API tools faq
paste
Advertisement
Guest User

Relatório OTL

a guest
Dec 19th, 2012
96
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 35.19 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 19/12/2012 09:44:39 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Estéfany\Downloads
  3. Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
  4. Internet Explorer (Version = 8.0.7600.16385)
  5. Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy
  6.  
  7. 1,93 Gb Total Physical Memory | 1,23 Gb Available Physical Memory | 63,56% Memory free
  8. 3,87 Gb Paging File | 2,92 Gb Available in Paging File | 75,46% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
  12. Drive C: | 244,14 Gb Total Space | 178,90 Gb Free Space | 73,27% Space Free | Partition Type: NTFS
  13. Drive D: | 221,61 Gb Total Space | 221,22 Gb Free Space | 99,82% Space Free | Partition Type: NTFS
  14.  
  15. Computer Name: ESTÉFANY-PC | User Name: Estéfany | Logged in as Administrator.
  16. Boot Mode: Normal | Scan Mode: All users
  17. Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  18.  
  19. [color=#E56717]========== Processes (SafeList) ==========[/color]
  20.  
  21. PRC - [2012/12/19 09:44:08 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Estéfany\Downloads\OTL.exe
  22. PRC - [2012/11/13 21:10:45 | 000,968,592 | ---- | M] (BitTorrent, Inc.) -- C:\Arquivos de programas\uTorrent\uTorrent.exe
  23. PRC - [2012/10/31 20:15:08 | 001,242,136 | ---- | M] (Google Inc.) -- C:\Arquivos de programas\Google\Chrome\Application\chrome.exe
  24. PRC - [2012/10/30 20:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
  25. PRC - [2012/10/30 20:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  26. PRC - [2012/07/27 18:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
  27. PRC - [2012/05/29 21:08:48 | 000,172,032 | ---- | M] (CompSoft) -- C:\Arquivos de programas\DoroPDFWriter\DoroServer.exe
  28. PRC - [2012/03/19 09:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Arquivos de programas\TeamViewer\Version7\TeamViewer_Service.exe
  29. PRC - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
  30. PRC - [2010/04/16 23:12:18 | 003,872,080 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe
  31. PRC - [2009/10/16 10:44:14 | 001,600,816 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Tools\InCD\NBHGui.exe
  32. PRC - [2009/10/16 10:44:10 | 001,420,592 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Tools\InCD\InCDSrv.exe
  33. PRC - [2009/10/16 10:44:06 | 001,060,136 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Tools\InCD\InCD.exe
  34. PRC - [2009/07/13 23:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
  35. PRC - [2009/07/13 23:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
  36. PRC - [2006/11/03 00:31:44 | 000,914,944 | ---- | M] (Microsoft Corporation) -- C:\Arquivos de programas\Windows Media Player\wmpnetwk.exe
  37.  
  38.  
  39. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  40.  
  41. MOD - [2012/12/04 23:15:15 | 000,460,904 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
  42. MOD - [2012/12/04 23:15:14 | 004,008,040 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
  43. MOD - [2012/12/04 23:14:29 | 000,587,880 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\libglesv2.dll
  44. MOD - [2012/12/04 23:14:28 | 000,124,520 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\libegl.dll
  45. MOD - [2012/12/04 23:14:21 | 000,157,304 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avutil-51.dll
  46. MOD - [2012/12/04 23:14:20 | 000,275,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avformat-54.dll
  47. MOD - [2012/12/04 23:14:19 | 002,168,952 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll
  48. MOD - [2010/01/30 02:41:12 | 004,254,560 | ---- | M] () -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
  49.  
  50.  
  51. [color=#E56717]========== Services (SafeList) ==========[/color]
  52.  
  53. SRV - [2012/10/30 20:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
  54. SRV - [2012/07/27 18:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
  55. SRV - [2012/03/19 09:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Arquivos de Programas\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
  56. SRV - [2011/04/01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
  57. SRV - [2011/03/28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
  58. SRV - [2010/03/25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
  59. SRV - [2009/10/16 10:44:18 | 000,053,560 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Program Files\Nero\Tools\InCD\NBHRegInCDSrv.exe -- (NeroRegInCDSrv)
  60. SRV - [2009/10/16 10:44:10 | 001,420,592 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Nero\Tools\InCD\InCDSrv.exe -- (InCDSrv)
  61. SRV - [2009/07/13 23:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
  62. SRV - [2009/07/13 23:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
  63. SRV - [2009/07/13 23:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
  64. SRV - [2006/11/03 00:31:44 | 000,914,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Arquivos de Programas\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
  65.  
