OTL logfile created on: 25/05/2012 22:56:19 - Run 1 OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Jonathas\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 65,29% Memory free 7,99 Gb Paging File | 6,46 Gb Available in Paging File | 80,79% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 83,51 Gb Total Space | 42,06 Gb Free Space | 50,37% Space Free | Partition Type: NTFS Drive D: | 512,56 Gb Total Space | 358,61 Gb Free Space | 69,96% Space Free | Partition Type: NTFS Computer Name: JONATHAS-PC | User Name: Jonathas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Processes (SafeList) ==========[/color] PRC - [2012/05/25 22:48:36 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jonathas\Desktop\OTL.exe PRC - [2012/05/09 09:02:12 | 000,214,088 | ---- | M] ( ) -- C:\PROGRA~2\GbPlugin\GbpSv.exe PRC - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012/04/04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012/01/19 08:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe PRC - [2011/10/03 01:25:39 | 000,340,520 | ---- | M] (Kaspersky Lab) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2010/07/30 09:53:18 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe PRC - [2009/06/04 19:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe PRC - [2007/05/28 13:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [color=#E56717]========== Modules (No Company Name) ==========[/color] [color=#E56717]========== Win32 Services (SafeList) ==========[/color] SRV:[b]64bit:[/b] - [2011/05/13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv) SRV:[b]64bit:[/b] - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\stacsv64.exe -- (STacSV) SRV:[b]64bit:[/b] - [2009/08/18 02:36:20 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:[b]64bit:[/b] - [2009/07/13 22:41:10 | 000,035,328 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iprip.dll -- (iprip) SRV:[b]64bit:[/b] - [2009/07/13 22:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV:[b]64bit:[/b] - [2009/06/03 02:13:02 | 000,721,712 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vfsFPService.exe -- (vfsFPService) SRV:[b]64bit:[/b] - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters) SRV - [2012/05/23 19:09:02 | 000,024,576 | ---- | M] (Atribune.org) [On_Demand | Stopped] -- C:\Windows\SysWow64\VundoFixSVC.exe -- (VundoFixSvc) SRV - [2012/05/09 09:02:12 | 000,214,088 | ---- | M] ( ) [Auto | Running] -- C:\PROGRA~2\GbPlugin\GbpSv.exe -- (GbpSv) SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012/01/19 08:47:20 | 003,027,840 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7) SRV - [2011/10/03 01:26:57 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service) SRV - [2011/10/03 01:25:39 | 000,340,520 | ---- | M] (Kaspersky Lab) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe -- (AVP) SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2010/03/23 14:53:06 | 000,247,808 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe -- (STacSV) SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard) SRV - [2009/06/10 18:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009/06/04 19:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R) SRV - [2009/06/03 02:12:50 | 000,599,344 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vfsFPService.exe -- (vfsFPService) SRV - [2009/03/02 18:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe -- (AESTFilters) SRV - [2007/05/31 10:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm) SRV - [2007/05/31 10:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr) SRV - [2007/05/28 13:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE) [color=#E56717]========== Driver Services (SafeList) ==========[/color] DRV:[b]64bit:[/b] - [2012/04/04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector) DRV:[b]64bit:[/b] - [2012/03/02 16:02:00 | 000,034,304 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandmodem64.sys -- (ANDModem) DRV:[b]64bit:[/b] - [2012/03/02 16:02:00 | 000,027,648 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lganddiag64.sys -- (AndDiag) DRV:[b]64bit:[/b] - [2012/03/02 16:02:00 | 000,027,136 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandgps64.sys -- (AndGps) DRV:[b]64bit:[/b] - [2012/03/02 16:02:00 | 000,019,456 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandbus64.sys -- (Andbus) DRV:[b]64bit:[/b] - [2012/03/01 03:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:[b]64bit:[/b] - [2011/11/10 21:54:51 | 000,868,848 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd) DRV:[b]64bit:[/b] - [2011/10/03 01:25:39 | 000,353,296 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF) DRV:[b]64bit:[/b] - [2011/08/01 14:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64) DRV:[b]64bit:[/b] - [2011/08/01 14:59:06 | 000,023,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nuidfltr.sys -- (NuidFltr) DRV:[b]64bit:[/b] - [2011/07/28 17:37:10 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB) DRV:[b]64bit:[/b] - [2011/06/30 19:24:18 | 000,024,064 | ---- | M] (Shrew Soft Inc) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vfilter.sys -- (vflt) DRV:[b]64bit:[/b] - [2011/05/13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt) DRV:[b]64bit:[/b] - [2011/05/13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer) DRV:[b]64bit:[/b] - [2011/03/11 03:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:[b]64bit:[/b] - [2011/03/11 03:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:[b]64bit:[/b] - [2010/11/20 10:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:[b]64bit:[/b] - [2010/11/20 08:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:[b]64bit:[/b] - [2010/11/20 08:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV:[b]64bit:[/b] - [2010/11/20 06:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus) DRV:[b]64bit:[/b] - [2010/09/02 04:18:46 | 000,017,408 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\virtualnet.sys -- (vnet) DRV:[b]64bit:[/b] - [2010/07/30 09:53:20 | 000,032,880 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd) DRV:[b]64bit:[/b] - [2010/05/27 22:32:56 | 000,320,560 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:[b]64bit:[/b] - [2010/03/23 14:53:06 | 000,505,344 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:[b]64bit:[/b] - [2010/01/06 16:23:18 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur) DRV:[b]64bit:[/b] - [2009/10/20 16:20:36 | 000,114,608 | ---- | M] (Philips Applied Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\phaudlwr.sys -- (phaudlwr) DRV:[b]64bit:[/b] - [2009/10/14 20:18:38 | 000,040,464 | ---- | M] (Kaspersky Lab) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\klbg.sys -- (KLBG) DRV:[b]64bit:[/b] - [2009/10/10 14:57:54 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k) DRV:[b]64bit:[/b] - [2009/10/10 14:57:54 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea) DRV:[b]64bit:[/b] - [2009/10/10 14:57:54 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k) DRV:[b]64bit:[/b] - [2009/09/14 13:46:42 | 000,027,152 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6) DRV:[b]64bit:[/b] - [2009/09/01 14:29:56 | 000,157,712 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1) DRV:[b]64bit:[/b] - [2009/08/18 03:48:48 | 006,037,504 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:[b]64bit:[/b] - [2009/07/29 16:21:58 | 000,717,312 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364) DRV:[b]64bit:[/b] - [2009/07/20 04:39:22 | 000,140,712 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR) DRV:[b]64bit:[/b] - [2009/07/13 22:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:[b]64bit:[/b] - [2009/07/13 22:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:[b]64bit:[/b] - [2009/07/13 22:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:[b]64bit:[/b] - [2009/07/13 21:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice) DRV:[b]64bit:[/b] - [2009/07/13 21:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam) DRV:[b]64bit:[/b] - [2009/07/08 00:45:50 | 002,769,400 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:[b]64bit:[/b] - [2009/06/28 19:17:00 | 000,070,656 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\enecir.sys -- (enecir) DRV:[b]64bit:[/b] - [2009/06/10 17:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:[b]64bit:[/b] - [2009/06/10 17:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:[b]64bit:[/b] - [2009/06/10 17:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:[b]64bit:[/b] - [2009/06/10 17:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:[b]64bit:[/b] - [2009/06/04 18:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV:[b]64bit:[/b] - [2009/04/29 07:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr) DRV:[b]64bit:[/b] - [2009/04/24 12:49:24 | 000,009,216 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter) DRV:[b]64bit:[/b] - [2009/03/01 23:05:32 | 000,187,392 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:[b]64bit:[/b] - [2008/11/14 12:27:00 | 000,396,800 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembunic.sys -- (sembunic) Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (WDM) DRV:[b]64bit:[/b] - [2008/11/14 12:27:00 | 000,362,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembwwan.sys -- (sembwwan) Sony Ericsson PC300 Mobile Broadband Ethernet Control Drivers (WDM) DRV:[b]64bit:[/b] - [2008/11/14 12:27:00 | 000,033,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembnd5.sys -- (sembnd5) Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (NDIS) DRV:[b]64bit:[/b] - [2008/11/14 12:26:58 | 000,445,952 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembmdm2.sys -- (sembmdm2) DRV:[b]64bit:[/b] - [2008/11/14 12:26:58 | 000,370,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembmgmt.sys -- (sembmgmt) Sony Ericsson PC300 Mobile Broadband Device Management Drivers (WDM) DRV:[b]64bit:[/b] - [2008/11/14 12:26:58 | 000,019,456 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembmdfl2.sys -- (sembmdfl2) DRV:[b]64bit:[/b] - [2008/11/14 12:26:56 | 000,362,496 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembcard.sys -- (sembcard) Sony Ericsson PC300 Mobile Broadband Command Interface Drivers (WDM) DRV:[b]64bit:[/b] - [2008/11/14 12:26:56 | 000,302,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sembbus.sys -- (sembbus) SEMC WMC Composite Device driver (WDM) DRV:[b]64bit:[/b] - [2008/11/14 12:26:54 | 000,022,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\semcreserved64.sys -- (SEMCReserved) DRV:[b]64bit:[/b] - [2008/11/14 12:26:52 | 000,023,040 | ---- | M] (Sony Ericsson) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\seu4scard64.sys -- (Sony_EricssonWWSC) DRV:[b]64bit:[/b] - [2008/05/21 13:30:58 | 000,583,168 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SPC530.sys -- (SPC530) DRV:[b]64bit:[/b] - [2008/05/21 13:30:58 | 000,008,192 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SPC530m.sys -- (SPC530m) DRV - [2012/04/05 09:34:04 | 000,046,408 | ---- | M] (GAS Tecnologia) [Kernel | Boot | Stopped] -- C:\Windows\SysWOW64\drivers\GbpKm.sys -- (GbpKm) DRV - [2009/07/13 22:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009/02/10 17:23:10 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive) [color=#E56717]========== Standard Registry (SafeList) ==========[/color] [color=#E56717]========== Internet Explorer ==========[/color] IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.br/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-br IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = CE 8C 6C D1 69 81 CC 01 [binary data] IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{1D2A6415-5302-417F-B105-CF2E11123B95}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=kw&q={searchTerms}&locale=&apn_ptnrs=FV&apn_dtid=YYYYYYYYBR&apn_uid=07650984-e6be-429c-ad26-0411206e8f03&apn_sauid=5BF36375-DF3E-4E75-888E-9A3CA215CC26& IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [color=#E56717]========== FireFox ==========[/color] FF - prefs.js..browser.search.defaultengine: "Ask.com" FF - prefs.js..browser.search.defaultenginename: "Ask.com" FF - prefs.js..browser.search.order.1: "Ask.com" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "www.google.com.br" FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" FF - user.js - File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_235.dll File not found FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jonathas\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jonathas\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/24 08:49:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/01/20 13:41:23 | 000,000,000 | ---D | M] [2011/10/02 22:37:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jonathas\AppData\Roaming\mozilla\Extensions [2012/05/25 22:53:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jonathas\AppData\Roaming\mozilla\Firefox\Profiles\cetve9sy.default\extensions [2011/12/21 08:04:51 | 000,000,000 | ---D | M] (Adicional de Seguranca CAIXA) -- C:\Users\Jonathas\AppData\Roaming\mozilla\Firefox\Profiles\cetve9sy.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E886D} [2012/05/25 22:53:55 | 000,000,000 | ---D | M] (Guardiao Itau 30 horas) -- C:\Users\Jonathas\AppData\Roaming\mozilla\Firefox\Profiles\cetve9sy.default\extensions\{87F8774F-B485-47E2-A755-A40A8A5E8873} [2012/03/31 20:12:11 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jonathas\AppData\Roaming\mozilla\Firefox\Profiles\cetve9sy.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011/10/11 00:45:22 | 000,002,399 | ---- | M] () -- C:\Users\Jonathas\AppData\Roaming\Mozilla\Firefox\Profiles\cetve9sy.default\searchplugins\askcom.xml [2012/01/20 13:41:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012/01/20 13:41:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} [2011/10/03 00:27:28 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru [2011/11/24 08:49:37 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012/01/20 13:41:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll [2010/07/12 13:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2011/09/28 21:55:26 | 000,001,027 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\buscape.xml [2011/09/28 21:55:26 | 000,001,212 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\mercadolivre.xml [2011/11/24 08:49:38 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml [2011/09/28 21:55:26 | 000,001,168 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-br.xml [2011/09/28 21:55:26 | 000,000,952 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-br.xml [color=#E56717]========== Chrome ==========[/color] CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jonathas\AppData\Local\Google\Chrome\Application\15.0.874.121\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Jonathas\AppData\Local\Google\Chrome\Application\15.0.874.121\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jonathas\AppData\Local\Google\Chrome\Application\15.0.874.121\pdf.dll CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll CHR - plugin: Google Update (Enabled) = C:\Users\Jonathas\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll CHR - plugin: Default Plug-in (Enabled) = default_plugin Hosts file not found O2:[b]64bit:[/b] - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540000} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil) O2 - BHO: (Reg Error: Value error.) - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - Reg Error: Value error. File not found O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540008} - C:\PROGRA~2\GbPlugin\gbiehuni.dll (Banco Itaú Unibanco) O2 - BHO: (GbIehObj Class) - {C41A1C0E-EA6C-11D4-B1B8-444553540015} - C:\Program Files (x86)\GbPlugin\gbiehisg.dll (Infoseg - Senasp) O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:[b]64bit:[/b] - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation) O4:[b]64bit:[/b] - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe () O4:[b]64bit:[/b] - HKLM..