Anormalidade relacionada a Pastas

por # DanieL # Qua 22 Jan 2014, 19:36

Olá!

Como o Titulo diz estou com um probleminha com as minhas pastas..

Se eu selecionar uma pasta e clicar com o botão direito > Propriedades para ver o número de arquivos
dentro.. normal.. consigo ver sem problemas..

agora se eu entrar na pasta, selecionar todos os arquivos > Propriedades.. não mostra.. e depois de alguns
segundos recebo uma mensagem do Windows "Prevenção de Execução de Dados" seguido de Erro no Explorer.exe
fechando automaticamente.. e travando o PC.. e o único jeito de voltar ao normal é fechando tal pasta
pelo Gerenciador de Tarefas.. (não da pra simplesmente clicar na aba e fechar normalmente)..

Sinceramente eu não acho que seja algo relacionado a Malwares ultimamente estou tendo muito cuidado com
sites que acesso, downloads e programas que instalo..

mais de qualquer maneira segue abaixo o Log do Hijackthis ~

##################################

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:23:25, on 22/1/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe
C:\Arquivos de programas\Java\jre7\bin\jqs.exe
C:\Arquivos de programas\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Arquivos de programas\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe
C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe
C:\Arquivos de programas\real\realplayer\update\realsched.exe
C:\Arquivos de programas\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Arquivos de programas\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Arquivos de programas\Mozilla Firefox\firefox.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\RealNetworks\RealDownloader\recordingmanager.exe
C:\Arquivos de programas\Adblock Plus for IE\AdblockPlusEngine.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\Arquivos de programas\Internet Explorer\iexplore.exe
C:\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Dados de aplicativos\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Arquivos de programas\Java\jre7\bin\ssv.dll
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Arquivos de programas\Adblock Plus for IE\AdblockPlus32.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Arquivos de programas\real\realplayer\update\realsched.exe" -osboot
O4 - HKLM\..\Run: [Nvtmru] "C:\Arquivos de programas\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvBackend] "C:\Arquivos de programas\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [DivXMediaServer] C:\Arquivos de programas\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] C:\Arquivos de programas\NVIDIA Corporation\nview\nwiz.exe /installquiet
O4 - HKLM\..\Run: [egui] "C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xportar para o Microsoft Excel - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\ARQUIV~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O17 - HKLM\System\CCS\Services\Tcpip\..\{8FE06CD5-6C14-45DE-914C-43E4A518237A}: NameServer = 8.26.56.26,156.154.70.22
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Daemon de cache de categorias de componente - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Arquivos de programas\Java\jre7\bin\jqs.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Arquivos de programas\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Arquivos de programas\RealNetworks\RealDownloader\rndlresolversvc.exe

--
End of file - 8199 bytes

por Convidado Qua 22 Jan 2014, 20:34

Olá!!

Lembra desse seu caso com Tela Azul??
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Te faço uma pergunta, você resolveu esse problema de tela Azul ??
Pois que eu saiba remover uma entrada de URL "Site" pelo Hijackthis, não resolve esse tipo de problema

*Interessante agora esse seu caso com problemas de pastas e com arquivo Explorer.exe

por # DanieL # Qua 22 Jan 2014, 20:46

Olá! Brando Lee

- Lembro sim! e não ainda não resolvi o problema da Tela Azul.. pelo menos eu acho que não né...
ela pode aparecer a qualquer hora, daqui a 1 minuto ou daqui a 4 meses.. vai entender...

- Eu posso estar errado, mais acho que aquela entrada não estava relacionada à tela azul..
era um Host do Garena (Warcraft) ..

- Pode se dizer que é interessante... rsrs.. mais é bem provável que esse problema pode estar relacionado a tela azul.. eu posso facilmente usar o computador e "driblar" esse probleminha apenas verificando no modo que não da problemas como mencionei acima ... o que me incomoda é como que esses problemas aparecem ? não faz o menor sentido pra mim..

# Desculpe o Double Post

por # DanieL # Qua 22 Jan 2014, 20:48

# DanieL # escreveu:Olá! Brando Lee

- Lembro sim! e não ainda não resolvi o problema da Tela Azul.. pelo menos eu acho que não né...
ela pode aparecer a qualquer hora, daqui a 1 minuto ou daqui a 4 meses.. vai entender...

- Eu posso estar errado, mais acho que aquela entrada não estava relacionada à tela azul..
era um Host do Garena (Warcraft) ..

- Pode se dizer que é interessante... rsrs.. mais é bem provável que esse problema pode estar relacionado a tela azul.. eu posso facilmente usar o computador e "driblar" esse probleminha apenas verificando no modo que não da problemas como mencionei acima ... o que me incomoda é como que esses problemas aparecem ? não faz o menor sentido pra mim..

por Convidado Qua 22 Jan 2014, 20:56

Vamos fazer um análise mais avançado!

=====================

Faça o Download -> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] (..de Mopao)

1)
Extraia o arquivo compactado HJTScanlis.zip, para o Desktop (Área de trabalho), e dê um duplo clique em HJTScanlist.bat

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

2)
Tecle na letra [X] e (Enter)
Tecle o número [1] --> (Enter)
Aguarde o escaneamento. Ao terminar apresentará um relatórios no Desktop chamado -> HJTScanlist.txt copie ele todo e cole aqui em seu tópico![/color]

por # DanieL # Qua 22 Jan 2014, 21:14

Olá, Brando Lee!

- Aqui está o Relatório:

