597 | ---- | C] (Igor Pavlov) -- C:\bankerfix.exe
  401. [2012/05/23 20:34:39 | 000,000,000 | ---D | C] -- C:\Users\Jonathas\Desktop\HijackThis
  402. [2012/05/23 19:24:18 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.execf
  403. [2012/05/23 19:23:58 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW
  404. [2012/05/23 19:09:02 | 000,024,576 | ---- | C] (Atribune.org) -- C:\Windows\SysWow64\VundoFixSVC.exe
  405. [2012/05/20 18:14:05 | 000,034,304 | ---- | C] (LG Electronics Inc.) -- C:\Windows\SysNative\drivers\lgandmodem64.sys
  406. [2012/05/20 18:14:05 | 000,027,648 | ---- | C] (LG Electronics Inc.) -- C:\Windows\SysNative\drivers\lganddiag64.sys
  407. [2012/05/20 18:14:05 | 000,027,136 | ---- | C] (LG Electronics Inc.) -- C:\Windows\SysNative\drivers\lgandgps64.sys
  408. [2012/05/20 18:14:04 | 000,019,456 | ---- | C] (LG Electronics Inc.) -- C:\Windows\SysNative\drivers\lgandbus64.sys
  409. [2012/05/20 18:14:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics
  410. [2012/05/19 00:26:07 | 000,000,000 | ---D | C] -- C:\LGP698F
  411. [2012/05/19 00:24:30 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr90.dll
  412. [2012/05/19 00:24:30 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp90.dll
  413. [2012/05/19 00:24:30 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcm90.dll
  414. [2012/05/19 00:24:23 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
  415. [2012/05/19 00:24:12 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
  416. [2012/05/17 08:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
  417. [2012/05/17 08:30:54 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
  418. [2012/05/17 08:30:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
  419. [2012/05/15 21:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
  420. [2012/05/15 21:53:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
  421. [2012/05/15 21:53:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
  422. [2012/05/13 22:10:59 | 000,000,000 | ---D | C] -- C:\Users\Jonathas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetSurveillance
  423. [2012/05/13 22:10:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetSurveillance
  424. [2012/05/13 22:10:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetSurveillance
  425. [2012/05/09 08:49:04 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
  426. [2012/05/09 08:49:00 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
  427. [2012/05/09 08:48:59 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
  428. [2012/05/09 08:48:59 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
  429.  
  430. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  431.  
  432. [2012/05/25 22:48:36 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jonathas\Desktop\OTL.exe
  433. [2012/05/25 22:13:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3386592043-1472786982-427589051-1001UA.job
  434. [2012/05/25 21:13:08 | 000,019,968 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  435. [2012/05/25 21:13:08 | 000,019,968 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  436. [2012/05/25 21:04:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  437. [2012/05/25 21:04:22 | 3219,017,728 | -HS- | M] () -- C:\hiberfil.sys
  438. [2012/05/25 15:29:56 | 001,517,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  439. [2012/05/25 15:29:56 | 000,664,038 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat
  440. [2012/05/25 15:29:56 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  441. [2012/05/25 15:29:56 | 000,128,328 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat
  442. [2012/05/25 15:29:56 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  443. [2012/05/25 01:13:09 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3386592043-1472786982-427589051-1001Core.job
  444. [2012/05/23 20:22:58 | 000,178,597 | ---- | M] (Igor Pavlov) -- C:\bankerfix.exe
  445. [2012/05/23 19:24:20 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.execf
  446. [2012/05/23 19:09:02 | 000,024,576 | ---- | M] (Atribune.org) -- C:\Windows\SysWow64\VundoFixSVC.exe
  447. [2012/05/23 12:52:41 | 002,335,270 | ---- | M] () -- C:\Windows\SysWow64\aceFB11.mht
  448. [2012/05/23 11:59:09 | 000,018,904 | ---- | M] () -- C:\cc_20120523_115905.reg
  449. [2012/05/21 13:07:03 | 000,001,456 | ---- | M] () -- C:\Users\Jonathas\AppData\Local\Adobe Salvar para a Web 12.0 Prefs
  450. [2012/05/20 14:35:17 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
  451. [2012/05/15 22:47:14 | 000,000,132 | ---- | M] () -- C:\Users\Jonathas\AppData\Roaming\Preferências do formato BMP do Adobe CS5
  452. [2012/05/13 11:09:53 | 000,001,273 | ---- | M] () -- C:\Users\Jonathas\Desktop\Google Talk.lnk
  453. [2012/05/09 22:19:51 | 005,022,032 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
  454. [2012/05/07 23:45:19 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
  455. [2012/05/07 23:45:19 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
  456.  
  457. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  458.  