  66.  
  67. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  68.  
  69. DRV - [2012/10/30 20:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
  70. DRV - [2012/10/30 20:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
  71. DRV - [2012/10/30 20:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
  72. DRV - [2012/10/30 20:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
  73. DRV - [2012/10/30 20:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
  74. DRV - [2012/10/15 12:59:28 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
  75. DRV - [2009/10/16 10:43:04 | 000,130,200 | ---- | M] (Nero AG) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\InCDFs.sys -- (InCDFs)
  76. DRV - [2009/10/16 10:42:58 | 000,019,096 | ---- | M] (Nero AG) [File_System | System | Running] -- C:\Windows\System32\drivers\InCDRec.sys -- (InCDRec)
  77. DRV - [2009/10/16 10:42:50 | 000,048,280 | ---- | M] (Nero AG) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\InCDPass.sys -- (InCDPass)
  78. DRV - [2009/07/13 23:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
  79. DRV - [2009/07/13 23:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
  80. DRV - [2009/07/13 23:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
  81. DRV - [2009/07/13 21:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
  82. DRV - [2009/07/13 21:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
  83. DRV - [2009/07/13 21:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
  84.  
  85.  
  86. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  87.  
  88.  
  89. [color=#E56717]========== Internet Explorer ==========[/color]
  90.  
  91. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://br.hao123.com/?tn=smt_hp_hao123_br
  92. IE - HKLM\..\SearchScopes,DefaultScope =
  93. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  94. IE - HKLM\..\SearchScopes\{E627DC4B-8C04-4234-A2D4-1D634EE01C41}: "URL" = http://www.bigseekpro.com/search/toolbar/hao123/{0BEB7EFC-1B52-92D2-3A7F-D757ED00F9B2}?q={searchTerms}
  95.  
  96.  
  97. IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
  98. IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  99.  
  100. IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
  101. IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  102.  
  103. IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
  104.  
  105. IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
  106.  
  107. IE - HKU\S-1-5-21-2416928252-1431641652-4129932973-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://br.hao123.com/?tn=smt_hp_hao123_br
  108. IE - HKU\S-1-5-21-2416928252-1431641652-4129932973-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp
  109. IE - HKU\S-1-5-21-2416928252-1431641652-4129932973-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br
  110. IE - HKU\S-1-5-21-2416928252-1431641652-4129932973-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F7 E9 F2 82 E4 C4 CD 01 [binary data]
  111. IE - HKU\S-1-5-21-2416928252-1431641652-4129932973-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  112. IE - HKU\S-1-5-21-2416928252-1431641652-4129932973-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  113. IE - HKU\S-1-5-21-2416928252-1431641652-4129932973-1000\..\SearchScopes\{E627DC4B-8C04-4234-A2D4-1D634EE01C41}: "URL" = http://www.bigseekpro.com/search/toolbar/hao123/{0BEB7EFC-1B52-92D2-3A7F-D757ED00F9B2}?q={searchTerms}
  114. IE - HKU\S-1-5-21-2416928252-1431641652-4129932973-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  115.  
  116.  
  117. [color=#E56717]========== FireFox ==========[/color]
  118.  
  119. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
  120. FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  121. FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
  122. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  123. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  124. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
  125. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
  126. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  127.  
  128.  
  129.  
  130. [color=#E56717]========== Chrome ==========[/color]
  131.  
  132. CHR - homepage:
  133. CHR - default_search_provider: Google (Enabled)
  134. CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
  135. CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
  136. CHR - homepage:
  137. CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
  138. CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
  139. CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
  140. CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
  141. CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Est\u00E9fany\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\plugins/avgnpss.dll
  142. CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
  143. CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
  144. CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
  145. CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
  146. CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll
  147. CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
  148. CHR - Extension: Google Drive = C:\Users\Estéfany\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
  149. CHR - Extension: YouTube = C:\Users\Estéfany\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
  150. CHR - Extension: Pesquisa do Google = C:\Users\Estéfany\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
  151. CHR - Extension: avast! WebRep = C:\Users\Estéfany\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
  152. CHR - Extension: Gmail = C:\Users\Estéfany\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
  153.  