######################

Código:: $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ º º hjtscanlist v2.0 º º $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$ Microsoft Windows XP [versão 5.1.2600] C: 22/01/2014 19:23 C:\hijackthis.log --------- 8200 C:\hiberfil.sys --------- C:\pagefile.sys --------- 20/01/2014 20:36 C:\WINDOWS --------- 0 20/01/2014 20:22 C:\Arquivos de programas --------- 0 20/01/2014 18:34 C:\Config.Msi --------- 0 17/01/2014 13:57 C:\HostsXpert --------- 0 17/01/2014 13:26 C:\backups --------- 0 09/01/2014 19:31 C:\NVIDIA --------- 0 09/01/2014 01:49 C:\END --------- 0 18/12/2013 03:20 C:\Documents and Settings --------- 0 02/12/2013 17:14 C:\System Volume Information --------- 0 02/12/2013 16:27 C:\RECYCLER --------- 0 02/12/2013 15:57 C:\ComboFix --------- 0 02/12/2013 01:53 C:\ComboFix.txt --------- 17730 01/12/2013 19:03 C:\AdwCleaner --------- 0 09/11/2013 23:09 C:\Pokemon - Emerald.clt --------- 8412 06/11/2013 17:11 C:\Free 3GP Video Converter --------- 0 23/06/2013 12:31 C:\Maps --------- 0 20/05/2013 07:57 C:\JRT --------- 0 19/05/2013 11:57 C:\HiJackThis.exe --------- 388608 14/05/2013 14:33 C:\temp --------- 0 14/05/2013 12:42 C:\Intel --------- 0 07/02/2013 13:54 C:\NINTENDO DS --------- 0 16/07/2012 13:27 C:\HpuInstall.log --------- 502164 12/05/2012 13:03 C:\butterfly_log.html --------- 4044 08/05/2012 21:21 C:\e5ac85a1b28d57dd78a74ed48dec --------- 0 03/05/2012 10:12 C:\MSOCache --------- 0 02/05/2012 15:48 C:\f43f3d596bc79445f3cd207d38 --------- 0 02/05/2012 15:41 C:\AUTOEXEC.BAT --------- 0 02/05/2012 15:41 C:\MSDOS.SYS --------- 0 02/05/2012 15:41 C:\CONFIG.SYS --------- 0 02/05/2012 15:41 C:\IO.SYS --------- 0 02/05/2012 15:37 C:\boot.ini --------- 211 14/04/2008 07:00 C:\Bootfont.bin --------- 4952 14/04/2008 07:00 C:\NTDETECT.COM --------- 47564 14/04/2008 07:00 C:\ntldr --------- 251696 15/04/2007 08:57 C:\vista.ico --------- 25214 15/04/2007 08:57 C:\autorun.inf --------- 25 ---------------------------------------- C:\WINDOWS 22/01/2014 20:07 C:\WINDOWS\WindowsUpdate.log --------- 1522124 22/01/2014 19:14 C:\WINDOWS\setupapi.log --------- 74107 22/01/2014 19:13 C:\WINDOWS\wiadebug.log --------- 159 22/01/2014 19:13 C:\WINDOWS\0.log --------- 0 22/01/2014 19:13 C:\WINDOWS\wiaservc.log --------- 49 22/01/2014 19:13 C:\WINDOWS\bootstat.dat --------- 2048 22/01/2014 19:12 C:\WINDOWS\SchedLgU.Txt --------- 32580 18/01/2014 10:50 C:\WINDOWS\setupact.log --------- 75 15/01/2014 21:41 C:\WINDOWS\comsetup.log --------- 2072 15/01/2014 21:41 C:\WINDOWS\iis6.log --------- 6726 15/01/2014 21:41 C:\WINDOWS\tabletoc.log --------- 311 15/01/2014 21:41 C:\WINDOWS\tsoc.log --------- 2821 15/01/2014 21:41 C:\WINDOWS\imsins.log --------- 1374 15/01/2014 21:41 C:\WINDOWS\ntdtcsetup.log --------- 1247 15/01/2014 21:41 C:\WINDOWS\ocmsn.log --------- 386 15/01/2014 21:41 C:\WINDOWS\KB2914368.log --------- 8484 15/01/2014 21:41 C:\WINDOWS\ocgen.log --------- 3146 15/01/2014 21:41 C:\WINDOWS\netfxocm.log --------- 1083 15/01/2014 21:41 C:\WINDOWS\MedCtrOC.log --------- 425 15/01/2014 21:41 C:\WINDOWS\msgsocm.log --------- 303 15/01/2014 21:41 C:\WINDOWS\FaxSetup.log --------- 6184 15/01/2014 21:41 C:\WINDOWS\msmqinst.log --------- 1968 09/01/2014 19:32 C:\WINDOWS\setuperr.log --------- 0 10/12/2013 00:54 C:\WINDOWS\win.ini --------- 266 02/12/2013 01:52 C:\WINDOWS\system.ini --------- 227 21/08/2013 13:37 C:\WINDOWS\SkyTel.exe --------- 1833576 23/06/2013 12:32 C:\WINDOWS\War3Unin.dat --------- 136189 20/05/2013 11:59 C:\WINDOWS\War3Unin.pif --------- 2829 20/05/2013 11:59 C:\WINDOWS\War3Unin.exe --------- 139264 13/05/2013 21:21 C:\WINDOWS\Player Selection V1.0.INI --------- 32 25/05/2012 19:06 C:\WINDOWS\RtlExUpd.dll --------- 1706640 09/05/2012 16:24 C:\WINDOWS\epplauncher.mif --------- 1912 03/05/2012 15:00 C:\WINDOWS\NeroDigital.ini --------- 69 02/05/2012 15:41 C:\WINDOWS\control.ini --------- 0 02/05/2012 15:41 C:\WINDOWS\WMSysPr9.prx --------- 316640 02/05/2012 15:41 C:\WINDOWS\ODBCINST.INI --------- 4205 02/05/2012 15:40 C:\WINDOWS\WindowsShell.Manifest --------- 749 02/05/2012 15:39 C:\WINDOWS\vbaddin.ini --------- 37 02/05/2012 15:39 C:\WINDOWS\vb.ini --------- 36 04/06/2009 01:01 C:\WINDOWS\Sti_Trace.log --------- 0 03/06/2009 23:10 C:\WINDOWS\vncutil.exe --------- 359016 03/06/2009 23:10 C:\WINDOWS\SOUNDMAN.EXE --------- 84584 03/06/2009 23:10 C:\WINDOWS\RtlUpd.exe --------- 1523416 03/06/2009 23:10 C:\WINDOWS\RTLCPL.EXE --------- 9721960 03/06/2009 23:10 C:\WINDOWS\RtkAudioService.exe --------- 129640 03/06/2009 23:10 C:\WINDOWS\RTHDCPL.EXE --------- 20145368 03/06/2009 23:10 C:\WINDOWS\MicCal.exe --------- 2180712 03/06/2009 23:10 C:\WINDOWS\ALCWZRD.EXE --------- 2815592 03/06/2009 23:10 C:\WINDOWS\ALCMTR.EXE --------- 64104 14/04/2008 07:00 C:\WINDOWS\regedit.exe --------- 271872 14/04/2008 07:00 C:\WINDOWS\Pescaria.bmp --------- 17336 14/04/2008 07:00 C:\WINDOWS\NOTEPAD.EXE --------- 70144 14/04/2008 07:00 C:\WINDOWS\msdfmap.ini --------- 1405 14/04/2008 07:00 C:\WINDOWS\Rododentro.bmp --------- 17362 14/04/2008 07:00 C:\WINDOWS\Leques.bmp --------- 26680 14/04/2008 07:00 C:\WINDOWS\Tapete.bmp --------- 9522 14/04/2008 07:00 C:\WINDOWS\TASKMAN.EXE --------- 15360 14/04/2008 07:00 C:\WINDOWS\Renda azul 16.bmp --------- 1272 14/04/2008 07:00 C:\WINDOWS\twain.dll --------- 94832 14/04/2008 07:00 C:\WINDOWS\twain_32.dll --------- 50688 14/04/2008 07:00 C:\WINDOWS\Seda.bmp --------- 16730 14/04/2008 07:00 C:\WINDOWS\twunk_16.exe --------- 49680 14/04/2008 07:00 C:\WINDOWS\winnt256.bmp --------- 48680 14/04/2008 07:00 C:\WINDOWS\twunk_32.exe --------- 25600 14/04/2008 07:00 C:\WINDOWS\hh.exe --------- 20992 14/04/2008 07:00 C:\WINDOWS\explorer.scf --------- 80 14/04/2008 07:00 C:\WINDOWS\vmmreg32.dll --------- 18944 14/04/2008 07:00 C:\WINDOWS\explorer.exe --------- 1554432 14/04/2008 07:00 C:\WINDOWS\desktop.ini --------- 2 14/04/2008 07:00 C:\WINDOWS\Deserto.bmp --------- 65832 14/04/2008 07:00 C:\WINDOWS\clock.avi --------- 82944 14/04/2008 07:00 C:\WINDOWS\Cafezinho.bmp --------- 17062 14/04/2008 07:00 C:\WINDOWS\Bruma.bmp --------- 65954 14/04/2008 07:00 C:\WINDOWS\Bolhas de sabão.bmp --------- 65978 14/04/2008 07:00 C:\WINDOWS\Areia.bmp --------- 26582 14/04/2008 07:00 C:\WINDOWS\wmprfPTB.prx --------- 34666 14/04/2008 07:00 C:\WINDOWS\winhelp.exe --------- 304000 14/04/2008 07:00 C:\WINDOWS\winhlp32.exe --------- 354816 14/04/2008 07:00 C:\WINDOWS\winnt.bmp --------- 48680 14/04/2008 07:00 C:\WINDOWS\_default.pif --------- 707 16/02/2006 23:33 C:\WINDOWS\Twunk_16.dll --------- 1216 16/02/2006 23:33 C:\WINDOWS\Twunk_32.dll --------- 1216 29/10/1998 17:45 C:\WINDOWS\IsUninst.exe --------- 306688 ---------------------------------------- C:\WINDOWS\System 14/04/2008 07:00 C:\WINDOWS\System\AVICAP.DLL --------- 70144 14/04/2008 07:00 C:\WINDOWS\System\AVIFILE.DLL --------- 109536 14/04/2008 07:00 C:\WINDOWS\System\COMMDLG.DLL --------- 33504 14/04/2008 07:00 C:\WINDOWS\System\KEYBOARD.DRV --------- 2000 14/04/2008 07:00 C:\WINDOWS\System\LZEXPAND.DLL --------- 9936 14/04/2008 07:00 C:\WINDOWS\System\MCIAVI.DRV --------- 73632 14/04/2008 07:00 C:\WINDOWS\System\MCISEQ.DRV --------- 25296 14/04/2008 07:00 C:\WINDOWS\System\MCIWAVE.DRV --------- 28160 14/04/2008 07:00 C:\WINDOWS\System\MMSYSTEM.DLL --------- 70080 14/04/2008 07:00 C:\WINDOWS\System\MMTASK.TSK --------- 1152 14/04/2008 07:00 C:\WINDOWS\System\MOUSE.DRV --------- 2032 14/04/2008 07:00 C:\WINDOWS\System\MSVIDEO.DLL --------- 127120 14/04/2008 07:00 C:\WINDOWS\System\OLECLI.DLL --------- 83456 14/04/2008 07:00 C:\WINDOWS\System\OLESVR.DLL --------- 24064 14/04/2008 07:00 C:\WINDOWS\System\setup.inf --------- 59167 14/04/2008 07:00 C:\WINDOWS\System\SHELL.DLL --------- 5120 14/04/2008 07:00 C:\WINDOWS\System\SOUND.DRV --------- 1744 14/04/2008 07:00 C:\WINDOWS\System\stdole.tlb --------- 5532 14/04/2008 07:00 C:\WINDOWS\System\SYSTEM.DRV --------- 3360 14/04/2008 07:00 C:\WINDOWS\System\TAPI.DLL --------- 19200 14/04/2008 07:00 C:\WINDOWS\System\TIMER.DRV --------- 4096 14/04/2008 07:00 C:\WINDOWS\System\VER.DLL --------- 9072 14/04/2008 07:00 C:\WINDOWS\System\VGA.DRV --------- 2176 14/04/2008 07:00 C:\WINDOWS\System\WFWNET.DRV --------- 13600 14/04/2008 07:00 C:\WINDOWS\System\WINSPOOL.DRV --------- 146944 ---------------------------------------- C:\WINDOWS\System32 22/01/2014 21:09 C:\WINDOWS\system32\nvAppTimestamps --------- 23106 22/01/2014 19:14 C:\WINDOWS\system32\wpa.dbl --------- 2206 21/01/2014 00:47 C:\WINDOWS\system32\drivers --------- 0 20/01/2014 20:36 C:\WINDOWS\system32\wbem --------- 0 20/01/2014 20:36 C:\WINDOWS\system32\Restore --------- 0 20/01/2014 20:36 C:\WINDOWS\system32\oobe --------- 0 20/01/2014 20:36 C:\WINDOWS\system32\usmt --------- 0 20/01/2014 20:36 C:\WINDOWS\system32\Setup --------- 0 20/01/2014 20:36 C:\WINDOWS\system32\1033 --------- 0 20/01/2014 20:33 C:\WINDOWS\system32\uxtheme.dll --------- 219648 20/01/2014 20:22 C:\WINDOWS\system32\CatRoot2 --------- 0 17/01/2014 01:12 C:\WINDOWS\system32\config --------- 0 15/01/2014 21:44 C:\WINDOWS\system32\MRT --------- 0 15/01/2014 21:41 C:\WINDOWS\system32\mrt.exe --------- 83425928 15/01/2014 21:41 C:\WINDOWS\system32\dllcache --------- 0 15/01/2014 15:37 C:\WINDOWS\system32\jupdate-1.7.0_51-b13.log --------- 5293 15/01/2014 15:37 C:\WINDOWS\system32\perfh009.dat --------- 513848 15/01/2014 15:37 C:\WINDOWS\system32\perfh016.dat --------- 548346 15/01/2014 15:37 C:\WINDOWS\system32\perfc009.dat --------- 90740 15/01/2014 15:37 C:\WINDOWS\system32\perfc016.dat --------- 101160 15/01/2014 15:37 C:\WINDOWS\system32\PerfStringBackup.INI --------- 1272654 12/01/2014 18:33 C:\WINDOWS\system32\FlashPlayerApp.exe --------- 692616 12/01/2014 18:33 C:\WINDOWS\system32\FlashPlayerCPLApp.cpl --------- 71048 09/01/2014 19:35 C:\WINDOWS\system32\nvdrsdb0.bin --------- 1134316 09/01/2014 19:35 C:\WINDOWS\system32\nvdrssel.bin --------- 1 09/01/2014 19:35 C:\WINDOWS\system32\nvdrsdb1.bin --------- 1134316 09/01/2014 19:33 C:\WINDOWS\system32\ReinstallBackups --------- 0 03/01/2014 20:05 C:\WINDOWS\system32\CatRoot --------- 0 19/12/2013 18:17 C:\WINDOWS\system32\nvdispgenco3233221.dll --------- 893728 19/12/2013 18:17 C:\WINDOWS\system32\nvcuvid.dll --------- 2952992 19/12/2013 18:17 C:\WINDOWS\system32\nvcuvenc.dll --------- 2747680 19/12/2013 18:17 C:\WINDOWS\system32\nvcuda.dll --------- 9682944 19/12/2013 18:17 C:\WINDOWS\system32\nvinfo.pb --------- 18657 19/12/2013 18:17 C:\WINDOWS\system32\nvoglnt.dll --------- 22188032 19/12/2013 18:17 C:\WINDOWS\system32\nvopencl.dll --------- 9637888 19/12/2013 18:17 C:\WINDOWS\system32\nvcompiler.dll --------- 17551360 19/12/2013 18:17 C:\WINDOWS\system32\nvapi.dll --------- 2635264 19/12/2013 18:17 C:\WINDOWS\system32\nv4_disp.dll --------- 4085504 19/12/2013 18:17 C:\WINDOWS\system32\nvdispco3233221.dll --------- 1049888 19/12/2013 18:17 C:\WINDOWS\system32\nvdata.data --------- 3557400 19/12/2013 16:19 C:\WINDOWS\system32\nvrszht.dll --------- 126976 19/12/2013 16:19 C:\WINDOWS\system32\nvrszhc.dll --------- 229376 19/12/2013 16:19 C:\WINDOWS\system32\nvrstr.dll --------- 258048 19/12/2013 16:19 C:\WINDOWS\system32\nvrsth.dll --------- 253952 19/12/2013 16:19 C:\WINDOWS\system32\nvrssv.dll --------- 253952 19/12/2013 16:19 C:\WINDOWS\system32\nvrssl.dll --------- 258048 19/12/2013 16:19 C:\WINDOWS\system32\nvrssk.dll --------- 258048 19/12/2013 16:19 C:\WINDOWS\system32\nvrsru.dll --------- 270336 19/12/2013 16:19 C:\WINDOWS\system32\nvrsptb.dll --------- 270336 19/12/2013 16:19 C:\WINDOWS\system32\nvrspt.dll --------- 274432 19/12/2013 16:19 C:\WINDOWS\system32\nvrspl.dll --------- 258048 19/12/2013 16:19 C:\WINDOWS\system32\nvrsno.dll --------- 253952 19/12/2013 16:19 C:\WINDOWS\system32\nvrsnl.dll --------- 274432 19/12/2013 16:19 C:\WINDOWS\system32\nvrsko.dll --------- 266240 19/12/2013 16:19 C:\WINDOWS\system32\nvrsja.dll --------- 274432 19/12/2013 16:19 C:\WINDOWS\system32\nvrsit.dll --------- 282624 19/12/2013 16:19 C:\WINDOWS\system32\nvrshu.dll --------- 262144 19/12/2013 16:19 C:\WINDOWS\system32\nvrshe.dll --------- 335872 19/12/2013 16:19 C:\WINDOWS\system32\nvrsfr.dll --------- 286720 19/12/2013 16:19 C:\WINDOWS\system32\nvrsfi.dll --------- 249856 19/12/2013 16:19 C:\WINDOWS\system32\nvrsesm.dll --------- 274432 19/12/2013 16:19 C:\WINDOWS\system32\nvrses.dll --------- 282624 19/12/2013 16:19 C:\WINDOWS\system32\nvrseng.dll --------- 249856 19/12/2013 16:19 C:\WINDOWS\system32\nvrsel.dll --------- 282624 19/12/2013 16:19 C:\WINDOWS\system32\nvrsde.dll --------- 278528 19/12/2013 16:19 C:\WINDOWS\system32\nvrsda.dll --------- 253952 19/12/2013 16:19 C:\WINDOWS\system32\nvrscs.dll --------- 249856 19/12/2013 16:19 C:\WINDOWS\system32\nvrsar.dll --------- 335872 19/12/2013 16:17 C:\WINDOWS\system32\nvwddi.dll --------- 54272 19/12/2013 16:17 C:\WINDOWS\system32\nvsvc32.exe --------- 156960 19/12/2013 16:17 C:\WINDOWS\system32\nvcpl.dll --------- 15708448 19/12/2013 16:17 C:\WINDOWS\system32\nvmctray.dll --------- 376096 19/12/2013 16:17 C:\WINDOWS\system32\nvcolor.exe --------- 144160 18/12/2013 21:10 C:\WINDOWS\system32\WindowsAccessBridge.dll --------- 94632 18/12/2013 21:04 C:\WINDOWS\system32\javaws.exe --------- 264616 18/12/2013 21:04 C:\WINDOWS\system32\javaw.exe --------- 175016 18/12/2013 21:03 C:\WINDOWS\system32\java.exe --------- 174504 18/12/2013 20:46 C:\WINDOWS\system32\javacpl.cpl --------- 145408 18/12/2013 04:11 C:\WINDOWS\system32\DivXControlPanelApplet.cpl --------- 354656 11/12/2013 00:06 C:\WINDOWS\system32\FNTCACHE.DAT --------- 272576 10/12/2013 23:51 C:\WINDOWS\system32\TZLog.log --------- 35246 05/12/2013 02:04 C:\WINDOWS\system32\DRVSTORE --------- 0 23/09/2013 14:22 C:\WINDOWS\system32\???6 --------- 0 23/09/2013 14:22 C:\WINDOWS\system32\???6 --------- 0 23/09/2013 14:22 C:\WINDOWS\system32\???6 --------- 0 23/09/2013 14:22 C:\WINDOWS\system32\???6 --------- 0 23/11/2013 17:00 C:\WINDOWS\system32\nvdispgenco3233193.dll --------- 893728 23/11/2013 17:00 C:\WINDOWS\system32\nvdispco3233193.dll --------- 1049888 23/09/2013 14:22 C:\WINDOWS\system32\???6 --------- 0 23/09/2013 14:22 C:\WINDOWS\system32\???6 --------- 0 23/09/2013 14:22 C:\WINDOWS\system32\???6 --------- 0 23/09/2013 14:22 C:\WINDOWS\system32\???6 --------- 0 23/09/2013 14:22 C:\WINDOWS\system32\???6 --------- 0 23/09/2013 14:22 C:\WINDOWS\system32\???6 --------- 0 23/09/2013 14:22 C:\WINDOWS\system32\???6 --------- 0 23/09/2013 14:22 C:\WINDOWS\system32\???6 --------- 0 23/09/2013 14:22 C:\WINDOWS\system32\???6 --------- 0 23/09/2013 14:22 C:\WINDOWS\system32\???6 --------- 0 23/09/2013 14:22 C:\WINDOWS\system32\???6 --------- 0 23/09/2013 14:22 C:\WINDOWS\system32\???6 --------- 0 ---------------------------------------- C:\WINDOWS\Prefetch 22/01/2014 21:10 C:\WINDOWS\Prefetch\WINRAR.EXE-09D6614C.pf --------- 124028 22/01/2014 21:09 C:\WINDOWS\Prefetch\IEXPLORE.EXE-2B53DE18.pf --------- 101524 22/01/2014 20:59 C:\WINDOWS\Prefetch\PLUGIN-CONTAINER.EXE-012592DA.pf --------- 63854 22/01/2014 20:42 