  459. [2012/05/23 12:52:41 | 002,335,270 | ---- | C] () -- C:\Windows\SysWow64\aceFB11.mht
  460. [2012/05/23 11:59:08 | 000,018,904 | ---- | C] () -- C:\cc_20120523_115905.reg
  461. [2012/05/19 00:24:23 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
  462. [2012/05/19 00:24:23 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
  463. [2012/05/13 11:09:53 | 000,001,273 | ---- | C] () -- C:\Users\Jonathas\Desktop\Google Talk.lnk
  464. [2012/03/17 21:42:15 | 000,000,132 | ---- | C] () -- C:\Users\Jonathas\AppData\Roaming\Preferências do formato BMP do Adobe CS5
  465. [2011/12/27 00:50:20 | 000,000,578 | ---- | C] () -- C:\Windows\M3JPEG.INI
  466. [2011/12/27 00:44:29 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
  467. [2011/11/16 11:00:03 | 000,000,132 | ---- | C] () -- C:\Users\Jonathas\AppData\Roaming\Preferências do formato PNG do Adobe CS5
  468. [2011/11/11 07:54:12 | 000,001,456 | ---- | C] () -- C:\Users\Jonathas\AppData\Local\Adobe Salvar para a Web 12.0 Prefs
  469. [2011/10/11 01:24:53 | 000,000,000 | ---- | C] () -- C:\Windows\Dssole.INI
  470. [2011/10/11 01:24:49 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\DM1USBAPIVB.dll
  471. [2011/10/11 01:06:45 | 000,000,000 | ---- | C] () -- C:\Windows\AVerCap.INI
  472. [2011/10/11 00:37:38 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
  473. [2011/10/11 00:37:37 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
  474. [2011/10/11 00:37:36 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
  475. [2011/10/11 00:37:36 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
  476. [2011/10/10 16:46:31 | 000,153,600 | ---- | C] () -- C:\Windows\SysWow64\WSContextMenu.dll
  477. [2011/10/02 23:43:19 | 000,139,264 | ---- | C] () -- C:\Windows\GeoEditAVIDll.dll
  478. [2011/10/02 20:07:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
  479. [2011/02/10 01:03:48 | 000,000,326 | ---- | C] () -- C:\Windows\primopdf.ini
  480.  
  481. [color=#E56717]========== LOP Check ==========[/color]
  482.  
  483. [2011/11/10 20:49:00 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\Ashampoo
  484. [2012/05/23 14:24:55 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\FileZilla
  485. [2011/10/10 22:44:31 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\GlobalSCAPE
  486. [2011/10/10 16:32:51 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\NCH Swift Sound
  487. [2011/11/08 00:23:51 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\NetDrive
  488. [2011/10/03 00:33:47 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\Nitro PDF
  489. [2011/10/23 15:33:41 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\OpenCandy
  490. [2012/05/25 22:48:06 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\PrimoPDF
  491. [2011/10/14 21:35:56 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\Publish Providers
  492. [2012/04/01 00:32:30 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\Sony
  493. [2011/10/14 22:05:12 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\Sony Creative Software Inc
  494. [2012/04/20 20:55:42 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\TeamViewer
  495. [2011/11/07 23:55:59 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\Thinstall
  496. [2012/05/19 21:28:26 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\uTorrent
  497. [2012/04/05 08:43:05 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\WindSolutions
  498. [2012/04/16 14:54:33 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
  499.  
  500. [color=#E56717]========== Purity Check ==========[/color]
  501.  
  502.  
  503.  
  504. [color=#E56717]========== Custom Scans ==========[/color]
  505.  
  506. [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
  507. [2011/10/11 01:05:23 | 000,000,048 | ---- | M] () -- C:\AUTOEXEC.BAT
  508. [2012/05/23 20:22:58 | 000,178,597 | ---- | M] (Igor Pavlov) -- C:\bankerfix.exe
  509. [2012/05/23 19:24:32 | 000,001,445 | ---- | M] () -- C:\Bug.txt
  510. [2010/04/01 02:54:19 | 000,000,190 | ---- | M] () -- C:\cc_20100401_025416.reg
  511. [2011/10/06 11:53:26 | 000,024,962 | ---- | M] () -- C:\cc_20111006_115317.reg
  512. [2011/10/11 01:18:17 | 000,029,290 | ---- | M] () -- C:\cc_20111011_011813.reg
  513. [2011/10/19 00:34:40 | 000,045,564 | ---- | M] () -- C:\cc_20111019_013437.reg
  514. [2011/10/19 00:53:02 | 000,000,902 | ---- | M] () -- C:\cc_20111019_015259.reg
  515. [2011/10/19 23:52:04 | 000,000,954 | ---- | M] () -- C:\cc_20111020_005200.reg
  516. [2011/10/24 14:34:12 | 000,015,150 | ---- | M] () -- C:\cc_20111024_153409.reg
  517. [2011/10/24 15:44:22 | 000,000,448 | ---- | M] () -- C:\cc_20111024_164412.reg
  518. [2011/10/26 01:40:38 | 000,001,858 | ---- | M] () -- C:\cc_20111026_024035.reg
  519. [2011/10/31 14:48:02 | 000,001,518 | ---- | M] () -- C:\cc_20111031_154759.reg
  520. [2011/11/01 14:03:28 | 000,001,136 | ---- | M] () -- C:\cc_20111101_150324.reg
  521. [2011/11/07 23:57:03 | 000,002,904 | ---- | M] () -- C:\cc_20111108_005701.reg
  522. [2011/11/08 00:30:48 | 000,000,868 | ---- | M] () -- C:\cc_20111108_013045.reg
  523. [2011/12/27 21:41:00 | 000,007,270 | ---- | M] () -- C:\cc_20111227_224056.reg
  524. [2011/12/29 02:31:17 | 000,000,774 | ---- | M] () -- C:\cc_20111229_033114.reg
  525. [2012/01/07 21:25:02 | 000,002,520 | ---- | M] () -- C:\cc_20120107_222458.reg
  526. [2012/01/10 12:47:37 | 000,003,230 | ---- | M] () -- C:\cc_20120110_134733.reg
  527. [2012/01/11 12:11:04 | 000,000,168 | ---- | M] () -- C:\cc_20120111_131101.reg
  528. [2012/04/01 12:42:45 | 000,004,156 | ---- | M] () -- C:\cc_20120401_124241.reg
  529. [2012/05/23 11:59:09 | 000,018,904 | ---- | M] () -- C:\cc_20120523_115905.reg
  530. [2012/05/25 21:04:22 | 3219,017,728 | -HS- | M] () -- C:\hiberfil.sys
  531. [2011/11/08 00:22:38 | 000,002,179 | ---- | M] () -- C:\ndsvc.log
  532. [2012/05/25 21:04:24 | 4292,026,368 | -HS- | M] () -- C:\pagefile.sys
  533. [2011/12/07 07:46:37 | 000,002,584 | ---- | M] () -- C:\Register Vegas Pro.htm
  534. [2011/10/17 22:45:46 | 000,019,123 | ---- | M] () -- C:\TCP3270.SAV
  535. [2012/05/23 19:09:01 | 000,002,986 | ---- | M] () -- C:\VundoFix.txt
  536.  