  154. O1 HOSTS File: ([2009/06/10 19:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
  155. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
  156. O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
  157. O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
  158. O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
  159. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
  160. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
  161. O4 - HKLM..\Run: [] File not found
  162. O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
  163. O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
  164. O4 - HKLM..\Run: [DoroServer] C:\Arquivos de Programas\DoroPDFWriter\DoroServer.exe (CompSoft)
  165. O4 - HKLM..\Run: [InCD] C:\Program Files\Nero\Tools\InCD\InCD.exe (Nero AG)
  166. O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
  167. O4 - HKLM..\Run: [NBHGui] C:\Program Files\Nero\Tools\InCD\NBHGui.exe (Nero AG)
  168. O4 - HKU\S-1-5-21-2416928252-1431641652-4129932973-1000..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
  169. O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
  170. O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
  171. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  172. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  173. O8 - Extra context menu item: &Enviar para o OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
  174. O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
  175. O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
  176. O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
  177. O9 - Extra Button: &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
  178. O9 - Extra 'Tools' menuitem : &Anotações Vinculadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
  179. O13 - gopher Prefix: missing
  180. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 192.168.1.1
  181. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A89A228-CF0C-4DEB-8B38-D92263895080}: DhcpNameServer = 8.8.8.8 8.8.4.4 192.168.1.1
  182. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  183. O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
  184. O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
  185. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  186. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
  187. O32 - HKLM CDRom: AutoRun - 1
  188. O32 - AutoRun File - [2009/06/10 19:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
  189. O34 - HKLM BootExecute: (autocheck autochk *)
  190. O35 - HKLM\..comfile [open] -- "%1" %*
  191. O35 - HKLM\..exefile [open] -- "%1" %*
  192. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  193. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  194. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  195. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  196. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  197.  
  198. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  199.  
  200. [2012/12/19 09:36:34 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{3BBA0269-AD6F-4D3C-99EB-4D5D58740287}
  201. [2012/12/18 16:36:18 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{18E66E54-2221-456C-875D-0B5F80B5941F}
  202. [2012/12/17 21:39:32 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{99762D87-F1E8-4E74-88CD-209BB5063554}
  203. [2012/12/17 12:00:11 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\Desktop\Colocar pen drive
  204. [2012/12/17 09:24:44 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
  205. [2012/12/17 07:38:33 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{BAEDE0E7-6E5C-4358-A548-B0CB100DFE74}
  206. [2012/12/16 09:09:54 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{A6AC459C-7B90-4773-9AEC-1F4AE30A1888}
  207. [2012/12/15 19:35:51 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{E2BE3C03-CFBF-412B-91F4-6BD75FDA57CF}
  208. [2012/12/15 19:27:27 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{590F5523-D314-45BA-B049-1C489E87F4D8}
  209. [2012/12/14 22:39:43 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\Microsoft Games
  210. [2012/12/14 22:34:10 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{3D538A84-1F4E-4AE6-871E-04642BCEF1E5}
  211. [2012/12/14 20:14:20 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{491C1E99-8BEE-4A2E-B8CF-07B48673FCCD}
  212. [2012/12/14 20:10:17 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{6D295609-9E6C-4C3E-8FEA-BB79776CE737}
  213. [2012/12/13 21:34:08 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{98F4ECC3-4F8C-43F5-9DB5-B8DBBE67F639}
  214. [2012/12/11 20:11:52 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{6C1CD312-32C6-45CF-9E41-745DEECA7338}
  215. [2012/12/10 21:14:39 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{9A3E8788-59A1-40A5-B10F-5B3F0C5464E0}
  216. [2012/12/09 23:34:40 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{86B3B302-A06E-43B9-9D65-7809D7C5F596}
  217. [2012/12/07 21:42:07 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{A3B6BE5A-B47C-4A25-B094-AD8706E6B12B}
  218. [2012/12/06 21:19:03 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{AF17E1D3-1D29-4C46-B8D5-D2A994DDE7C3}
  219. [2012/12/06 21:14:17 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{AEE87083-6BAE-4E60-A29D-15856B51A98D}
  220. [2012/12/05 20:14:24 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{4C2F064E-A2E5-486C-80EB-F170BC5D4671}
  221. [2012/12/04 21:04:18 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{B92A6C6D-4841-4A03-A128-C975F410DEB0}
  222. [2012/12/03 22:55:55 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{476EB8BC-F3BE-45B0-931D-E36085591FAC}