\Run: [SysTrayApp] C:\Arquivos de Programas\IDT\WDM\sttray64.exe (IDT, Inc.) O4:[b]64bit:[/b] - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\avp.exe (Kaspersky Lab) O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKCU..\Run: [AdobeBridge] File not found O4 - HKCU..\Run: [PCSpeedUp] C:\Program Files (x86)\Velocidade Do PC\PCSpeedUp.lnk File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 4 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8:[b]64bit:[/b] - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9:[b]64bit:[/b] - Extra Button: &Teclado virtual - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab) O9:[b]64bit:[/b] - Extra Button: Veri&ficação de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\x64\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: &Teclado virtual - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O9 - Extra Button: Veri&ficação de URLs - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2010\klwtbbho.dll (Kaspersky Lab) O13[b]64bit:[/b] - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www] * in Sites confiáveis) O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www14] * in Sites confiáveis) O15 - HKCU\..Trusted Domains: bancobrasil.com.br ([www2] * in Sites confiáveis) O15 - HKCU\..Trusted Domains: bb.com.br ([www] * in Sites confiáveis) O15 - HKCU\..Trusted Domains: caixa.gov.br ([]https in Sites confiáveis) O15 - HKCU\..Trusted Domains: caixa.gov.br ([internetbanking] https in Sites confiáveis) O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {7E866715-C9B6-4C64-AAB8-342E0D137213} http://10.1.100.7/EDVR.CAB (DVR4204 Client Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {E37CB5F0-51F5-4395-A808-5FA49E399008} https://clickbanking.itau.com.br/itau/gbplugin/gbplugin2/cab/GbPluginUni.cab (GbPluginObj Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0F4DED35-F83F-4B6D-8FC5-35005FC7400F}: DhcpNameServer = 10.1.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A46D2E7-57D3-4C97-B991-45CF51B35783}: DhcpNameServer = 10.1.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{641840B6-57B7-4B49-AEE3-723EA2B2DC34}: DhcpNameServer = 192.168.0.1 O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de Programas\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab) O20 - Winlogon\Notify\ GbPluginBb: DllName - (C:\Program Files (x86)\GbPlugin\gbieh.dll) - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil) O20 - Winlogon\Notify\ GbPluginCef: DllName - (C:\Program Files (x86)\GbPlugin\gbiehCef.dll) - File not found O20 - Winlogon\Notify\ GbPluginIsg: DllName - (C:\Program Files (x86)\GbPlugin\gbiehIsg.dll) - C:\Program Files (x86)\GbPlugin\gbiehIsg.dll (Infoseg - Senasp) O20 - Winlogon\Notify\ GbPluginUni: DllName - (C:\PROGRA~2\GbPlugin\gbiehUni.dll) - C:\PROGRA~2\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco) O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399003} - No CLSID value found. O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399008} - C:\PROGRA~2\GbPlugin\gbiehUni.dll (Banco Itaú Unibanco) O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399015} - C:\Program Files (x86)\GbPlugin\gbiehIsg.dll (Infoseg - Senasp) O28 - HKLM ShellExecuteHooks: {E37CB5F0-51F5-4395-A808-5FA49E399F83} - C:\Program Files (x86)\GbPlugin\gbieh.dll (Banco do Brasil) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2011/10/11 01:05:23 | 000,000,048 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{f206a74f-ed4a-11e0-845f-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{f206a74f-ed4a-11e0-845f-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %* O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %* O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) CREATERESTOREPOINT Restore point Set: OTL Restore Point NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) MsConfig:64bit - State: "startup" - Reg Error: Key error. SafeBootMin:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) SafeBootMin:[b]64bit:[/b] Base - Driver Group SafeBootMin:[b]64bit:[/b] Boot Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] Boot file system - Driver Group SafeBootMin:[b]64bit:[/b] File system - Driver Group SafeBootMin:[b]64bit:[/b] Filter - Driver Group SafeBootMin:[b]64bit:[/b] HelpSvc - Service SafeBootMin:[b]64bit:[/b] PCI Configuration - Driver Group SafeBootMin:[b]64bit:[/b] PEVSystemStart - Service SafeBootMin:[b]64bit:[/b] PNP Filter - Driver Group SafeBootMin:[b]64bit:[/b] Primary disk - Driver Group SafeBootMin:[b]64bit:[/b] procexp90.Sys - Driver SafeBootMin:[b]64bit:[/b] sacsvr - Service SafeBootMin:[b]64bit:[/b] SCSI Class - Driver Group SafeBootMin:[b]64bit:[/b] System Bus Extender - Driver Group SafeBootMin:[b]64bit:[/b] vmms - Service SafeBootMin:[b]64bit:[/b] {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin:[b]64bit:[/b] {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin:[b]64bit:[/b] {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin:[b]64bit:[/b] {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin:[b]64bit:[/b] {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin:[b]64bit:[/b] {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin:[b]64bit:[/b] {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin:[b]64bit:[/b] {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin:[b]64bit:[/b] {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin:[b]64bit:[/b] {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin:[b]64bit:[/b] {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin:[b]64bit:[/b] {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin:[b]64bit:[/b] {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin:[b]64bit:[/b] {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin:[b]64bit:[/b] {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin:[b]64bit:[/b] {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin:[b]64bit:[/b] {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices SafeBootMin: Base - Driver Group SafeBootMin: Boot Bus Extender - Driver Group SafeBootMin: Boot file system - Driver Group SafeBootMin: File system - Driver Group SafeBootMin: Filter - Driver Group SafeBootMin: HelpSvc - Service SafeBootMin: PCI Configuration - Driver Group SafeBootMin: PEVSystemStart - Service SafeBootMin: PNP Filter - Driver Group SafeBootMin: Primary disk - Driver Group SafeBootMin: procexp90.Sys - Driver SafeBootMin: sacsvr - Service SafeBootMin: SCSI Class - Driver Group SafeBootMin: System Bus Extender - Driver Group SafeBootMin: vmms - Service SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] [2012/05/25 22:48:32 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Jonathas\Desktop\OTL.exe [2012/05/23 20:43:54 | 000,000,000 | ---D | C] -- C:\LinhaDefensiva [2012/05/23 20:43:50 | 000,178,597 | ---- | C] (Igor Pavlov) -- C:\bankerfix.exe [2012/05/23 20:34:39 | 000,000,000 | ---D | C] -- C:\Users\Jonathas\Desktop\HijackThis [2012/05/23 19:24:18 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.execf [2012/05/23 19:23:58 | 000,000,000 | ---D | C] -- C:\32788R22FWJFW [2012/05/23 19:09:02 | 000,024,576 | ---- | C] (Atribune.org) -- C:\Windows\SysWow64\VundoFixSVC.exe [2012/05/20 18:14:05 | 000,034,304 | ---- | C] (LG Electronics Inc.) -- C:\Windows\SysNative\drivers\lgandmodem64.sys [2012/05/20 18:14:05 | 000,027,648 | ---- | C] (LG Electronics Inc.) -- C:\Windows\SysNative\drivers\lganddiag64.sys [2012/05/20 18:14:05 | 000,027,136 | ---- | C] (LG Electronics Inc.) -- C:\Windows\SysNative\drivers\lgandgps64.sys [2012/05/20 18:14:04 | 000,019,456 | ---- | C] (LG Electronics Inc.) -- C:\Windows\SysNative\drivers\lgandbus64.sys [2012/05/20 18:14:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics [2012/05/19 00:26:07 | 000,000,000 | ---D | C] -- C:\LGP698F [2012/05/19 00:24:30 | 000,655,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr90.dll [2012/05/19 00:24:30 | 000,568,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcp90.dll [2012/05/19 00:24:30 | 000,224,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcm90.dll [2012/05/19 00:24:23 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll [2012/05/19 00:24:12 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX [2012/05/17 08:30:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012/05/17 08:30:54 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2012/05/17 08:30:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2012/05/15 21:54:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012/05/15 21:53:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2012/05/15 21:53:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012/05/13 22:10:59 | 000,000,000 | ---D | C] -- C:\Users\Jonathas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NetSurveillance [2012/05/13 22:10:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetSurveillance [2012/05/13 22:10:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NetSurveillance [2012/05/09 08:49:04 | 001,544,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll [2012/05/09 08:49:00 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2012/05/09 08:48:59 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2012/05/09 08:48:59 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] [2012/05/25 22:48:36 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Jonathas\Desktop\OTL.exe [2012/05/25 22:13:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3386592043-1472786982-427589051-1001UA.job [2012/05/25 21:13:08 | 000,019,968 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012/05/25 21:13:08 | 000,019,968 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012/05/25 21:04:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012/05/25 21:04:22 | 3219,017,728 | -HS- | M] () -- C:\hiberfil.sys [2012/05/25 15:29:56 | 001,517,266 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012/05/25 15:29:56 | 000,664,038 | ---- | M] () -- C:\Windows\SysNative\prfh0416.dat [2012/05/25 15:29:56 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012/05/25 15:29:56 | 000,128,328 | ---- | M] () -- C:\Windows\SysNative\prfc0416.dat [2012/05/25 15:29:56 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012/05/25 01:13:09 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3386592043-1472786982-427589051-1001Core.job [2012/05/23 20:22:58 | 000,178,597 | ---- | M] (Igor Pavlov) -- C:\bankerfix.exe [2012/05/23 19:24:20 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\cmd.execf [2012/05/23 19:09:02 | 000,024,576 | ---- | M] (Atribune.org) -- C:\Windows\SysWow64\VundoFixSVC.exe [2012/05/23 12:52:41 | 002,335,270 | ---- | M] () -- C:\Windows\SysWow64\aceFB11.mht [2012/05/23 11:59:09 | 000,018,904 | ---- | M] () -- C:\cc_20120523_115905.reg [2012/05/21 13:07:03 | 000,001,456 | ---- | M] () -- C:\Users\Jonathas\AppData\Local\Adobe Salvar para a Web 12.0 Prefs [2012/05/20 14:35:17 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini [2012/05/15 22:47:14 | 000,000,132 | ---- | M] () -- C:\Users\Jonathas\AppData\Roaming\Preferências do formato BMP do Adobe CS5 [2012/05/13 11:09:53 | 000,001,273 | ---- | M] () -- C:\Users\Jonathas\Desktop\Google Talk.lnk [2012/05/09 22:19:51 | 005,022,032 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012/05/07 23:45:19 | 000,419,488 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2012/05/07 23:45:19 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [color=#E56717]========== Files Created - No Company Name ==========[/color] [2012/05/23 12:52:41 | 002,335,270 | ---- | C] () -- C:\Windows\SysWow64\aceFB11.mht [2012/05/23 11:59:08 | 000,018,904 | ---- | C] () -- C:\cc_20120523_115905.reg [2012/05/19 00:24:23 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll [2012/05/19 00:24:23 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini [2012/05/13 11:09:53 | 000,001,273 | ---- | C] () -- C:\Users\Jonathas\Desktop\Google Talk.lnk [2012/03/17 21:42:15 | 000,000,132 | ---- | C] () -- C:\Users\Jonathas\AppData\Roaming\Preferências do formato BMP do Adobe CS5 [2011/12/27 00:50:20 | 000,000,578 | ---- | C] () -- C:\Windows\M3JPEG.INI [2011/12/27 00:44:29 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2011/11/16 11:00:03 | 000,000,132 | ---- | C] () -- C:\Users\Jonathas\AppData\Roaming\Preferências do formato PNG do Adobe CS5 [2011/11/11 07:54:12 | 000,001,456 | ---- | C] () -- C:\Users\Jonathas\AppData\Local\Adobe Salvar para a Web 12.0 Prefs [2011/10/11 01:24:53 | 000,000,000 | ---- | C] () -- C:\Windows\Dssole.INI [2011/10/11 01:24:49 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\DM1USBAPIVB.dll [2011/10/11 01:06:45 | 000,000,000 | ---- | C] () -- C:\Windows\AVerCap.INI [2011/10/11 00:37:38 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2011/10/11 00:37:37 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini [2011/10/11 00:37:36 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll [2011/10/11 00:37:36 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll [2011/10/10 16:46:31 | 000,153,600 | ---- | C] () -- C:\Windows\SysWow64\WSContextMenu.dll [2011/10/02 23:43:19 | 000,139,264 | ---- | C] () -- C:\Windows\GeoEditAVIDll.dll [2011/10/02 20:07:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011/02/10 01:03:48 | 000,000,326 | ---- | C] () -- C:\Windows\primopdf.ini [color=#E56717]========== LOP Check ==========[/color] [2011/11/10 20:49:00 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\Ashampoo [2012/05/23 14:24:55 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\FileZilla [2011/10/10 22:44:31 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\GlobalSCAPE [2011/10/10 16:32:51 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\NCH Swift Sound [2011/11/08 00:23:51 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\NetDrive [2011/10/03 00:33:47 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\Nitro PDF [2011/10/23 15:33:41 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\OpenCandy [2012/05/25 22:48:06 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\PrimoPDF [2011/10/14 21:35:56 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\Publish Providers [2012/04/01 00:32:30 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\Sony [2011/10/14 22:05:12 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\Sony Creative Software Inc [2012/04/20 20:55:42 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\TeamViewer [2011/11/07 23:55:59 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\Thinstall [2012/05/19 21:28:26 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\uTorrent [2012/04/05 08:43:05 | 000,000,000 | ---D | M] -- C:\Users\Jonathas\AppData\Roaming\WindSolutions [2012/04/16 14:54:33 | 000,032,608 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT [color=#E56717]========== Purity Check ==========[/color] [color=#E56717]========== Custom Scans ==========[/color] [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color] [2011/10/11 01:05:23 | 000,000,048 | ---- | M] () -- C:\AUTOEXEC.BAT [2012/05/23 20:22:58 | 000,178,597 | ---- | M] (Igor Pavlov) -- C:\bankerfix.exe [2012/05/23 19:24:32 | 000,001,445 | ---- | M] () -- C:\Bug.txt [2010/04/01 02:54:19 | 000,000,190 | ---- | M] () -- C:\cc_20100401_025416.reg [2011/10/06 11:53:26 | 000,024,962 | ---- | M] () -- C:\cc_20111006_115317.reg [2011/10/11 01:18:17 | 000,029,290 | ---- | M] () -- C:\cc_20111011_011813.reg [2011/10/19 00:34:40 | 000,045,564 | ---- | M] () -- C:\cc_20111019_013437.reg [2011/10/19 00:53:02 | 000,000,902 | ---- | M] () -- C:\cc_20111019_015259.reg [2011/10/19 23:52:04 | 000,000,954 | ---- | M] () -- C:\cc_20111020_005200.reg [2011/10/24 14:34:12 | 000,015,150 | ---- | M] () -- C:\cc_20111024_153409.reg [2011/10/24 15:44:22 | 000,000,448 | ---- | M] () -- C:\cc_20111024_164412.reg [2011/10/26 01:40:38 | 000,001,858 | ---- | M] () -- C:\cc_20111026_024035.reg [2011/10/31 14:48:02 | 000,001,518 | ---- | M] () -- C:\cc_20111031_154759.reg [2011/11/01 14:03:28 | 000,001,136 | ---- | M] () -- C:\cc_20111101_150324.reg [2011/11/07 23:57:03 | 000,002,904 | ---- | M] () -- C:\cc_20111108_005701.reg [2011/11/08 00:30:48 | 000,000,868 | ---- | M] () -- C:\cc_20111108_013045.reg [2011/12/27 21:41:00 | 000,007,270 | ---- | M] () -- C:\cc_20111227_224056.reg [2011/12/29 02:31:17 | 000,000,774 | ---- | M] () -- C:\cc_20111229_033114.reg [2012/01/07 21:25:02 | 000,002,520 | ---- | M] () -- C:\cc_20120107_222458.reg [2012/01/10 12:47:37 | 000,003,230 | ---- | M] () -- C:\cc_20120110_134733.reg [2012/01/11 12:11:04 | 000,000,168 | ---- | M] () -- C:\cc_20120111_131101.reg [2012/04/01 12:42:45 | 000,004,156 | ---- | M] () -- C:\cc_20120401_124241.reg [2012/05/23 11:59:09 | 000,018,904 | ---- | M] () -- C:\cc_20120523_115905.reg [2012/05/25 21:04:22 | 3219,017,728 | -HS- | M] () -- C:\hiberfil.sys [2011/11/08 00:22:38 | 000,002,179 | ---- | M] () -- C:\ndsvc.log [2012/05/25 21:04:24 | 4292,026,368 | -HS- | M] () -- C:\pagefile.sys [2011/12/07 07:46:37 | 000,002,584 | ---- | M] () -- C:\Register Vegas Pro.htm [2011/10/17 22:45:46 | 000,019,123 | ---- | M] () -- C:\TCP3270.SAV [2012/05/23 19:09:01 | 000,002,986 | ---- | M] () -- C:\VundoFix.txt [color=#A23BEC]< %systemdrive%\drivers\*.* /s >[/color] [color=#A23BEC]< %systemdrive%\drivers\*.exe >[/color] [color=#A23BEC]< %systemroot%\system32\drivers\*.* /90 >[/color] [2012/04/05 09:34:04 | 000,046,408 | ---- | M] (GAS Tecnologia) -- C:\Windows\system32\drivers\GbpKm.sys [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color] [2009/07/14 01:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini [color=#A23BEC]< %userprofile%\configurações locais\dados de aplicativos\*.exe >[/color] [color=#A23BEC]< %userprofile%\configurações locais\dados de aplicativos\*.txt >[/color] [color=#A23BEC]< %userprofile%\configurações locais\dados de aplicativos\*.ini >[/color] [color=#A23BEC]< %userprofile%\configurações locais\dados de aplicativos\*.dat /30 >[/color] [color=#A23BEC]< %userprofile%\configurações locais\dados de aplicativos\*.dll >[/color] [color=#A23BEC]< %userprofile%\*.exe >[/color] [color=#A23BEC]< %userprofile%\.txt >[/color] [color=#A23BEC]< %userprofile%\.ini >[/color] [color=#A23BEC]< %userprofile%\.dat /30 >[/color] [color=#A23BEC]< %userprofile%\.dll >[/color] [color=#A23BEC]< %windir%\tasks\*.* /s >[/color] [2012/05/25 01:13:09 | 000,001,038 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3386592043-1472786982-427589051-1001Core.job [2012/05/25 22:13:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3386592043-1472786982-427589051-1001UA.job [2012/05/25 21:04:33 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2012/04/16 14:54:33 | 000,032,608 | ---- | M] () -- C:\Windows\tasks\SCHEDLGU.TXT [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color] [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color] [2009/06/10 17:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color] [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color] [2009/07/14 02:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont [2009/07/14 02:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont [2009/07/14 02:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont [2009/07/14 02:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont [color=#A23BEC]< %systemroot%\*.scr >[/color] [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections >[/color] "DefaultConnectionSettings" = [Binary data over 100 bytes] "SavedLegacySettings" = [Binary data over 100 bytes] [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations >[/color] [color=#A23BEC]< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments >[/color] [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.* >[/color] [2012/05/13 22:11:53 | 000,000,029 | ---- | M] () -- C:\Program Files (x86)\Internet Explorer\Dec_Config.ini [2011/10/02 22:19:58 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ExtExport.exe [2011/10/02 22:19:58 | 000,002,535 | ---- | M] () -- C:\Program Files (x86)\Internet Explorer\ie9props.propdesc [2011/10/02 22:19:58 | 000,107,008 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iecleanup.exe [2011/10/02 22:19:58 | 000,307,200 | ---- | M] () -- C:\Program Files (x86)\Internet Explorer\iediagcmd.exe [2012/02/27 22:13:13 | 000,678,912 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iedvtool.dll [2011/10/02 22:19:58 | 000,466,432 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieinstal.exe [2011/10/02 22:19:58 | 000,222,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ielowutil.exe [2011/10/02 22:19:58 | 000,193,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\ieproxy.dll [2012/02/27 22:08:19 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\IEShims.dll [2011/10/02 22:19:58 | 000,748,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [2011/10/02 22:19:58 | 000,386,560 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\jsdbgui.dll [2011/10/02 22:19:58 | 000,104,448 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\jsdebuggeride.dll [2011/10/02 22:19:58 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\JSProfilerCore.dll [2011/10/02 22:19:58 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\jsprofilerui.dll [2009/06/10 18:14:14 | 000,265,720 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\msdbg2.dll [2011/10/02 22:19:58 | 000,301,056 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\networkinspection.dll [2009/06/10 18:14:15 | 000,355,832 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\pdm.dll [2012/02/27 22:58:29 | 000,141,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Internet Explorer\sqmapi.dll [color=#E56717]========== Alternate Data Streams ==========[/color] @Alternate Data Stream - 514 bytes -> C:\Windows\SysWow64\drivers:GbpKmAp.lst @Alternate Data Stream - 194 bytes -> C:\ProgramData\Temp:CB0AACC9 < End of report > OTL Extras logfile created on: 25/05/2012 22:56:19 - Run 1 OTL by OldTimer - Version 3.2.43.1 Folder = C:\Users\Jonathas\Desktop 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy 4,00 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 65,29% Memory free 7,99 Gb Paging File | 6,46 Gb Available in Paging File | 80,79% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 83,51 Gb Total Space | 42,06 Gb Free Space | 50,37% Space Free | Partition Type: NTFS Drive D: | 512,56 Gb Total Space | 358,61 Gb Free Space | 69,96% Space Free | Partition Type: NTFS Computer Name: JONATHAS-PC | User Name: Jonathas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days [color=#E56717]========== Extra Registry (SafeList) ==========[/color] [color=#E56717]========== File Associations ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\] .html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) [color=#E56717]========== Shell Spawning ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.) Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.) Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.) Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) [color=#E56717]========== Security Center Settings ==========[/color] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 "" = [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] [color=#E56717]========== System Restore Settings ==========[/color] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore] "DisableSR" = 0 [color=#E56717]========== Firewall Settings ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [color=#E56717]========== Authorized Applications List ==========[/color] [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{057A0F8E-7FE6-482B-B726-59A952708507}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{0AAB049E-03BA-4B63-B6F5-ADD613B3D423}" = lport=rpc | protocol=6 | dir=in | svc=vds | app=%systemroot%\system32\vds.exe | "{0B4F4100-89D2-4C73-B9D2-D7FE92D6EE43}" = lport=443 | protocol=6 | dir=in | app=system | "{135C567D-56D7-42E4-AFD2-FD161D391E81}" = lport=2869 | protocol=6 | dir=in | app=system | "{19B1B7E6-D201-449B-A50B-37275CD112AF}" = lport=rpc | protocol=6 | dir=in | app=%systemroot%\system32\vdsldr.exe | "{1FB67C4D-D002-4DE1-89BA-39CEF830FDA1}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2C78C640-851F-49D3-8E22-EE34A37D1570}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{42D2882A-B976-47E7-AFA6-504F2BEC56B4}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe | "{45146391-5007-424C-9AC0-978B8599862D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{4B0ED091-FA83-409F-A84C-587F1FAEFFD8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{5171CCA5-75E7-415F-A852-4F14B977F719}" = rport=138 | protocol=17 | dir=out | app=system | "{579B4368-508E-4A4B-B54F-76E7313256B8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{5F99DFDC-FF7C-4D7F-A264-C13F9CAEACAA}" = lport=445 | protocol=6 | dir=in | app=system | "{643797D0-81B3-4409-B201-6D5F498E3680}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe | "{6B5564C6-FA2F-4E24-82B9-28E2E70ACC15}" = lport=139 | protocol=6 | dir=in | app=system | "{81500CF5-40B3-4BF5-8CBF-FB29644E3DEE}" = rport=139 | protocol=6 | dir=out | app=system | "{828CC7FC-A0EF-415E-88C3-F416ED94B097}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{866EDB16-F59E-4C5F-BBED-85F41B7F69E2}" = rport=500 | protocol=6 | dir=out | name=vpn pm | "{872F5608-E823-4C9D-9D94-1830D8E06FB3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{8A6CC47D-DD69-402E-A428-EBF922A22170}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{8B3F520F-7C1F-4040-8A3A-C85EC26DF13A}" = rport=137 | protocol=17 | dir=out | app=system | "{8DD48AF0-3C9A-4809-B735-79525BDF80FB}" = lport=137 | protocol=17 | dir=in | app=system | "{9AB96BDF-3A82-496F-B9FC-9BD7526773A7}" = lport=2869 | protocol=6 | dir=in | app=system | "{A4FEFF9E-D266-4468-B9C1-A09E256BEFED}" = lport=5353 | protocol=6 | dir=in | name=adobe csi cs4 | "{A9DE2D65-31FB-4200-B390-6B6B6A1F6AED}" = lport=10243 | protocol=6 | dir=in | app=system | "{B5E674BA-C520-46B0-A1E9-C7C74407110E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{C2747028-4808-457A-8E2E-7BD008D2BAB5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{C81B586E-B698-4B60-B1EC-0EE012FD65C4}" = lport=rpc | protocol=6 | dir=in | app=%systemroot%\system32\services.exe | "{CC901218-B4D9-4A54-BA5D-DDF473DECF36}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{D5207C51-D9C7-4805-943C-1C1CF0248DEA}" = rport=445 | protocol=6 | dir=out | app=system | "{DD273E27-A1B3-456F-A907-A38B1BFB4F2E}" = rport=10243 | protocol=6 | dir=out | app=system | "{DE980BFE-6726-4F5F-9506-E5DAF741403D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | "{E4BF2254-2989-4E24-8E9E-4D4128171F4B}" = lport=445 | protocol=6 | dir=in | app=system | "{EEA96189-830A-474F-9F73-CC72D4530933}" = lport=138 | protocol=17 | dir=in | app=system | [color=#E56717]========== Vista Active Application Exception List ==========[/color] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{03801863-0704-4423-A8FF-362A7016F3A8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{0731BCE8-44FE-476A-8E0D-77B5C8FAB033}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{18A829B5-AECF-4F4F-A323-B0CC0368E660}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{29094EBE-31DD-4F1B-B1C4-1AEA3A3AD480}" = protocol=6 | dir=in | app=d:\fifa12_system\game\fifa.exe | "{33896ED0-7761-419A-9738-481E03F46C58}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | "{36FF166E-FD63-4452-BF87-668578F0AF93}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{3A5B82DA-BD91-47B2-99AD-877EE5ACA5FB}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | "{3F0807A5-BB61-45C5-B32D-A7D7E33FE198}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{481C8382-714B-49F8-A3DA-A31F29C15032}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe | "{48F19086-6969-4086-A5CC-59D48E6F0D24}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{4FD27E53-F8DE-4BA1-8076-4DCE47368255}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{51461542-48D9-4438-AF57-7F57EBCCCE59}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe | "{5BD18CBE-00A6-4A78-92B7-D00438E4AA26}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{5F203D97-C755-4920-8254-1086EB1423E7}" = protocol=17 | dir=in | app=d:\fifa12_system\game\fifa.exe | "{65070007-A802-454A-83D3-06F3BB793569}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{66904349-CF00-4BEB-9524-3750F579280E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{683E4137-97A5-4C41-9E58-4E873616AF5D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{68852C9B-8A4D-4C2D-86BA-716F5767805B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{6CB5F349-0C32-4DAE-AB0E-85C4E27F5D45}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{6CDDA8BD-7660-4517-94E8-B9E6FA51966E}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe | "{7359547B-E23A-493D-9C77-4B5836A0B8FB}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | "{73E59500-2769-493E-875E-F1DD5DE09BEF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{79905E3D-E954-4771-AC83-CC8D68467320}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe | "{7CF1E9E3-AEB6-49E1-8B2E-2867AEB3A3D5}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{7FACC924-B3AD-4296-A966-3C2D327583FD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{88E099FF-7683-4BAA-97BB-492192CC9B1B}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | "{8D1D837D-2255-4C78-A465-285670E71FA2}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{8ECBBF51-AA4E-42BB-9828-409CCA2DB5E2}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{91BAC194-51C8-49BA-B37C-9C6591F495B3}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | "{9B5B075D-DBF9-4C87-BE1F-AB9E98DF4E92}" = protocol=17 | dir=in | app=c:\program files (x86)\hp\hp deskjet 3050 j610 series\bin\scantopcactivationapp.exe | "{A50D9645-5CA3-4144-AA26-4FED2727D5F6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{A5FAD120-03C1-4CB8-9C11-D70A9D6C7FBE}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | "{AA25FFF7-E1A6-4F3F-824F-504A748FACC4}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | "{AC9F9052-63D1-4808-A8C8-DFA468BD6875}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{B3FA5956-1670-46B5-8F97-126273A2642C}" = protocol=6 | dir=out | svc=msiscsi | app=%systemroot%\system32\svchost.exe | "{B47B2FFB-F218-4818-BED5-F49F0DAF5F71}" = protocol=6 | dir=in | svc=msiscsi | app=%systemroot%\system32\svchost.exe | "{BB7005E9-F2F1-42CB-A402-3E8178A3D1ED}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{D1937D0C-4FCB-40F4-A3B0-B2CF620C3B5D}" = protocol=6 | dir=out | app=system | "{D567979B-8079-4555-8306-AF9C9E19E3DC}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "{DDDDD3AA-6856-4276-BC7F-7A12EEE02097}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe | "{E1D87C53-D51F-4958-BF65-BE71616E639C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{E219F502-D0DF-4D6B-8192-55DDF1B0F807}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\devicesetup.exe | "{EECFECD1-AE55-4DA7-97B5-43E33652D046}" = protocol=6 | dir=in | app=c:\program files (x86)\hp\hp deskjet 3050 j610 series\bin\scantopcactivationapp.exe | "{EF6EA1F7-20B0-4D44-9917-EC6825CDD0DB}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{F284E800-C0F7-4647-99A5-B1DD3C863B3B}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{F2B40340-A468-4A1A-8A27-0F30119E21BE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{F570A424-F55E-46D2-9089-BF55F8B479C9}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe | "{F80B15C0-7B6C-4137-96B6-FC46664A811F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | "TCP