  537. [color=#A23BEC]< %systemdrive%\drivers\*.* /s >[/color]
  538.  
  539. [color=#A23BEC]< %systemdrive%\drivers\*.exe >[/color]
  540.  
  541. [color=#A23BEC]< %systemroot%\system32\drivers\*.* /90 >[/color]
  542. [2012/04/05 09:34:04 | 000,046,408 | ---- | M] (GAS Tecnologia) -- C:\Windows\system32\drivers\GbpKm.sys
  543.  
  544. [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
  545. [2009/07/14 01:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
  546.  
  547. [color=#A23BEC]< %userprofile%\configurações locais\dados de aplicativos\*.exe >[/color]
  548.  
  549. [color=#A23BEC]< %userprofile%\configurações locais\dados de aplicativos\*.txt >[/color]
  550.  
  551. [color=#A23BEC]< %userprofile%\configurações locais\dados de aplicativos\*.ini >[/color]
  552.  
  553. [color=#A23BEC]< %userprofile%\configurações locais\dados de aplicativos\*.dat /30 >[/color]
  554.  
  555. [color=#A23BEC]< %userprofile%\configurações locais\dados de aplicativos\*.dll >[/color]
  556.  
  557. [color=#A23BEC]< %userprofile%\*.exe >[/color]
  558.  
  559. [color=#A23BEC]< %userprofile%\.txt >[/color]
  560.  
  561. [color=#A23BEC]< %userprofile%\.ini >[/color]
  562.  
  563. [color=#A23BEC]< %userprofile%\.dat /30 >[/color]
  564.  
  565. [color=#A23BEC]< %userprofile%\.dll >[/color]
  566.  
  567. [color=#A23BEC]< %windir%\tasks\*.* /s >[/color]
  568. [2012/05/25 01:13:09 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3386592043-1472786982-427589051-1001Core.job
  569. [2012/05/25 22:13:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3386592043-1472786982-427589051-1001UA.job
  570. [2012/05/25 21:04:33 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
  571. [2012/04/16 14:54:33 | 000,032,608 | ---- | M] () -- C:\Windows\tasks\SCHEDLGU.TXT
  572.  
  573. [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color]
  574.  
  575. [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color]
  576. [2009/06/10 17:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
  577.  
  578. [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color]
  579.  
  580. [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color]
  581. [2009/07/14 02:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
  582. [2009/07/14 02:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
  583. [2009/07/14 02:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
  584. [2009/07/14 02:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
  585.  
  586. [color=#A23BEC]< %systemroot%\*.scr >[/color]
  587.  
  588. [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >[/color]
  589. "DefaultConnectionSettings" = [Binary data over 100 bytes]
  590. "SavedLegacySettings" = [Binary data over 100 bytes]
  591.  
  592. [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations >[/color]
  593.  
  594. [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments >[/color]
  595.  
  596. [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.* >[/color]
  597. [2012/05/13 22:11:53 | 000,000,029 | ---- | M] () -- C:\Program Files (x86)\Internet Explorer\Dec_Config.ini
  598. [2011/10/02 22:19:58 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ExtExport.exe
  599. [2011/10/02 22:19:58 | 000,002,535 | ---- | M] () -- C:\Program Files (x86)\Internet Explorer\ie9props.propdesc
  600. [2011/10/02 22:19:58 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iecleanup.exe
  601. [2011/10/02 22:19:58 | 000,307,200 | ---- | M] () -- C:\Program Files (x86)\Internet Explorer\iediagcmd.exe
  602. [2012/02/27 22:13:13 | 000,678,912 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iedvtool.dll
  603. [2011/10/02 22:19:58 | 000,466,432 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
  604. [2011/10/02 22:19:58 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
  605. [2011/10/02 22:19:58 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
  606. [2012/02/27 22:08:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll
  607. [2011/10/02 22:19:58 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
  608. [2011/10/02 22:19:58 | 000,386,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
  609. [2011/10/02 22:19:58 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll
  610. [2011/10/02 22:19:58 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\JSProfilerCore.dll
  611. [2011/10/02 22:19:58 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\jsprofilerui.dll
  612. [2009/06/10 18:14:14 | 000,265,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\msdbg2.dll
  613. [2011/10/02 22:19:58 | 000,301,056 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\networkinspection.dll
  614. [2009/06/10 18:14:15 | 000,355,832 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\pdm.dll
  615. [2012/02/27 22:58:29 | 000,141,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
  616.  
  617. [color=#E56717]========== Alternate Data Streams ==========[/color]
  618.  
  619. @Alternate Data Stream - 514 bytes -> C:\Windows\SysWow64\drivers:GbpKmAp.lst
  620. @Alternate Data Stream - 194 bytes -> C:\ProgramData\Temp:CB0AACC9
  621.  
  622. < End of report >
  623.  
  624.  
  625.  
  626.  
  627. OTL Extras logfile created on: 25/05/2012 22:56:19 - Run 1
  628. OTL by OldTimer - Version 3.2.43.1     Folder = C:\Users\Jonathas\Desktop
  629. 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  630. Internet Explorer (Version = 9.0.8112.16421)
  631. Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
  632.  