  223. [2012/12/01 12:06:54 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\Documents\ana márcia
  224. [2012/12/01 11:22:30 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{E33D514A-84F2-4BAA-B471-9E7EC625C177}
  225. [2012/11/30 23:21:34 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{08783EB9-0CC8-4AAE-BEB6-E51F83E72031}
  226. [2012/11/29 21:02:13 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{EC764DFF-CDD0-4237-8B4E-5E955292CFD0}
  227. [2012/11/29 20:12:00 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{6A1E48C8-44BE-4586-9E84-C89FCB546250}
  228. [2012/11/28 23:28:38 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
  229. [2012/11/28 23:28:38 | 000,000,000 | ---D | C] -- C:\Program Files\HP Photo Creations
  230. [2012/11/28 23:28:32 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Roaming\HpUpdate
  231. [2012/11/28 23:28:22 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
  232. [2012/11/28 23:28:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
  233. [2012/11/28 23:27:34 | 000,000,000 | ---D | C] -- C:\Program Files\HP
  234. [2012/11/28 23:27:04 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\HP
  235. [2012/11/28 23:18:08 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\ElevatedDiagnostics
  236. [2012/11/28 23:13:11 | 000,000,000 | R--D | C] -- C:\Users\Estéfany\Documents\Scanned Documents
  237. [2012/11/28 23:13:10 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\Documents\Fax
  238. [2012/11/28 20:53:06 | 000,019,096 | ---- | C] (Nero AG) -- C:\Windows\System32\drivers\InCDRec.sys
  239. [2012/11/28 20:53:03 | 000,130,200 | ---- | C] (Nero AG) -- C:\Windows\System32\drivers\InCDFs.sys
  240. [2012/11/28 20:53:00 | 000,048,280 | ---- | C] (Nero AG) -- C:\Windows\System32\drivers\InCDPass.sys
  241. [2012/11/28 20:40:17 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
  242. [2012/11/28 20:23:07 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{A7D5A030-47F5-44F2-B3BC-D7F2339A59AE}
  243. [2012/11/27 19:04:52 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{1293DFE5-409C-4446-8A22-F947EFB9FD07}
  244. [2012/11/26 19:26:34 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{74D7016D-7E39-4FBE-9C77-6E16ADF82CC0}
  245. [2012/11/25 23:53:35 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Roaming\Nero
  246. [2012/11/25 23:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
  247. [2012/11/25 14:52:08 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{50733269-4C3B-4D5B-A5A7-A88EC0C2E27C}
  248. [2012/11/24 22:17:07 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Roaming\vlc
  249. [2012/11/24 20:41:18 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{1DCE45D9-B8B2-4A18-88C6-D97EB27B4EB0}
  250. [2012/11/23 17:41:22 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{579E5E47-44C7-444A-A9D2-D6D72F96F428}
  251. [2012/11/22 20:48:10 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{DE2417A9-F5FC-4447-894A-172B7C223BD5}
  252. [2012/11/21 20:17:56 | 000,000,000 | ---D | C] -- C:\Program Files\Hao123.com
  253. [2012/11/21 20:17:47 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\Songr
  254. [2012/11/21 19:59:53 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{0DD04CB2-44A6-4129-A284-6D294906E41F}
  255. [2012/11/21 01:36:36 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{0E248291-69D0-46C2-B59F-AC8F077E28C0}
  256. [2012/11/20 20:44:45 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\Adobe
  257. [2012/11/20 20:40:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
  258. [2012/11/20 20:40:11 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
  259. [2012/11/20 20:36:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
  260. [2012/11/20 20:35:54 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
  261. [2012/11/20 20:35:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
  262. [2012/11/20 20:35:06 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Roaming\DVDVideoSoft
  263. [2012/11/20 20:28:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
  264. [2012/11/20 20:28:52 | 000,000,000 | ---D | C] -- C:\Program Files\Auslogics
  265. [2012/11/20 20:21:54 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
  266. [2012/11/20 20:17:04 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
  267. [2012/11/20 20:17:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
  268. [2012/11/20 20:17:03 | 000,361,032 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
  269. [2012/11/20 20:16:59 | 000,044,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
  270. [2012/11/20 20:16:57 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
  271. [2012/11/20 20:16:56 | 000,738,504 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
  272. [2012/11/20 20:16:52 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
  273. [2012/11/20 20:16:32 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
  274. [2012/11/20 20:16:31 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
  275. [2012/11/20 20:16:18 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
  276. [2012/11/20 20:16:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
  277. [2012/11/20 12:02:41 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{E0FAAC7F-6B6A-4D50-8C1A-62264E590BE5}
  278. [2012/11/20 12:02:41 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{309EE7C5-C663-49FC-B1F5-A6110BF1746E}
  279. [2012/11/19 16:01:22 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
  280. [2012/11/19 15:06:36 | 000,000,000 | ---D | C] -- C:\Users\Estéfany\AppData\Local\{4525E408-C99B-4F06-AAE1-C0A28513123E}
  281.  