C:\WINDOWS\Prefetch\FLASHPLAYERUPDATESERVICE.EXE-34BC5027.pf --------- 11462 22/01/2014 20:35 C:\WINDOWS\Prefetch\KMPLAYER.EXE-1CB74037.pf --------- 64568 22/01/2014 20:30 C:\WINDOWS\Prefetch\GOOGLEUPDATE.EXE-19D08292.pf --------- 28898 22/01/2014 20:30 C:\WINDOWS\Prefetch\GOOGLECRASHHANDLER.EXE-304F3980.pf --------- 11868 22/01/2014 20:09 C:\WINDOWS\Prefetch\REALPLAY.EXE-3A1B3077.pf --------- 145488 22/01/2014 20:09 C:\WINDOWS\Prefetch\REALONEMESSAGECENTER.EXE-3756954F.pf --------- 25398 22/01/2014 20:09 C:\WINDOWS\Prefetch\REALUPGRADE.EXE-07CDE3AB.pf --------- 65522 22/01/2014 20:07 C:\WINDOWS\Prefetch\RPHELPERAPP.EXE-32E6A406.pf --------- 33674 22/01/2014 20:05 C:\WINDOWS\Prefetch\REALSHARE.EXE-3A33886B.pf --------- 37910 22/01/2014 20:03 C:\WINDOWS\Prefetch\REALUPGRADE.EXE-37368FC7.pf --------- 75238 22/01/2014 20:02 C:\WINDOWS\Prefetch\RECORDINGMANAGER.EXE-32198DBF.pf --------- 58428 22/01/2014 20:01 C:\WINDOWS\Prefetch\WMIPRVSE.EXE-28F301A9.pf --------- 69066 22/01/2014 20:01 C:\WINDOWS\Prefetch\WUAUCLT.EXE-399A8E72.pf --------- 24920 22/01/2014 20:00 C:\WINDOWS\Prefetch\DLLHOST.EXE-3594867E.pf --------- 80844 22/01/2014 19:57 C:\WINDOWS\Prefetch\DESMUME_0.9.9_X86.EXE-22E58396.pf --------- 103706 22/01/2014 19:23 C:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf --------- 67598 22/01/2014 19:17 C:\WINDOWS\Prefetch\ADBLOCKPLUSENGINE.EXE-37FAF4AA.pf --------- 27306 22/01/2014 19:16 C:\WINDOWS\Prefetch\WMIADAP.EXE-2DF425B2.pf --------- 19336 22/01/2014 19:15 C:\WINDOWS\Prefetch\FIREFOX.EXE-1362643C.pf --------- 54642 22/01/2014 19:15 C:\WINDOWS\Prefetch\REALSCHED.EXE-132D5C77.pf --------- 37358 22/01/2014 19:15 C:\WINDOWS\Prefetch\READER_SL.EXE-072FC621.pf --------- 59964 22/01/2014 19:15 C:\WINDOWS\Prefetch\CTFMON.EXE-0E17969B.pf --------- 25212 22/01/2014 19:15 C:\WINDOWS\Prefetch\EGUI.EXE-0C261CF6.pf --------- 75494 22/01/2014 19:15 C:\WINDOWS\Prefetch\RUNDLL32.EXE-4257C5A3.pf --------- 79278 22/01/2014 19:15 C:\WINDOWS\Prefetch\JUSCHED.EXE-153A82FA.pf --------- 14116 22/01/2014 19:15 C:\WINDOWS\Prefetch\GROOVEMONITOR.EXE-154D642D.pf --------- 25608 22/01/2014 19:15 C:\WINDOWS\Prefetch\UNLOCKERASSISTANT.EXE-280B1F6A.pf --------- 11278 22/01/2014 19:15 C:\WINDOWS\Prefetch\NVTMRU.EXE-2B96AB88.pf --------- 12266 22/01/2014 19:15 C:\WINDOWS\Prefetch\IMAPI.EXE-0BF740A4.pf --------- 20296 22/01/2014 19:15 C:\WINDOWS\Prefetch\ADOBEARM.EXE-2C0B2F33.pf --------- 43574 22/01/2014 19:15 C:\WINDOWS\Prefetch\USERINIT.EXE-30B18140.pf --------- 18738 22/01/2014 19:15 C:\WINDOWS\Prefetch\EXPLORER.EXE-082F38A9.pf --------- 71608 22/01/2014 19:15 C:\WINDOWS\Prefetch\WGATRAY.EXE-0ED38BED.pf --------- 44440 22/01/2014 19:14 C:\WINDOWS\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 1271496 22/01/2014 19:11 C:\WINDOWS\Prefetch\LOGONUI.EXE-0AF22957.pf --------- 92432 22/01/2014 19:09 C:\WINDOWS\Prefetch\TASKMGR.EXE-20256C55.pf --------- 58798 22/01/2014 19:09 C:\WINDOWS\Prefetch\DUMPREP.EXE-1B46F901.pf --------- 69920 22/01/2014 19:08 C:\WINDOWS\Prefetch\DWWIN.EXE-30875ADC.pf --------- 23244 22/01/2014 19:05 C:\WINDOWS\Prefetch\RUNDLL32.EXE-146D9EC8.pf --------- 21154 22/01/2014 18:43 C:\WINDOWS\Prefetch\RUNDLL32.EXE-2B6EE523.pf --------- 40438 22/01/2014 18:24 C:\WINDOWS\Prefetch\UNLOCKER.EXE-24A2320D.pf --------- 34784 22/01/2014 18:07 C:\WINDOWS\Prefetch\RUNDLL32.EXE-12522DFE.pf --------- 41086 22/01/2014 17:57 C:\WINDOWS\Prefetch\CALC.EXE-02CD573A.pf --------- 18526 22/01/2014 17:54 C:\WINDOWS\Prefetch\POKEGEN.EXE-09986FFF.pf --------- 81524 22/01/2014 17:19 C:\WINDOWS\Prefetch\RUNDLL32.EXE-11EFA435.pf --------- 40318 22/01/2014 17:01 C:\WINDOWS\Prefetch\RUNDLL32.EXE-15B7593E.pf --------- 39252 22/01/2014 16:43 C:\WINDOWS\Prefetch\RUNDLL32.EXE-16363E7E.pf --------- 40258 22/01/2014 16:38 C:\WINDOWS\Prefetch\RUNDLL32.EXE-1D7A79BD.pf --------- 40160 22/01/2014 16:30 C:\WINDOWS\Prefetch\RUNDLL32.EXE-3B17149B.pf --------- 40518 22/01/2014 15:14 C:\WINDOWS\Prefetch\RUNDLL32.EXE-3F497C51.pf --------- 40160 22/01/2014 15:14 C:\WINDOWS\Prefetch\RUNDLL32.EXE-3BFC0984.pf --------- 47568 22/01/2014 14:24 C:\WINDOWS\Prefetch\RUNDLL32.EXE-2E5AF1D7.pf --------- 33282 22/01/2014 13:36 C:\WINDOWS\Prefetch\REALCONVERTER.EXE-091CDE3E.pf --------- 29544 22/01/2014 13:28 C:\WINDOWS\Prefetch\GTA_SA.EXE-233AB12D.pf --------- 78924 22/01/2014 12:33 C:\WINDOWS\Prefetch\RUNDLL32.EXE-17AD6D68.pf --------- 47110 22/01/2014 12:27 C:\WINDOWS\Prefetch\RUNDLL32.EXE-126D0A56.pf --------- 40590 22/01/2014 12:23 C:\WINDOWS\Prefetch\RUNDLL32.EXE-182A9BBA.pf --------- 40610 22/01/2014 12:22 C:\WINDOWS\Prefetch\DRSUPDATE.17662045_RUNASUSER.-30D0D762.pf --------- 38872 22/01/2014 12:22 C:\WINDOWS\Prefetch\DBINSTALLER.EXE-2C5EBCE3.pf --------- 9158 22/01/2014 12:22 C:\WINDOWS\Prefetch\OAWRAPPER.EXE-1AEDE777.pf --------- 33670 22/01/2014 12:22 C:\WINDOWS\Prefetch\NVBACKEND.EXE-311619D3.pf --------- 46330 22/01/2014 12:19 C:\WINDOWS\Prefetch\RUNDLL32.EXE-368BBB6E.pf --------- 40570 22/01/2014 12:17 C:\WINDOWS\Prefetch\RUNDLL32.EXE-1A32553E.pf --------- 40472 22/01/2014 12:17 C:\WINDOWS\Prefetch\RUNDLL32.EXE-43E03439.pf --------- 40630 22/01/2014 12:17 C:\WINDOWS\Prefetch\RUNDLL32.EXE-12719FB2.pf --------- 40810 22/01/2014 10:58 C:\WINDOWS\Prefetch\RUNDLL32.EXE-1E1A1A7E.pf --------- 41070 22/01/2014 10:41 C:\WINDOWS\Prefetch\WSCNTFY.EXE-1B24F5EB.pf --------- 55522 22/01/2014 01:16 C:\WINDOWS\Prefetch\RUNDLL32.EXE-45D4CF5E.pf --------- 40484 22/01/2014 01:15 C:\WINDOWS\Prefetch\RUNDLL32.EXE-125E17E3.pf --------- 40782 22/01/2014 00:53 C:\WINDOWS\Prefetch\RUNDLL32.EXE-2A9FBC5B.pf --------- 40702 21/01/2014 23:47 C:\WINDOWS\Prefetch\RUNDLL32.EXE-2D24DFBC.pf --------- 40622 21/01/2014 23:09 C:\WINDOWS\Prefetch\RUNDLL32.EXE-26541619.pf --------- 40662 21/01/2014 22:32 C:\WINDOWS\Prefetch\RUNDLL32.EXE-3A980C9B.pf --------- 39756 21/01/2014 21:15 C:\WINDOWS\Prefetch\RUNDLL32.EXE-3A2FF1EA.pf --------- 40802 21/01/2014 19:51 C:\WINDOWS\Prefetch\RUNDLL32.EXE-3332A47F.pf --------- 44262 21/01/2014 18:57 C:\WINDOWS\Prefetch\RUNDLL32.EXE-433117DF.pf --------- 40508 21/01/2014 18:55 C:\WINDOWS\Prefetch\RUNDLL32.EXE-2F54D6C9.pf --------- 40508 21/01/2014 18:55 C:\WINDOWS\Prefetch\RUNDLL32.EXE-48A78746.pf --------- 40508 21/01/2014 18:55 C:\WINDOWS\Prefetch\RUNDLL32.EXE-408059C0.pf --------- 40746 21/01/2014 17:34 C:\WINDOWS\Prefetch\PICKME.EXE-1A7C9AC3.pf --------- 42942 21/01/2014 13:54 C:\WINDOWS\Prefetch\layout.ini --------- 333174 21/01/2014 13:06 C:\WINDOWS\Prefetch\RUNDLL32.EXE-385D6CC9.pf --------- 39880 21/01/2014 12:26 C:\WINDOWS\Prefetch\MENCODER.EXE-34DA716F.pf --------- 56034 21/01/2014 12:26 C:\WINDOWS\Prefetch\FORMATFACTORY.EXE-0BC394EB.pf --------- 57160 21/01/2014 02:04 C:\WINDOWS\Prefetch\RUNDLL32.EXE-232844F7.pf --------- 40870 21/01/2014 01:49 C:\WINDOWS\Prefetch\CHROME.EXE-EE3AA11A.pf --------- 77546 21/01/2014 01:49 C:\WINDOWS\Prefetch\CHROME.EXE-DFC531D4.pf --------- 60508 21/01/2014 01:49 C:\WINDOWS\Prefetch\CHROME.EXE-2D99A569.pf --------- 63468 21/01/2014 01:49 C:\WINDOWS\Prefetch\CHROME.EXE-367A2825.pf --------- 67440 21/01/2014 01:49 C:\WINDOWS\Prefetch\CHROME.EXE-057A7ADA.pf --------- 58002 21/01/2014 00:50 C:\WINDOWS\Prefetch\CCLEANER.EXE-16242569.pf --------- 66582 21/01/2014 00:49 C:\WINDOWS\Prefetch\CHROME.EXE-DF033481.pf --------- 26762 21/01/2014 00:47 C:\WINDOWS\Prefetch\REVOUNINSTALLER.EXE-12AB2F2A.pf --------- 77354 21/01/2014 00:47 C:\WINDOWS\Prefetch\UPDATEDB.EXE-22648DA4.pf --------- 56646 21/01/2014 00:47 C:\WINDOWS\Prefetch\DRIVERBOOSTER.EXE-39E4601B.pf --------- 67146 21/01/2014 00:47 C:\WINDOWS\Prefetch\PURERA.EXE-2F5C73F3.pf --------- 17348 21/01/2014 00:45 C:\WINDOWS\Prefetch\MBAM.EXE-1FC68C0D.pf --------- 70526 21/01/2014 00:45 C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf --------- 19456 21/01/2014 00:44 C:\WINDOWS\Prefetch\SPYWAREBLASTER.EXE-161F0AC7.pf --------- 64680 20/01/2014 23:39 C:\WINDOWS\Prefetch\RUNDLL32.EXE-1E761052.pf --------- 48174 20/01/2014 23:33 C:\WINDOWS\Prefetch\RUNDLL32.EXE-3F7E96E7.pf --------- 39564 20/01/2014 22:37 C:\WINDOWS\Prefetch\RUNDLL32.EXE-3B3FB438.pf --------- 49414 20/01/2014 22:28 C:\WINDOWS\Prefetch\JAVAW.EXE-00A3F444.pf --------- 59730 20/01/2014 21:46 C:\WINDOWS\Prefetch\RUNDLL32.EXE-301CE3BE.pf --------- 39398 20/01/2014 21:46 C:\WINDOWS\Prefetch\RUNDLL32.EXE-16693C71.pf --------- 39398 20/01/2014 21:46 C:\WINDOWS\Prefetch\RUNDLL32.EXE-3BE3BBD9.pf --------- 40472 20/01/2014 21:45 C:\WINDOWS\Prefetch\RUNDLL32.EXE-3EE7DEEF.pf --------- 40484 20/01/2014 21:40 C:\WINDOWS\Prefetch\RUNDLL32.EXE-2C762022.pf --------- 39398 20/01/2014 21:40 C:\WINDOWS\Prefetch\RUNDLL32.EXE-3B9696C8.pf --------- 39482 20/01/2014 21:40 C:\WINDOWS\Prefetch\RUNDLL32.EXE-3E9C48F1.pf --------- 40178 20/01/2014 21:40 C:\WINDOWS\Prefetch\RUNDLL32.EXE-21FF764B.pf --------- 40862 20/01/2014 20:44 C:\WINDOWS\Prefetch\ALG.EXE-0F138680.pf --------- 17254 20/01/2014 20:44 C:\WINDOWS\Prefetch\WMIAPSRV.EXE-1E2270A5.pf --------- 93746 20/01/2014 20:24 C:\WINDOWS\Prefetch\SVCHOST.EXE-3530F672.pf --------- 35148 20/01/2014 18:29 C:\WINDOWS\Prefetch\AVWSC.EXE-019F86B8.pf --------- 38266 20/01/2014 18:28 C:\WINDOWS\Prefetch\IPMGUI.EXE-2C9A4077.pf --------- 87976 04/06/2009 00:03 C:\WINDOWS\Prefetch\RUNDLL32.EXE-12E27DD0.pf --------- 32306 04/06/2009 00:02 C:\WINDOWS\Prefetch\RUNDLL32.EXE-493F0251.pf --------- 40552 04/06/2009 00:02 C:\WINDOWS\Prefetch\RUNDLL32.EXE-409BF5FB.pf --------- 26884 04/06/2009 00:02 C:\WINDOWS\Prefetch\RTHDCPL.EXE-06918CFA.pf --------- 27138 04/06/2009 00:02 C:\WINDOWS\Prefetch\NWIZ.EXE-0E65066A.pf --------- 16278 04/06/2009 00:02 C:\WINDOWS\Prefetch\RUNDLL32.EXE-35D30E4A.pf --------- 27236 04/06/2009 00:02 C:\WINDOWS\Prefetch\RUNDLL32.EXE-1340EF7F.pf --------- 31606 04/06/2009 00:02 C:\WINDOWS\Prefetch\DIVXUPDATE.EXE-27603500.pf --------- 31366 04/06/2009 00:02 C:\WINDOWS\Prefetch\DIVXMEDIASERVER.EXE-1311DBDA.pf --------- 60312 04/06/2009 00:02 C:\WINDOWS\Prefetch\RUNDLL32.EXE-415F88EC.pf --------- 40852 04/06/2009 00:01 C:\WINDOWS\Prefetch\RUNDLL32.EXE-35A483DA.pf --------- 40080 ---------------------------------------- C:\WINDOWS\Tasks 22/01/2014 20:42 C:\WINDOWS\Tasks\Adobe Flash Player Updater.job --------- 902 22/01/2014 20:30 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job --------- 1082 22/01/2014 20:30 C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job --------- 1086 22/01/2014 20:09 C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1715567821-1844237615-1801674531-500.job --------- 318 22/01/2014 20:09 C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1715567821-1844237615-1801674531-500.job --------- 310 22/01/2014 20:03 C:\WINDOWS\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1715567821-1844237615-1801674531-500.job --------- 332 22/01/2014 20:03 C:\WINDOWS\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1715567821-1844237615-1801674531-500.job --------- 340 22/01/2014 19:14 C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-1844237615-1801674531-500.job --------- 310 22/01/2014 19:13 C:\WINDOWS\Tasks\SA.DAT --------- 6 10/01/2014 20:33 C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-1844237615-1801674531-500.job --------- 318 08/01/2014 00:50 C:\WINDOWS\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1715567821-1844237615-1801674531-500.job --------- 358 01/12/2013 18:49 C:\WINDOWS\Tasks\ImCleanDisabled --------- 0 14/04/2008 07:00 C:\WINDOWS\Tasks\desktop.ini --------- 65 ---------------------------------------- C:\WINDOWS\Temp 22/01/2014 19:14 C:\WINDOWS\Temp\WGAErrLog.txt --------- 483 22/01/2014 19:13 C:\WINDOWS\Temp\Perflib_Perfdata_188.dat --------- 16384 08/01/2014 09:48 C:\WINDOWS\Temp\Perflib_Perfdata_1c28.dat --------- 16384 ---------------------------------------- C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp 22/01/2014 21:09 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\~DFEC10.tmp --------- 20480 22/01/2014 21:08 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\~DF71B3.tmp --------- 20480 22/01/2014 20:35 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_7D.tmp --------- 0 22/01/2014 20:11 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\~DF89FA.tmp --------- 20480 22/01/2014 20:11 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\~DF18DD.tmp --------- 20480 22/01/2014 19:20 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\jusched.log --------- 46037 22/01/2014 19:18 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\~DFB2E6.tmp --------- 16384 22/01/2014 19:17 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\~DF30B5.tmp --------- 16384 22/01/2014 19:17 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\~DFA636.tmp --------- 16384 22/01/2014 19:16 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\~DF94B9.tmp --------- 16384 22/01/2014 19:15 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div23.tmp --------- 0 22/01/2014 19:15 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\AdobeARM.log --------- 28278 22/01/2014 19:15 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\WPDNSE --------- 0 22/01/2014 19:08 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\JavaDeployReg.log --------- 17534 22/01/2014 19:00 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_34C.tmp --------- 0 22/01/2014 18:24 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_2FC.tmp --------- 0 22/01/2014 03:22 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_60B.tmp --------- 0 22/01/2014 02:22 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_5C5.tmp --------- 0 22/01/2014 00:05 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_506.tmp --------- 0 21/01/2014 13:08 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_116.tmp --------- 0 21/01/2014 13:01 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_110.tmp --------- 0 21/01/2014 12:49 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div21.tmp --------- 0 21/01/2014 04:11 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_29B.tmp --------- 0 21/01/2014 02:25 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_219.tmp --------- 0 21/01/2014 02:23 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\b593_appcompat.txt --------- 4654 20/01/2014 22:30 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\hsperfdata_Administrador --------- 0 20/01/2014 20:45 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_2C.tmp --------- 0 20/01/2014 20:44 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div20.tmp --------- 0 20/01/2014 20:41 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Magentic --------- 0 20/01/2014 20:38 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div1F.tmp --------- 0 20/01/2014 20:24 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div1E.tmp --------- 0 20/01/2014 18:37 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\acrord32_sbx --------- 0 20/01/2014 18:34 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\InstHelper.exe --------- 308776 20/01/2014 16:16 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\FreemakeVideoConverterTemp --------- 0 20/01/2014 01:21 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div1C.tmp --------- 0 20/01/2014 01:14 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_86.tmp --------- 0 20/01/2014 00:51 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_7F.tmp --------- 0 20/01/2014 00:18 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_76.tmp --------- 0 19/01/2014 17:42 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_4E.tmp --------- 0 19/01/2014 16:42 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\0fr41.tmp --------- 0 19/01/2014 16:42 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\3vp40.tmp --------- 0 19/01/2014 16:42 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\qqp3F.tmp --------- 0 19/01/2014 00:27 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_AB.tmp --------- 0 19/01/2014 00:00 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_A3.tmp --------- 0 18/01/2014 23:59 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_9D.tmp --------- 0 18/01/2014 23:24 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_96.tmp --------- 0 18/01/2014 23:23 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_8F.tmp --------- 0 18/01/2014 21:46 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_82.tmp --------- 0 18/01/2014 21:45 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_7C.tmp --------- 0 18/01/2014 17:11 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_5F.tmp --------- 0 18/01/2014 14:35 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_52.tmp --------- 0 18/01/2014 12:08 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_38.tmp --------- 0 18/01/2014 07:06 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div19.tmp --------- 0 18/01/2014 06:50 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_4C.tmp --------- 0 18/01/2014 06:47 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_45.tmp --------- 0 17/01/2014 18:21 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\plugtmp-3 --------- 0 17/01/2014 03:11 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_6C.tmp --------- 0 17/01/2014 03:05 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\iobit-db-license-tmp --------- 0 17/01/2014 02:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_4F.tmp --------- 0 17/01/2014 02:40 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_44.tmp --------- 0 17/01/2014 01:15 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div17.tmp --------- 0 17/01/2014 00:58 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div16.tmp --------- 0 17/01/2014 00:53 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_2A.tmp --------- 0 17/01/2014 00:53 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_29.tmp --------- 0 17/01/2014 00:47 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div15.tmp --------- 0 17/01/2014 00:38 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_8B.tmp --------- 0 17/01/2014 00:24 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_70.tmp --------- 0 17/01/2014 00:20 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_6F.tmp --------- 0 17/01/2014 00:20 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_6E.tmp --------- 0 16/01/2014 23:31 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\plugtmp-2 --------- 0 16/01/2014 21:58 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\d5af_appcompat.txt --------- 0 16/01/2014 15:59 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\dw.log --------- 158 16/01/2014 15:08 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div13.tmp --------- 0 16/01/2014 02:31 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_11F.tmp --------- 0 16/01/2014 01:20 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\plugtmp-1 --------- 0 16/01/2014 00:18 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_F7.tmp --------- 0 15/01/2014 21:56 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div11.tmp --------- 0 15/01/2014 15:38 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\java_install_reg.log --------- 7226 15/01/2014 15:37 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\AUCHECK_PARSER.txt --------- 225 15/01/2014 15:37 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\JAUReg.log --------- 160 15/01/2014 15:37 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\RD3D.tmp --------- 0 15/01/2014 15:37 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\RD3B.tmp --------- 24 15/01/2014 15:37 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\java_install_sp.log --------- 3944 15/01/2014 15:37 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\5d48e.mst --------- 36864 15/01/2014 15:36 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\jinstall.cfg --------- 1191 15/01/2014 15:36 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\au-descriptor-1.7.0_51-b13.xml --------- 8894 15/01/2014 05:23 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_AC.tmp --------- 0 15/01/2014 04:10 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_97.tmp --------- 0 15/01/2014 02:29 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_8C.tmp --------- 0 15/01/2014 02:18 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\divF.tmp --------- 0 13/01/2014 03:36 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_104.tmp --------- 0 12/01/2014 21:56 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\5380_21239 --------- 0 12/01/2014 01:53 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\divC.tmp --------- 0 11/01/2014 21:42 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_4A.tmp --------- 0 11/01/2014 03:14 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_1E5.tmp --------- 0 11/01/2014 01:21 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_1CE.tmp --------- 0 10/01/2014 19:49 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\3116_10597 --------- 0 10/01/2014 02:30 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_65.tmp --------- 0 09/01/2014 19:40 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\divA.tmp --------- 0 09/01/2014 02:05 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_109.tmp --------- 0 09/01/2014 02:00 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\divF6.tmp --------- 0 09/01/2014 01:57 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\DDMCache --------- 0 09/01/2014 01:57 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\boost_interprocess --------- 0 09/01/2014 01:57 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\divAE.tmp --------- 0 09/01/2014 01:49 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\ct3288691 --------- 0 09/01/2014 01:49 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\ct3297861 --------- 0 09/01/2014 01:49 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\divA9.tmp --------- 0 08/01/2014 23:45 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\2552_32696 --------- 0 07/01/2014 23:59 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\3332_9593 --------- 0 06/01/2014 03:16 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_93.tmp --------- 0 06/01/2014 01:50 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\plugtmp --------- 0 06/01/2014 01:48 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div6.tmp --------- 0 05/01/2014 01:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_8D.tmp --------- 0 04/01/2014 03:13 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\_5D.tmp --------- 0 04/01/2014 02:56 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Adblock Plus for IE_20140104025541.log --------- 5622 04/01/2014 02:56 