  633. 4,00 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 65,29% Memory free
  634. 7,99 Gb Paging File | 6,46 Gb Available in Paging File | 80,79% Paging File free
  635. Paging file location(s): ?:\pagefile.sys [binary data]
  636.  
  637. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  638. Drive C: | 83,51 Gb Total Space | 42,06 Gb Free Space | 50,37% Space Free | Partition Type: NTFS
  639. Drive D: | 512,56 Gb Total Space | 358,61 Gb Free Space | 69,96% Space Free | Partition Type: NTFS
  640.  
  641. Computer Name: JONATHAS-PC | User Name: Jonathas | Logged in as Administrator.
  642. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
  643. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  644.  
  645. [color=#E56717]========== Extra Registry (SafeList) ==========[/color]
  646.  
  647.  
  648. [color=#E56717]========== File Associations ==========[/color]
  649.  
  650. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
  651. .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
  652.  
  653. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
  654. .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
  655.  
  656. [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
  657. .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
  658.  
  659. [color=#E56717]========== Shell Spawning ==========[/color]
  660.  
  661. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
  662. batfile [open] -- "%1" %*
  663. cmdfile [open] -- "%1" %*
  664. comfile [open] -- "%1" %*
  665. exefile [open] -- "%1" %*
  666. helpfile [open] -- Reg Error: Key error.
  667. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
  668. InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
  669. InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
  670. piffile [open] -- "%1" %*
  671. regfile [merge] -- Reg Error: Key error.
  672. scrfile [config] -- "%1"
  673. scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
  674. scrfile [open] -- "%1" /S
  675. txtfile [edit] -- Reg Error: Key error.
  676. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
  677. Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
  678. Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
  679. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  680. Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
  681. Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
  682. Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
  683. Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  684. Folder [explore] -- Reg Error: Value error.
  685. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  686.  
  687. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
  688. batfile [open] -- "%1" %*
  689. cmdfile [open] -- "%1" %*
  690. comfile [open] -- "%1" %*
  691. cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
  692. exefile [open] -- "%1" %*
  693. helpfile [open] -- Reg Error: Key error.
  694. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
  695. piffile [open] -- "%1" %*
  696. regfile [merge] -- Reg Error: Key error.
  697. scrfile [config] -- "%1"
  698. scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
  699. scrfile [open] -- "%1" /S
  700. txtfile [edit] -- Reg Error: Key error.
  701. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
  702. Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
  703. Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
  704. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  705. Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
  706. Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
  707. Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
  708. Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  709. Folder [explore] -- Reg Error: Value error.
  710. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  711.  
  712. [color=#E56717]========== Security Center Settings ==========[/color]
  713.  
  714. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
  715. "cval" = 1
  716.  
  717. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
  718.  
  719. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
  720. "VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
  721. "AntiVirusOverride" = 0
  722. "AntiSpywareOverride" = 0
  723. "FirewallOverride" = 0
  724.  
  725. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
  726.  
  727. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
  728.  
  729. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
  730.  
  731. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
  732. "DisableMonitoring" = 1
  733. "" =
  734.  
  735. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
  736.  
  737. [color=#E56717]========== System Restore Settings ==========[/color]
  738.  
  739. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
  740. "DisableSR" = 0
  741.  
  742. [color=#E56717]========== Firewall Settings ==========[/color]
  743.  
  744. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
  745. "DisableNotifications" = 0
  746. "EnableFirewall" = 1
  747.  
  748. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
  749. "DisableNotifications" = 0
  750. "EnableFirewall" = 1
  751.  
  752. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
  753. "DisableNotifications" = 0
  754. "EnableFirewall" = 1
  755.  
  756. [color=#E56717]========== Authorized Applications List ==========[/color]
  757.  
  758.  
  759. [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
  760.  
  761. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
  762. "{057A0F8E-7FE6-482B-B726-59A952708507}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
  763. "{0AAB049E-03BA-4B63-B6F5-ADD613B3D423}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=%systemroot%\system32\vds.exe |
  764. "{0B4F4100-89D2-4C73-B9D2-D7FE92D6EE43}" = lport=443 | protocol=6 | dir=in | app=system |
  765. "{135C567D-56D7-42E4-AFD2-FD161D391E81}" = lport=2869 | protocol=6 | dir=in | app=system |