  282. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  283.  
  284. [2012/12/19 09:43:20 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  285. [2012/12/19 09:43:20 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  286. [2012/12/19 09:36:09 | 000,001,056 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  287. [2012/12/19 09:35:48 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  288. [2012/12/19 09:35:45 | 1558,110,208 | -HS- | M] () -- C:\hiberfil.sys
  289. [2012/12/19 00:10:00 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  290. [2012/12/18 21:27:20 | 180,811,844 | ---- | M] () -- C:\Windows\MEMORY.DMP
  291. [2012/12/17 12:01:19 | 000,048,128 | -H-- | M] () -- C:\Users\Estéfany\Desktop\photothumb.db
  292. [2012/12/17 09:24:49 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
  293. [2012/12/15 09:47:23 | 000,654,272 | ---- | M] () -- C:\Windows\System32\prfh0416.dat
  294. [2012/12/15 09:47:23 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
  295. [2012/12/15 09:47:23 | 000,124,724 | ---- | M] () -- C:\Windows\System32\prfc0416.dat
  296. [2012/12/15 09:47:23 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
  297. [2012/12/15 09:41:55 | 000,122,405 | ---- | M] () -- C:\Users\Estéfany\Desktop\niver tio lenilson 020.jpg
  298. [2012/12/06 21:18:48 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
  299. [2012/12/06 21:18:48 | 000,002,039 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
  300. [2012/12/05 20:34:17 | 000,545,734 | ---- | M] () -- C:\Users\Estéfany\Desktop\peixes-fundo-mar-wallpaper.jpg
  301. [2012/11/28 23:28:39 | 000,001,059 | ---- | M] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
  302. [2012/11/28 23:28:19 | 000,001,194 | ---- | M] () -- C:\Users\Public\Desktop\Compre suprimentos - HP Deskjet 1050 J410 series.lnk
  303. [2012/11/28 23:28:18 | 000,002,236 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 1050 J410 series.lnk
  304. [2012/11/28 23:28:18 | 000,001,189 | ---- | M] () -- C:\Users\Public\Desktop\HP Deskjet 1050 J410 series Scan.lnk
  305. [2012/11/28 23:03:31 | 000,003,426 | ---- | M] () -- C:\Users\Estéfany\Documents\Estacio_de_sa_logo_ri.jpg
  306. [2012/11/26 19:28:20 | 000,000,000 | ---- | M] () -- C:\Users\Estéfany\AppData\Roaming\.NANotifyHere
  307. [2012/11/21 20:37:30 | 000,407,872 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
  308. [2012/11/21 20:18:03 | 000,001,039 | ---- | M] () -- C:\Users\Estéfany\Desktop\Songr.lnk
  309. [2012/11/21 20:07:35 | 000,000,371 | ---- | M] () -- C:\Users\Estéfany\Desktop\Meus documentos.lnk
  310. [2012/11/21 20:07:34 | 000,000,764 | ---- | M] () -- C:\Users\Estéfany\Desktop\Internet Download Manager.lnk
  311. [2012/11/20 20:40:14 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
  312. [2012/11/20 20:36:05 | 000,002,252 | ---- | M] () -- C:\Users\Estéfany\Desktop\Free Video to JPG Converter.lnk
  313. [2012/11/20 20:36:05 | 000,001,201 | ---- | M] () -- C:\Users\Estéfany\Desktop\DVDVideoSoft Free Studio.lnk
  314. [2012/11/20 20:28:54 | 000,001,208 | ---- | M] () -- C:\Users\Estéfany\Desktop\Auslogics Disk Defrag.lnk
  315. [2012/11/20 20:21:54 | 000,001,226 | ---- | M] () -- C:\Users\Estéfany\Desktop\Revo Uninstaller.lnk
  316. [2012/11/20 14:55:39 | 004,648,157 | ---- | M] () -- C:\Users\Estéfany\Desktop\Jorge e Mateus Flor.mp3
  317.  
  318. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  319.  