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Adblock Plus for IE_20140104025541_0_adblockplusie_1.1_en_us_ia32.msi.log --------- 308240 03/01/2014 22:00 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div4.tmp --------- 0 03/01/2014 21:57 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div3.tmp --------- 0 03/01/2014 21:55 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div2.tmp --------- 0 03/01/2014 20:03 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\avgnt.exe --------- 0 03/01/2014 20:02 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\AppRemover_Log.txt --------- 2381 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Ukrainian.bin --------- 25216 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Serbian.bin --------- 24704 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Romanian.bin --------- 25565 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Croatian.bin --------- 24855 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Slovak.bin --------- 26159 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Slovenian.bin --------- 24330 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Lithuanian.bin --------- 25980 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Turkish.bin --------- 22829 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Norwegian.bin --------- 22406 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Hungarian.bin --------- 26549 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Hebrew.bin --------- 19937 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Finnish.bin --------- 23326 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Czech.bin --------- 24769 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Portuguese(Brazil).bin --------- 26047 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Polish.bin --------- 24950 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Greek.bin --------- 25631 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Thai.bin --------- 22395 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Arabic.bin --------- 21543 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\SimChin.bin --------- 17030 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\English.bin --------- 22808 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Portuguese.bin --------- 26912 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\SWEDISH.bin --------- 24503 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Spanish.bin --------- 28759 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Russian.bin --------- 26582 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Italian.bin --------- 28420 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\German.bin --------- 26669 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\French.bin --------- 28183 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\TradChin.bin --------- 17584 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Dutch.bin --------- 26203 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Danish.bin --------- 23226 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Korean.bin --------- 20917 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div1.tmp --------- 0 03/01/2014 19:54 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\Japanese.bin --------- 25192 19/12/2013 15:06 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\jre-7u51-windows-i586-iftw.exe --------- 921512 19/12/2013 14:32 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\etilqs_61FbSlTVKF8Fab7 --------- 12304 06/11/2013 19:16 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\DivXSetup.exe --------- 993600 04/06/2009 00:09 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div1A.tmp --------- 0 04/06/2009 00:02 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div22.tmp --------- 0 04/06/2009 00:02 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div18.tmp --------- 0 04/06/2009 00:01 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div14.tmp --------- 0 04/06/2009 00:01 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div10.tmp --------- 0 04/06/2009 00:01 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\divE.tmp --------- 0 04/06/2009 00:01 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div5.tmp --------- 0 04/06/2009 00:01 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div8.tmp --------- 0 04/06/2009 00:01 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div1B.tmp --------- 0 04/06/2009 00:01 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div12.tmp --------- 0 04/06/2009 00:01 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div1D.tmp --------- 0 04/06/2009 00:01 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\divD.tmp --------- 0 04/06/2009 00:01 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\divB.tmp --------- 0 04/06/2009 00:01 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div7.tmp --------- 0 04/06/2009 00:01 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\div9.tmp --------- 0 04/06/2009 00:00 C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\{fd97d1e2-368a-4cd9-af63-8eeff938044a} --------- 0 ---------------------------------------- C:\Arquivos de programas ---------------------------------------- C:\Documents and Settings\All Users\.. Administrador Gorishi UpdatusUser NetworkService LocalService All Users Default User ---------------------------------------- C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost ---------------------------------------- Nome da imagem Identi Nome da sessÆo SessÆo# Uso de mem¢r ========================= ====== ================ ======== ============ System Idle Process 0 Console 0 28 K System 4 Console 0 44 K smss.exe 936 Console 0 56 K csrss.exe 1000 Console 0 3.060 K winlogon.exe 1028 Console 0 3.748 K services.exe 1072 Console 0 1.720 K lsass.exe 1084 Console 0 1.536 K svchost.exe 1324 Console 0 1.620 K svchost.exe 1416 Console 0 1.556 K svchost.exe 1540 Console 0 21.188 K svchost.exe 1604 Console 0 164 K svchost.exe 1660 Console 0 1.736 K svchost.exe 1844 Console 0 892 K spoolsv.exe 2024 Console 0 1.000 K ekrn.exe 296 Console 0 45.752 K jqs.exe 392 Console 0 1.380 K NvNetworkService.exe 480 Console 0 200 K nvsvc32.exe 536 Console 0 344 K HPZipm12.exe 556 Console 0 208 K rndlresolversvc.exe 636 Console 0 288 K svchost.exe 1008 Console 0 1.420 K svchost.exe 700 Console 0 292 K alg.exe 1716 Console 0 168 K wmiapsrv.exe 2396 Console 0 732 K explorer.exe 3420 Console 0 27.016 K GrooveMonitor.exe 3776 Console 0 3.596 K UnlockerAssistant.exe 3784 Console 0 444 K realsched.exe 3860 Console 0 208 K NvTmru.exe 3868 Console 0 1.048 K jusched.exe 3876 Console 0 112 K RTHDCPL.EXE 3900 Console 0 1.644 K DivXUpdate.exe 3928 Console 0 1.372 K rundll32.exe 4016 Console 0 364 K rundll32.exe 1688 Console 0 1.960 K NvBackend.exe 1696 Console 0 2.064 K egui.exe 2760 Console 0 18.780 K ctfmon.exe 2828 Console 0 2.392 K firefox.exe 744 Console 0 283.616 K iexplore.exe 3372 Console 0 3.356 K iexplore.exe 3360 Console 0 92.648 K recordingmanager.exe 3308 Console 0 1.964 K AdblockPlusEngine.exe 820 Console 0 63.092 K iexplore.exe 796 Console 0 76.904 K iexplore.exe 888 Console 0 15.860 K DeSmuME_0.9.9_x86.exe 360 Console 0 6.312 K recordingmanager.exe 3188 Console 0 1.836 K plugin-container.exe 4444 Console 0 32.584 K iexplore.exe 4388 Console 0 73.556 K cmd.exe 5260 Console 0 2.220 K tasklist.exe 2636 Console 0 7.768 K wmiprvse.exe 5624 Console 0 5.928 K ***** Ende des Scans qua 22/01/2014 um 21:11:00,79 ***