  766. "{19B1B7E6-D201-449B-A50B-37275CD112AF}" = lport=rpc | protocol=6 | dir=in | app=%systemroot%\system32\vdsldr.exe |
  767. "{1FB67C4D-D002-4DE1-89BA-39CEF830FDA1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
  768. "{2C78C640-851F-49D3-8E22-EE34A37D1570}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
  769. "{42D2882A-B976-47E7-AFA6-504F2BEC56B4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
  770. "{45146391-5007-424C-9AC0-978B8599862D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
  771. "{4B0ED091-FA83-409F-A84C-587F1FAEFFD8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
  772. "{5171CCA5-75E7-415F-A852-4F14B977F719}" = rport=138 | protocol=17 | dir=out | app=system |
  773. "{579B4368-508E-4A4B-B54F-76E7313256B8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
  774. "{5F99DFDC-FF7C-4D7F-A264-C13F9CAEACAA}" = lport=445 | protocol=6 | dir=in | app=system |
  775. "{643797D0-81B3-4409-B201-6D5F498E3680}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe |
  776. "{6B5564C6-FA2F-4E24-82B9-28E2E70ACC15}" = lport=139 | protocol=6 | dir=in | app=system |
  777. "{81500CF5-40B3-4BF5-8CBF-FB29644E3DEE}" = rport=139 | protocol=6 | dir=out | app=system |
  778. "{828CC7FC-A0EF-415E-88C3-F416ED94B097}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
  779. "{866EDB16-F59E-4C5F-BBED-85F41B7F69E2}" = rport=500 | protocol=6 | dir=out | name=vpn pm |
  780. "{872F5608-E823-4C9D-9D94-1830D8E06FB3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
  781. "{8A6CC47D-DD69-402E-A428-EBF922A22170}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
  782. "{8B3F520F-7C1F-4040-8A3A-C85EC26DF13A}" = rport=137 | protocol=17 | dir=out | app=system |
  783. "{8DD48AF0-3C9A-4809-B735-79525BDF80FB}" = lport=137 | protocol=17 | dir=in | app=system |
  784. "{9AB96BDF-3A82-496F-B9FC-9BD7526773A7}" = lport=2869 | protocol=6 | dir=in | app=system |
  785. "{A4FEFF9E-D266-4468-B9C1-A09E256BEFED}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 |
  786. "{A9DE2D65-31FB-4200-B390-6B6B6A1F6AED}" = lport=10243 | protocol=6 | dir=in | app=system |
  787. "{B5E674BA-C520-46B0-A1E9-C7C74407110E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
  788. "{C2747028-4808-457A-8E2E-7BD008D2BAB5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
  789. "{C81B586E-B698-4B60-B1EC-0EE012FD65C4}" = lport=rpc | protocol=6 | dir=in | app=%systemroot%\system32\services.exe |
  790. "{CC901218-B4D9-4A54-BA5D-DDF473DECF36}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
  791. "{D5207C51-D9C7-4805-943C-1C1CF0248DEA}" = rport=445 | protocol=6 | dir=out | app=system |
  792. "{DD273E27-A1B3-456F-A907-A38B1BFB4F2E}" = rport=10243 | protocol=6 | dir=out | app=system |
  793. "{DE980BFE-6726-4F5F-9506-E5DAF741403D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
  794. "{E4BF2254-2989-4E24-8E9E-4D4128171F4B}" = lport=445 | protocol=6 | dir=in | app=system |
  795. "{EEA96189-830A-474F-9F73-CC72D4530933}" = lport=138 | protocol=17 | dir=in | app=system |
  796.  
  797. [color=#E56717]========== Vista Active Application Exception List ==========[/color]
  798.  
  799. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
  800. "{03801863-0704-4423-A8FF-362A7016F3A8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
  801. "{0731BCE8-44FE-476A-8E0D-77B5C8FAB033}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
  802. "{18A829B5-AECF-4F4F-A323-B0CC0368E660}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
  803. "{29094EBE-31DD-4F1B-B1C4-1AEA3A3AD480}" = protocol=6 | dir=in | app=d:\fifa12_system\game\fifa.exe |
  804. "{33896ED0-7761-419A-9738-481E03F46C58}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
  805. "{36FF166E-FD63-4452-BF87-668578F0AF93}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
  806. "{3A5B82DA-BD91-47B2-99AD-877EE5ACA5FB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
  807. "{3F0807A5-BB61-45C5-B32D-A7D7E33FE198}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
  808. "{481C8382-714B-49F8-A3DA-A31F29C15032}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
  809. "{48F19086-6969-4086-A5CC-59D48E6F0D24}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
  810. "{4FD27E53-F8DE-4BA1-8076-4DCE47368255}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
  811. "{51461542-48D9-4438-AF57-7F57EBCCCE59}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
  812. "{5BD18CBE-00A6-4A78-92B7-D00438E4AA26}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
  813. "{5F203D97-C755-4920-8254-1086EB1423E7}" = protocol=17 | dir=in | app=d:\fifa12_system\game\fifa.exe |
  814. "{65070007-A802-454A-83D3-06F3BB793569}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
  815. "{66904349-CF00-4BEB-9524-3750F579280E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
  816. "{683E4137-97A5-4C41-9E58-4E873616AF5D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
  817. "{68852C9B-8A4D-4C2D-86BA-716F5767805B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
  818. "{6CB5F349-0C32-4DAE-AB0E-85C4E27F5D45}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
  819. "{6CDDA8BD-7660-4517-94E8-B9E6FA51966E}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe |
  820. "{7359547B-E23A-493D-9C77-4B5836A0B8FB}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
  821. "{73E59500-2769-493E-875E-F1DD5DE09BEF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
  822. "{79905E3D-E954-4771-AC83-CC8D68467320}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
  823. "{7CF1E9E3-AEB6-49E1-8B2E-2867AEB3A3D5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
  824. "{7FACC924-B3AD-4296-A966-3C2D327583FD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
  825. "{88E099FF-7683-4BAA-97BB-492192CC9B1B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
  826. "{8D1D837D-2255-4C78-A465-285670E71FA2}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
  827. "{8ECBBF51-AA4E-42BB-9828-409CCA2DB5E2}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
  828. "{91BAC194-51C8-49BA-B37C-9C6591F495B3}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