  320. [2012/12/17 09:24:49 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
  321. [2012/12/17 09:24:49 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk
  322. [2012/12/15 09:36:56 | 000,122,405 | ---- | C] () -- C:\Users\Estéfany\Desktop\niver tio lenilson 020.jpg
  323. [2012/12/05 20:34:16 | 000,545,734 | ---- | C] () -- C:\Users\Estéfany\Desktop\peixes-fundo-mar-wallpaper.jpg
  324. [2012/11/28 23:28:39 | 000,001,059 | ---- | C] () -- C:\Users\Public\Desktop\HP Photo Creations.lnk
  325. [2012/11/28 23:28:19 | 000,001,194 | ---- | C] () -- C:\Users\Public\Desktop\Compre suprimentos - HP Deskjet 1050 J410 series.lnk
  326. [2012/11/28 23:28:18 | 000,002,236 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 1050 J410 series.lnk
  327. [2012/11/28 23:28:18 | 000,001,189 | ---- | C] () -- C:\Users\Public\Desktop\HP Deskjet 1050 J410 series Scan.lnk
  328. [2012/11/28 23:03:30 | 000,003,426 | ---- | C] () -- C:\Users\Estéfany\Documents\Estacio_de_sa_logo_ri.jpg
  329. [2012/11/26 19:28:20 | 000,000,000 | ---- | C] () -- C:\Users\Estéfany\AppData\Roaming\.NANotifyHere
  330. [2012/11/21 21:04:15 | 180,811,844 | ---- | C] () -- C:\Windows\MEMORY.DMP
  331. [2012/11/21 20:18:03 | 000,001,047 | ---- | C] () -- C:\Users\Estéfany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Songr.lnk
  332. [2012/11/21 20:18:03 | 000,001,039 | ---- | C] () -- C:\Users\Estéfany\Desktop\Songr.lnk
  333. [2012/11/20 20:40:14 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
  334. [2012/11/20 20:36:05 | 000,002,252 | ---- | C] () -- C:\Users\Estéfany\Desktop\Free Video to JPG Converter.lnk
  335. [2012/11/20 20:36:05 | 000,001,201 | ---- | C] () -- C:\Users\Estéfany\Desktop\DVDVideoSoft Free Studio.lnk
  336. [2012/11/20 20:28:54 | 000,001,208 | ---- | C] () -- C:\Users\Estéfany\Desktop\Auslogics Disk Defrag.lnk
  337. [2012/11/20 20:21:54 | 000,001,226 | ---- | C] () -- C:\Users\Estéfany\Desktop\Revo Uninstaller.lnk
  338. [2012/11/20 20:17:04 | 000,002,039 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
  339. [2012/11/20 16:11:01 | 000,048,128 | -H-- | C] () -- C:\Users\Estéfany\Desktop\photothumb.db
  340. [2012/11/20 14:55:27 | 004,648,157 | ---- | C] () -- C:\Users\Estéfany\Desktop\Jorge e Mateus Flor.mp3
  341. [2012/11/17 21:51:48 | 000,000,208 | ---- | C] () -- C:\Windows\ODBCINST.INI
  342. [2012/11/17 21:46:40 | 000,027,520 | ---- | C] () -- C:\Users\Estéfany\AppData\Local\dt.dat
  343.  
  344. [color=#E56717]========== ZeroAccess Check ==========[/color]
  345.  
  346. [2009/07/14 02:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  347.  
  348. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  349.  
  350. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  351.  
  352. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  353. "" = %SystemRoot%\system32\shell32.dll -- [2009/07/13 23:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
  354. "ThreadingModel" = Apartment
  355.  
  356. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  357. "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 23:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
  358. "ThreadingModel" = Free
  359.  
  360. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  361. "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 23:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
  362. "ThreadingModel" = Both
  363.  
  364. [color=#E56717]========== LOP Check ==========[/color]
  365.  
  366. [2012/11/17 22:32:03 | 000,000,000 | ---D | M] -- C:\Users\Estéfany\AppData\Roaming\AnvSoft
  367. [2012/11/17 22:29:08 | 000,000,000 | ---D | M] -- C:\Users\Estéfany\AppData\Roaming\Auslogics
  368. [2012/12/17 10:31:46 | 000,000,000 | ---D | M] -- C:\Users\Estéfany\AppData\Roaming\DMCache
  369. [2012/11/20 20:36:13 | 000,000,000 | ---D | M] -- C:\Users\Estéfany\AppData\Roaming\DVDVideoSoft
  370. [2012/11/17 22:15:52 | 000,000,000 | ---D | M] -- C:\Users\Estéfany\AppData\Roaming\PhotoScape
  371. [2012/12/19 09:46:29 | 000,000,000 | ---D | M] -- C:\Users\Estéfany\AppData\Roaming\uTorrent
  372.  
  373. [color=#E56717]========== Purity Check ==========[/color]
  374.  
  375.  
  376.  
  377. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!