Query User{0E6E4F54-A51F-441B-8118-611B4FB6FB00}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | "TCP Query User{A56F76A5-24C6-43B7-A417-9B942762CA42}D:\fifa12_system\game\fifa.exe" = protocol=6 | dir=in | app=d:\fifa12_system\game\fifa.exe | "TCP Query User{FAC9DE91-EC8E-498A-AA4F-D9F05611D46F}C:\program files (x86)\hp\hp deskjet 3050 j610 series\bin\scantopcactivationapp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\hp\hp deskjet 3050 j610 series\bin\scantopcactivationapp.exe | "TCP Query User{FD42759D-71F8-422E-BDB5-0D9FFFF81645}C:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe | "UDP Query User{68D5ECC6-F24E-4113-B3EB-9F904957D95F}C:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 3050 j610 series\bin\hpnetworkcommunicator.exe | "UDP Query User{8985AB8A-8AD9-4FBA-85F4-5FCBC7044429}D:\fifa12_system\game\fifa.exe" = protocol=17 | dir=in | app=d:\fifa12_system\game\fifa.exe | "UDP Query User{A44D5EA6-936B-48FC-AA8A-BF2A5F6E372C}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | "UDP Query User{EE4247F8-BACA-43EE-8EA5-6DEDF9024E3F}C:\program files (x86)\hp\hp deskjet 3050 j610 series\bin\scantopcactivationapp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\hp\hp deskjet 3050 j610 series\bin\scantopcactivationapp.exe | [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64 "{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit) "{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2 "{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2 "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64 "{88E60521-1E4E-4785-B9F1-1798A4BD0C30}" = HP MediaSmart SmartMenu "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64 "{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007 "{90120000-002A-0416-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Brazil)) 2007 "{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager "{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64 "{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64 "{AE51CD00-2961-423C-B5DA-3D15ECC370C6}" = Software básico do dispositivo HP Deskjet 3050 J610 series "{B7693CDE-074B-301C-9584-FC4343696C8B}" = Microsoft .NET Framework 4 Client Profile PTB Language Pack "{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64 "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{E4900509-77B0-4515-8061-E96237D69585}" = Sony Ericsson MD300 Wireless Modem "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile "{F65B8208-5221-43D9-AA12-DDEA64EC4AF6}" = Validity Sensors software "Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit "B31F51CEC37CADDD795736ABBB212C18FD2969A3" = Pacote de Driver do Windows - Philips CL (phaudlwr) MEDIA (05/07/2008 1.0.5.12) "CCleaner" = CCleaner "FA64675F2B582DB559A1BE34C9F1F0208D44A7FE" = Pacote de Driver do Windows - Philips USB (05/21/2008 1.01.3.6650) "FFE7D41DF3C645075BB149E21988B63996C34187" = ENE CIR Receiver Driver "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile PTB Language Pack" = Pacote de Idiomas do Microsoft .NET Framework 4 Client Profile - Português (Brasil) "Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2 "Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2 "SynTPDeinstKey" = Synaptics Pointing Device Driver "WinRAR archiver" = Arquivo do WinRAR "ZTE USB Driver" = ZTE USB Driver [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{01A373F1-B268-43CA-A8F1-45708A62F50A}" = Miniaurélio "{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86 "{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4 "{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4 "{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86 "{098727E1-775A-4450-B573-3F441F1CA243}" = kuler "{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help "{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4 "{0FFEA8EE-7BC7-4C9D-8CC6-5B8C891BA3F2}" = Windows Live Essentials "{100C1109-EA6C-0000-B1B8-F0038298C015}" = GbpSetup Infoseg - Senasp "{14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}" = Adobe Setup "{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5 "{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4 "{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 "{1AD473D7-7A47-5AEC-B45D-9B87414E7175}" = DigitalVideoConverter v2.9.0.53 "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live "{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only) "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver "{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30 "{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver "{30C8AA56-4088-426F-91D1-0EDFD3A25678}" = Adobe Dreamweaver CS4 "{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform "{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons "{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4 "{40719211-D09A-11DF-BA30-0013D3D69929}" = MSVCRT Redists "{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{51A9E3DD-37B8-47BB-8E67-5B76B3EFBC48}" = Assistente de Conexão do Windows Live "{590035D9-BFA0-406A-A7F0-479C72C0DDB2}" = Windows Live Call "{5DF7AA5E-A1CB-11E0-A7D6-0013D3D69929}" = MSVCRT Redists "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{61B0439E-C2B2-4328-9EAC-2B36482DC717}" = BrOffice 3.3 Help Pack (Portuguese (Brazil)) "{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86 "{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4 "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Suporte para Aplicativos Apple "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4 "{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4 "{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4 "{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007 "{90120000-0015-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007 "{90120000-0016-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007 "{90120000-0018-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007 "{90120000-0019-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007 "{90120000-001A-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007 "{90120000-001B-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007 "{90120000-001F-0416-0000-0000000FF1CE}_ENTERPRISE_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) "{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002A-0416-1000-0000000FF1CE}_ENTERPRISE_{51530CD1-8244-4E0F-B536-BCCC05325C7F}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007 "{90120000-0044-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007 "{90120000-006E-0416-0000-0000000FF1CE}_ENTERPRISE_{51530CD1-8244-4E0F-B536-BCCC05325C7F}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007 "{90120000-00A1-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3) "{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007 "{90120000-00BA-0416-0000-0000000FF1CE}_ENTERPRISE_{AD3E8EF1-E885-4068-BC73-16C0649FEBF0}" = Microsoft Office 2007 Service Pack 3 (SP3) "{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86 "{93D34EE3-99B3-4DB1-8B0A-0A657466F90D}" = Telstra Turbo Connection Manager "{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4 "{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9ADC3E4F-34DA-48CD-8727-BB26D90257BD}" = Windows Live Messenger "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010 "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5 "{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5 "{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.1) "{AC76BA86-7AD7-1046-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Português "{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0 "{B29AD377-CC12-490A-A480-1452337C618D}" = Connect "{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module "{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4 "{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime "{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw "{CD068533-1A20-47F6-B1A2-196725B1320F}" = BrOffice 3.3 "{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86 "{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86 "{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player "{E6F012B0-E930-11E0-A67A-F04DA23A5C58}" = Vegas Pro 11.0 "{E9627240-E930-11E0-8690-F04DA23A5C58}" = MSVCRT Redists "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help "{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL "{F7632A9B-661E-4FD9-B1A4-3B86BC99847F}" = HP Deskjet 3050 J610 series Ajuda "{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4 "{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4 "Adobe AIR" = Adobe AIR "Adobe Shockwave Player" = Adobe Shockwave Player 11.6 "Adobe_acce07fd2c8fe7f9e3f26243e626578" = Adobe Dreamweaver CS4 "Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced "chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help "com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player "Daniusoft Video Converter Free_is1" = Daniusoft Video Converter Free(Build 3.0.0.1) "ENTERPRISE" = Microsoft Office Enterprise 2007 "FileZilla Client" = FileZilla Client 3.5.1 "HijackThis" = HijackThis 1.99.1 "InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = HP MediaSmart Webcam "InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Internet Security 2010 "KLiteCodecPack_is1" = K-Lite Codec Pack 7.7.0 (Full) "Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware versão 1.61.0.1400 "Microsoft DirectX SDK (June 2010)" = Microsoft DirectX SDK (June 2010) "Mozilla Firefox 8.0.1 (x86 pt-BR)" = Mozilla Firefox 8.0.1 (x86 pt-BR) "NetSurveillance" = NetSurveillance "PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software "Revo Uninstaller" = Revo Uninstaller 1.90 "TeamViewer 7" = TeamViewer 7 "TFTP Client" = TFTP Client "The KMPlayer" = The KMPlayer (remove only) "UltraISO_is1" = UltraISO Premium V9.35 "uTorrent" = µTorrent "Winamp" = Winamp "WinLiveSuite_Wave3" = Windows Live Essentials [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome "Winamp Detect" = Winamp Detectar Aplicação [color=#E56717]========== Last 10 Event Log Errors ==========[/color] [ Application Events ] Error - 23/05/2012 18:40:22 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Falha ao extrair lista raiz de terceiros do arquivo cab de atualização automática de: com erro: Um certificado necessário não está no período de validade ao ser verificado em relação à hora atual do sistema ou ao carimbo de data/hora no arquivo assinado. . Error - 24/05/2012 00:04:39 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Falha ao extrair lista raiz de terceiros do arquivo cab de atualização automática de: com erro: Um certificado necessário não está no período de validade ao ser verificado em relação à hora atual do sistema ou ao carimbo de data/hora no arquivo assinado. . Error - 24/05/2012 00:04:39 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Falha ao extrair lista raiz de terceiros do arquivo cab de atualização automática de: com erro: Um certificado necessário não está no período de validade ao ser verificado em relação à hora atual do sistema ou ao carimbo de data/hora no arquivo assinado. . Error - 24/05/2012 00:54:35 | Computer Name = Jonathas-PC | Source = ESENT | ID = 215 Description = wlcomm (5080) C:\Users\Jonathas\AppData\Local\Microsoft\Windows Live Contacts\{3be22114-822b-48dc-9ccc-91f04368145c}\: O backup parou porque ele foi interrompido pelo cliente ou houve falha na conexão com o cliente. Error - 24/05/2012 13:01:11 | Computer Name = Jonathas-PC | Source = SideBySide | ID = 16842815 Description = Falha na geração de contexto de ativação para "C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Erro no arquivo de manifesto ou de diretiva C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll", na linha 3. O valor "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" do atributo version no elemento assemblyIdentity é inválido. Error - 24/05/2012 13:03:42 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Falha ao extrair lista raiz de terceiros do arquivo cab de atualização automática de: com erro: Um certificado necessário não está no período de validade ao ser verificado em relação à hora atual do sistema ou ao carimbo de data/hora no arquivo assinado. . Error - 24/05/2012 13:03:42 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Falha ao extrair lista raiz de terceiros do arquivo cab de atualização automática de: com erro: Um certificado necessário não está no período de validade ao ser verificado em relação à hora atual do sistema ou ao carimbo de data/hora no arquivo assinado. . Error - 25/05/2012 20:33:50 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Falha ao extrair lista raiz de terceiros do arquivo cab de atualização automática de: com erro: Um certificado necessário não está no período de validade ao ser verificado em relação à hora atual do sistema ou ao carimbo de data/hora no arquivo assinado. . Error - 25/05/2012 20:33:50 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107 Description = Falha ao extrair lista raiz de terceiros do arquivo cab de atualização automática de: com erro: Um certificado necessário não está no período de validade ao ser verificado em relação à hora atual do sistema ou ao carimbo de data/hora no arquivo assinado. . Error - 25/05/2012 21:56:02 | Computer Name = Jonathas-PC | Source = Application Hang | ID = 1002 Description = O programa OTL.exe versão 3.2.43.1 parou de interagir com o Windows e foi fechado. Para ver se há mais informações disponíveis sobre o problema, verifique o histórico de problemas no painel de controle da Central de Ações. ID de Processo: e7c Hora de Início: 01cd3ae24a7619c6 Hora de Término: 0 Caminho do Aplicativo: C:\Users\Jonathas\Desktop\OTL.exe Id do Relatório: [ OSession Events ] Error - 03/11/2011 12:27:03 | Computer Name = Jonathas-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 776 seconds with 600 seconds of active time. This session ended with a crash. Error - 03/11/2011 12:33:07 | Computer Name = Jonathas-PC | Source = Microsoft Office 12 Sessions | ID = 7001 Description = ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6612.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 313 seconds with 300 seconds of active time. This session ended with a crash. [ System Events ] Error - 25/05/2012 20:04:34 | Computer Name = Jonathas-PC | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço Aspi32 devido ao seguinte erro: %%2 Error - 25/05/2012 20:04:34 | Computer Name = Jonathas-PC | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço DM1Service devido ao seguinte erro: %%2 Error - 25/05/2012 20:04:34 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Ocorreu um erro ao tentar ler o arquivo de hosts locais. Error - 25/05/2012 20:04:36 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Ocorreu um erro ao tentar ler o arquivo de hosts locais. Error - 25/05/2012 20:04:41 | Computer Name = Jonathas-PC | Source = Service Control Manager | ID = 7026 Description = Falha ao carregar o(s) seguinte(s) driver(s) de início do sistema ou de inicialização: vflt Error - 25/05/2012 20:04:42 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Ocorreu um erro ao tentar ler o arquivo de hosts locais. Error - 25/05/2012 20:04:47 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Ocorreu um erro ao tentar ler o arquivo de hosts locais. Error - 25/05/2012 20:04:51 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Ocorreu um erro ao tentar ler o arquivo de hosts locais. Error - 25/05/2012 21:16:09 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Ocorreu um erro ao tentar ler o arquivo de hosts locais. Error - 25/05/2012 21:16:09 | Computer Name = Jonathas-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012 Description = Ocorreu um erro ao tentar ler o arquivo de hosts locais. < End of report >