  829. "{9B5B075D-DBF9-4C87-BE1F-AB9E98DF4E92}" = protocol=17 | dir=in | app=c:\program files (x86)\hp\hp deskjet 3050 j610 series\bin\scantopcactivationapp.exe |
  830. "{A50D9645-5CA3-4144-AA26-4FED2727D5F6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
  831. "{A5FAD120-03C1-4CB8-9C11-D70A9D6C7FBE}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
  832. "{AA25FFF7-E1A6-4F3F-824F-504A748FACC4}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
  833. "{AC9F9052-63D1-4808-A8C8-DFA468BD6875}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
  834. "{B3FA5956-1670-46B5-8F97-126273A2642C}" = protocol=6 | dir=out | svc=msiscsi | app=%systemroot%\system32\svchost.exe |
  835. "{B47B2FFB-F218-4818-BED5-F49F0DAF5F71}" = protocol=6 | dir=in | svc=msiscsi | app=%systemroot%\system32\svchost.exe |
  836. "{BB7005E9-F2F1-42CB-A402-3E8178A3D1ED}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
  837. "{D1937D0C-4FCB-40F4-A3B0-B2CF620C3B5D}" = protocol=6 | dir=out | app=system |
  838. "{D567979B-8079-4555-8306-AF9C9E19E3DC}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
  839. "{DDDDD3AA-6856-4276-BC7F-7A12EEE02097}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe |
  840. "{E1D87C53-D51F-4958-BF65-BE71616E639C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
  841. "{E219F502-D0DF-4D6B-8192-55DDF1B0F807}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe |
  842. "{EECFECD1-AE55-4DA7-97B5-43E33652D046}" = protocol=6 | dir=in | app=c:\program files (x86)\hp\hp deskjet 3050 j610 series\bin\scantopcactivationapp.exe |
  843. "{EF6EA1F7-20B0-4D44-9917-EC6825CDD0DB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
  844. "{F284E800-C0F7-4647-99A5-B1DD3C863B3B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
  845. "{F2B40340-A468-4A1A-8A27-0F30119E21BE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
  846. "{F570A424-F55E-46D2-9089-BF55F8B479C9}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
  847. "{F80B15C0-7B6C-4137-96B6-FC46664A811F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
  848. "TCP Query User{0E6E4F54-A51F-441B-8118-611B4FB6FB00}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
  849. "TCP Query User{A56F76A5-24C6-43B7-A417-9B942762CA42}D:\fifa12_system\game\fifa.exe" = protocol=6 | dir=in | app=d:\fifa12_system\game\fifa.exe |
  850. "TCP Query User{FAC9DE91-EC8E-498A-AA4F-D9F05611D46F}C:\program files (x86)\hp\hp deskjet 3050 j610 series\bin\scantopcactivationapp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hp\hp deskjet 3050 j610 series\bin\scantopcactivationapp.exe |
  851. "TCP Query User{FD42759D-71F8-422E-BDB5-0D9FFFF81645}C:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
  852. "UDP Query User{68D5ECC6-F24E-4113-B3EB-9F904957D95F}C:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe |
  853. "UDP Query User{8985AB8A-8AD9-4FBA-85F4-5FCBC7044429}D:\fifa12_system\game\fifa.exe" = protocol=17 | dir=in | app=d:\fifa12_system\game\fifa.exe |
  854. "UDP Query User{A44D5EA6-936B-48FC-AA8A-BF2A5F6E372C}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe |
  855. "UDP Query User{EE4247F8-BACA-43EE-8EA5-6DEDF9024E3F}C:\program files (x86)\hp\hp deskjet 3050 j610 series\bin\scantopcactivationapp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hp\hp deskjet 3050 j610 series\bin\scantopcactivationapp.exe |
  856.  
  857. [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
  858.  
  859. 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
  860. "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
  861. "{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit)
  862. "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
  863. "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
  864. "{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
  865. "{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
  866. "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
  867. "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
  868. "{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu
  869. "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
  870. "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
  871. "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
  872. "{90120000-002A-0416-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007
  873. "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
  874. "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
  875. "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
  876. "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
  877. "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
  878. "{AE51CD00-2961-423C-B5DA-3D15ECC370C6}" = Software básico do dispositivo HP Deskjet 3050 J610 series
  879. "{B7693CDE-074B-301C-9584-FC4343696C8B}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack
  880. "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
  881. "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
  882. "{E4900509-77B0-4515-8061-E96237D69585}" = Sony Ericsson MD300 Wireless Modem
  883. "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
  884. "{F65B8208-5221-43D9-AA12-DDEA64EC4AF6}" = Validity Sensors software
  885. "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
  886. "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
  887. "B31F51CEC37CADDD795736ABBB212C18FD2969A3" = Pacote de Driver do Windows - Philips CL (phaudlwr) MEDIA  (05/07/2008 1.0.5.12)
  888. "CCleaner" = CCleaner
  889. "FA64675F2B582DB559A1BE34C9F1F0208D44A7FE" = Pacote de Driver do Windows - Philips USB  (05/21/2008 1.01.3.6650)
  890. "FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver
  891. "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
  892. "Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil)
  893. "Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
  894. "Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
  895. "SynTPDeinstKey" = Synaptics Pointing Device Driver
  896. "WinRAR archiver" = Arquivo do WinRAR
  897. "ZTE USB Driver" = ZTE USB Driver
  898.  
  899. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
  900. "{01A373F1-B268-43CA-A8F1-45708A62F50A}" = Miniaurélio
  901. "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
  902. "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
  903. "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
  904. "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
  905. "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
  906. "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
  907. "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
  908. "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
  909. "{0FFEA8EE-7BC7-4C9D-8CC6-5B8C891BA3F2}" = Windows Live Essentials
  910. "{100C1109-EA6C-0000-B1B8-F0038298C015}" = GbpSetup Infoseg - Senasp
  911. "{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup
  912. "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
  913. "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
  914. "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
  915. "{1AD473D7-7A47-5AEC-B45D-9B87414E7175}" = DigitalVideoConverter  v2.9.0.53
  916. "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live
  917. "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
  918. "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
  919. "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver
  920. "{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
  921. "{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
  922. "{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4
  923. "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
  924. "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
  925. "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
  926. "{40719211-D09A-11DF-BA30-0013D3D69929}" = MSVCRT Redists
  927. "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
  928. "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
  929. "{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}" = Assistente de Conexão do Windows Live
  930. "{590035D9-BFA0-406A-A7F0-479C72C0DDB2}" = Windows Live Call
  931. "{5DF7AA5E-A1CB-11E0-A7D6-0013D3D69929}" = MSVCRT Redists
  932. "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
  933. "{61B0439E-C2B2-4328-9EAC-2B36482DC717}" = BrOffice 3.3 Help Pack (Portuguese (Brazil))
  934. "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
  935. "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
  936. "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
  937. "{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Suporte para Aplicativos Apple
  938. "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
  939. "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
  940. "{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
  941. "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
  942. "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
  943. "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
  944. "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
  945. "{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007
  946. "{90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
  947. "{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007
  948. "{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
  949. "{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007
  950. "{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
  951. "{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007
  952. "{90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
  953. "{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007
  954. "{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
  955. "{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007
  956. "{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
  957. "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
  958. "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
  959. "{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
  960. "{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
  961. "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
  962. "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
  963. "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
  964. "{90120000-002A-0416-1000-0000000FF1CE}_ENTERPRISE_{51530CD1-8244-4E0F-B536-BCCC05325C7F}" = Microsoft Office 2007 Service Pack 3 (SP3)
  965. "{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007
  966. "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
  967. "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
  968. "{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007
  969. "{90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
  970. "{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007
  971. "{90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{51530CD1-8244-4E0F-B536-BCCC05325C7F}" = Microsoft Office 2007 Service Pack 3 (SP3)
  972. "{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007
  973. "{90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
  974. "{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007
  975. "{90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3)
  976. "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
  977. "{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = Telstra Turbo Connection Manager
  978. "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
  979. "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
  980. "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
  981. "{9ADC3E4F-34DA-48CD-8727-BB26D90257BD}" = Windows Live Messenger
  982. "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
  983. "{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
  984. "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
  985. "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
  986. "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
  987. "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1)
  988. "{AC76BA86-7AD7-1046-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Português
  989. "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
  990. "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
  991. "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
  992. "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
  993. "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
  994. "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
  995. "{CD068533-1A20-47F6-B1A2-196725B1320F}" = BrOffice 3.3
  996. "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
  997. "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
  998. "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
  999. "{E6F012B0-E930-11E0-A67A-F04DA23A5C58}" = Vegas Pro 11.0
  1000. "{E9627240-E930-11E0-8690-F04DA23A5C58}" = MSVCRT Redists
  1001. "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
  1002. "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
  1003. "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
  1004. "{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Ajuda
  1005. "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
  1006. "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
  1007. "Adobe AIR" = Adobe AIR
  1008. "Adobe Shockwave Player" = Adobe Shockwave Player 11.6
  1009. "Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4
  1010. "Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
  1011. "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
  1012. "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
  1013. "Daniusoft Video Converter Free_is1" = Daniusoft Video Converter Free(Build 3.0.0.1)
  1014. "ENTERPRISE" = Microsoft Office Enterprise 2007
  1015. "FileZilla Client" = FileZilla Client 3.5.1
  1016. "HijackThis" = HijackThis 1.99.1
  1017. "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam
  1018. "InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010
  1019. "KLiteCodecPack_is1" = K-Lite Codec Pack 7.7.0 (Full)
  1020. "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versão 1.61.0.1400
  1021. "Microsoft DirectX SDK (June 2010)" = Microsoft DirectX SDK (June 2010)
  1022. "Mozilla Firefox 8.0.1 (x86 pt-BR)" = Mozilla Firefox 8.0.1 (x86 pt-BR)
  1023. "NetSurveillance" = NetSurveillance
  1024. "PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
  1025. "Revo Uninstaller" = Revo Uninstaller 1.90
  1026. "TeamViewer 7" = TeamViewer 7
  1027. "TFTP Client" = TFTP Client
  1028. "The KMPlayer" = The KMPlayer (remove only)
  1029. "UltraISO_is1" = UltraISO Premium V9.35
  1030. "uTorrent" = µTorrent
  1031. "Winamp" = Winamp
  1032. "WinLiveSuite_Wave3" = Windows Live Essentials
  1033.  
  1034. [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
  1035.  
  1036. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
  1037. "Google Chrome" = Google Chrome
  1038. "Winamp Detect" = Winamp Detectar Aplicação
  1039.  
  1040. [color=#E56717]========== Last 10 Event Log Errors ==========[/color]
  1041.  
  1042. [ Application Events ]
  1043. Error - 23/05/2012 18:40:22 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  1044. Description = Falha ao extrair lista raiz de terceiros do arquivo cab de atualização
  1045.  automática de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  1046.  com erro: Um certificado necessário não está no período de validade ao ser verificado
  1047.  em relação à hora atual do sistema ou ao carimbo de data/hora no arquivo assinado.
  1048. .
  1049.  
  1050. Error - 24/05/2012 00:04:39 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  1051. Description = Falha ao extrair lista raiz de terceiros do arquivo cab de atualização
  1052.  automática de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  1053.  com erro: Um certificado necessário não está no período de validade ao ser verificado
  1054.  em relação à hora atual do sistema ou ao carimbo de data/hora no arquivo assinado.
  1055. .
  1056.  
  1057. Error - 24/05/2012 00:04:39 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  1058. Description = Falha ao extrair lista raiz de terceiros do arquivo cab de atualização
  1059.  automática de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  1060.  com erro: Um certificado necessário não está no período de validade ao ser verificado
  1061.  em relação à hora atual do sistema ou ao carimbo de data/hora no arquivo assinado.
  1062. .
  1063.  
  1064. Error - 24/05/2012 00:54:35 | Computer Name = Jonathas-PC | Source = ESENT | ID = 215
  1065. Description = wlcomm (5080) C:\Users\Jonathas\AppData\Local\Microsoft\Windows Live
  1066.  Contacts\{3be22114-822b-48dc-9ccc-91f04368145c}\: O backup parou porque ele foi
  1067.  interrompido pelo cliente ou houve falha na conexão com o cliente.
  1068.  
  1069. Error - 24/05/2012 13:01:11 | Computer Name = Jonathas-PC | Source = SideBySide | ID = 16842815
  1070. Description = Falha na geração de contexto de ativação para "C:\Program Files (x86)\Common
  1071.  Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Erro no arquivo de manifesto ou de
  1072.  diretiva C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll",
  1073.  na linha 3.  O valor "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
  1074.  do atributo version no elemento assemblyIdentity é inválido.
  1075.  
  1076. Error - 24/05/2012 13:03:42 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  1077. Description = Falha ao extrair lista raiz de terceiros do arquivo cab de atualização
  1078.  automática de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  1079.  com erro: Um certificado necessário não está no período de validade ao ser verificado
  1080.  em relação à hora atual do sistema ou ao carimbo de data/hora no arquivo assinado.
  1081. .
  1082.  
  1083. Error - 24/05/2012 13:03:42 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  1084. Description = Falha ao extrair lista raiz de terceiros do arquivo cab de atualização
  1085.  automática de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  1086.  com erro: Um certificado necessário não está no período de validade ao ser verificado
  1087.  em relação à hora atual do sistema ou ao carimbo de data/hora no arquivo assinado.
  1088. .
  1089.  
  1090. Error - 25/05/2012 20:33:50 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  1091. Description = Falha ao extrair lista raiz de terceiros do arquivo cab de atualização
  1092.  automática de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  1093.  com erro: Um certificado necessário não está no período de validade ao ser verificado
  1094.  em relação à hora atual do sistema ou ao carimbo de data/hora no arquivo assinado.
  1095. .
  1096.  
  1097. Error - 25/05/2012 20:33:50 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
  1098. Description = Falha ao extrair lista raiz de terceiros do arquivo cab de atualização
  1099.  automática de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>
  1100.  com erro: Um certificado necessário não está no período de validade ao ser verificado
  1101.  em relação à hora atual do sistema ou ao carimbo de data/hora no arquivo assinado.
  1102. .
  1103.  
  1104. Error - 25/05/2012 21:56:02 | Computer Name = Jonathas-PC | Source = Application Hang | ID = 1002
  1105. Description = O programa OTL.exe versão 3.2.43.1 parou de interagir com o Windows
  1106.  e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique
  1107.  o histórico de problemas no painel de controle da Central de Ações.    ID de Processo:
  1108.  e7c    Hora de Início: 01cd3ae24a7619c6    Hora de Término: 0    Caminho do Aplicativo: C:\Users\Jonathas\Desktop\OTL.exe
  1109.  
  1110. Id
  1111.  do Relatório:  
  1112.  
  1113. [ OSession Events ]
  1114. Error - 03/11/2011 12:27:03 | Computer Name = Jonathas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
  1115. Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
  1116.  12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 776
  1117.  seconds with 600 seconds of active time.  This session ended with a crash.
  1118.  
  1119. Error - 03/11/2011 12:33:07 | Computer Name = Jonathas-PC | Source = Microsoft Office 12 Sessions | ID = 7001
  1120. Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
  1121.  12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 313
  1122.  seconds with 300 seconds of active time.  This session ended with a crash.
  1123.  
  1124. [ System Events ]
  1125. Error - 25/05/2012 20:04:34 | Computer Name = Jonathas-PC | Source = Service Control Manager | ID = 7000
  1126. Description = Não foi possível iniciar o serviço Aspi32 devido ao seguinte erro:
  1127.    %%2
  1128.  
  1129. Error - 25/05/2012 20:04:34 | Computer Name = Jonathas-PC | Source = Service Control Manager | ID = 7000
  1130. Description = Não foi possível iniciar o serviço DM1Service devido ao seguinte erro:
  1131.    %%2
  1132.  
  1133. Error - 25/05/2012 20:04:34 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
  1134. Description = Ocorreu um erro ao tentar ler o arquivo de hosts locais.
  1135.  
  1136. Error - 25/05/2012 20:04:36 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
  1137. Description = Ocorreu um erro ao tentar ler o arquivo de hosts locais.
  1138.  
  1139. Error - 25/05/2012 20:04:41 | Computer Name = Jonathas-PC | Source = Service Control Manager | ID = 7026
  1140. Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema
  1141. ou de inicialização:   vflt
  1142.  
  1143. Error - 25/05/2012 20:04:42 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
  1144. Description = Ocorreu um erro ao tentar ler o arquivo de hosts locais.
  1145.  
  1146. Error - 25/05/2012 20:04:47 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
  1147. Description = Ocorreu um erro ao tentar ler o arquivo de hosts locais.
  1148.  
  1149. Error - 25/05/2012 20:04:51 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
  1150. Description = Ocorreu um erro ao tentar ler o arquivo de hosts locais.
  1151.  
  1152. Error - 25/05/2012 21:16:09 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
  1153. Description = Ocorreu um erro ao tentar ler o arquivo de hosts locais.
  1154.  
  1155. Error - 25/05/2012 21:16:09 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
  1156. Description = Ocorreu um erro ao tentar ler o arquivo de hosts locais.
  1157.  
  1158.  
  1159. < End of report >
clone this paste RAW Paste Data