por Convidado Qua 22 Jan 2014, 21:24

Esse é o HJTscanlist.bat, na versão antiga!

Faça o Download da versão nova no link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

E refaça o procedimento:
Tecla (X) -> (Enter)
Tecla (1) -> (Enter)

edite seu post, e cole o novo relatório.

por # DanieL # Qua 22 Jan 2014, 21:43

Ué.. mais o download foi do 1º Link que vc recomendou...

O outro diz que não tenho direitos para fazer o download...

Você pode dar um jeito ou só registrando ?

por Convidado Qua 22 Jan 2014, 21:48

# DanieL # escreveu:Ué.. mais o download foi do 1º Link que vc recomendou...

O outro diz que não tenho direitos para fazer o download...

Você pode dar um jeito ou só registrando ?

O primeiro link que postei estava quebrado, o Moderador pois um link valido mais, é da versão antiga do Programa, possui menos opções de Escaneamento de pastas.

O link que coloquei é da versão nova do HJTScanlist, pode fazer Download não tem problema nenhuma!
Pois aqui no Fórum o link está quebrado, não sei o motivo, então peguei de outro origem!!

Com esse programa depois quero verificar as informações de sistema, e qual a quantidade de memória é utilizado em seu Sistema!

por # DanieL # Qua 22 Jan 2014, 21:58

Log muito grande, não dá pra editar o post..

~> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

por **Amigo Brasileiro** Qua 22 Jan 2014, 21:58

Anormalidade relacionada a Pastas 648673379

Olá pessoal. Quanto ao link, já foi baixada a versão mais atual do programa e hospedado no endereço abaixo para facilitar o download do mesmo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

por **Power Max** Qua 22 Jan 2014, 23:44

Só dando um apoio para o Brando Lee enquanto ele está offline:

Anormalidade relacionada a Pastas 772309

|- Baixe: < [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] > < [Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]> ( ... de Nicolas Coolman )
|- Salve-o no disco local! ( C ou D )
|- Desabilite seu antivírus e execute "ZHPDiag2.exe",para instalar a ferramenta.

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Execute o ícone do pergaminho. ( ZHPDiag )

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique "SEARCH" ou "PESQUISAR" e aguarde a conclusão!

[Tens de ter uma conta e sessão iniciada para poderes visualizar esta imagem]

|- Clique OK e, ao concluir, poste o relatório ZHPDiag.txt

por # DanieL # Qui 23 Jan 2014, 00:07

Olá, Marcos Felipe!

- Aqui está o relatório

#########

~ Relatório do ZHPDiag v2014.1.17.19 - Nicolas Coolman (17/1/2014)
~ Iniciado por Administrador (22/1/2014 23:58:47)
~ Endereço do Website : http://nicolascoolman.webs.com
~ Fóruns de suporte gratuito para desinfecção : [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Tradução pelo utilizador
~ Estatuto da versão :
~ Lista Branca : Ativado pelo programa
~ Elevação dos Privilégios : OK
~ Controle de Conta de Utilizador : Not Found

---\\ Navegadores Internet
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 26.0
GCIE: Google Chrome v31.0.1650.57 (Defaut)

---\\ Informações sobre os produtos Windows
~ Langage: Portugais
Microsoft Windows XP, 32-bit Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

---\\ Softwares de proteçao do sistema
Malwarebytes Anti-Malware versão 1.75.0.1300

---\\ Softwares d'optimização do sistema
CCleaner v4.09 =>Piriform Ltd

---\\ Softwares de partilha do PeerToPeer (P2P)

---\\ Monitoramento dos softwares
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 51

---\\ Informações sobre o sistema
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2047 MB (28% free)
System Restore: Activé (Enable)
System drive C: has 73 GB (46%) free of 156 GB

---\\ Modo de conexão ao sistema
~ Computer Name: GRSPC
~ User Name: Administrador
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Convidado, ASPNET, Administrador,
~ Unselected Option: 045,061,O62,065,066,080,O82,089
Logged in as Administrator

---\\ As variáveis de ambiente
~ System Unit : C:\
~ %AppZHP% : C:\Documents and Settings\Administrador\Dados de aplicativos\ZHP\
~ %AppData% : C:\Documents and Settings\Administrador\Dados de aplicativos\
~ %Desktop% : C:\Documents and Settings\Administrador\Desktop\
~ %Favorites% : C:\Documents and Settings\Administrador\Favoritos\
~ %LocalAppData% : C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\
~ %StartMenu% : C:\Documents and Settings\Administrador\Menu Iniciar\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumeração das unidades dos discos
C: Hard drive, Flash drive, Thumb drive (Free 73 Go of 156 Go)
D: Hard drive, Flash drive, Thumb drive (Free 69 Go of 142 Go)
E: Hard drive, Flash drive, Thumb drive (Free 227 Go of 298 Go)

---\\ Estado do Centro de Segurança do Windows
~ Security Center: 44 Legitimates Filtered in 00mn 00s

---\\ Pesquisa particular de ficheiros genéricos
[MD5.F1A3E95588DB92660C8C6DAA9101D49B] - (.Microsoft Corporation - Windows Explorer.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\Explorer.exe [1554432]
[MD5.FD5FA5F199F98A6D706656DDE8F9A78F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.29/10/2013 - 04:44:53.) -- C:\WINDOWS\system32\wininet.dll [1021440]
[MD5.B0C0BF2504B830BFC1E93CA39F3C75FE] - (.Microsoft Corporation - Aplicativo de logon do Windows NT.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [549376]
[MD5.F6B7B1ECD7B41736BDB6FF4B092BCB79] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/8/2011 - 10:41:46.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/4/2008 - 10:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.A8D31E836CCF2F51009CE7DFFECF6D51] - (.Microsoft Corporation - FIPS Crypto Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.485BC6BEB778B5E9702E6AA3D384C0CB] - (.Microsoft Corporation - Driver de porta i8042.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [53504]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.FB2FCCC70F7174C7BF64F48E96D3ADF4] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/7/2011 - 10:29:35.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [457856]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.9BADEE6B698BF1AF36E25A1A64A89EAB] - (.Microsoft Corporation - Driver de porta paralela.) (.14/1/2011 - 07:40:31.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/4/2008 - 13:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.68D749B04BFBBD4D4D15CC5185AFA4DD] - (.Microsoft Corporation - Redbook Audio Filter Driver.) (.13/4/2008 - 17:53:18.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58240]
[MD5.EB6B1E2C984D84470FF4FE7EF98CD44A] - (.Microsoft Corporation - Driver de cópia de sombra de volume.) (.14/4/2008 - 06:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53248]
~ Generic Processes: Scanned in 00mn 00s

---\\ Estatuto dos ficheiros ocultos (Oculto/Total)
~ Mes musiques (My Musics) : 0/0
~ Mes Favoris (My Favorites) : 1/9
~ Mes Documents (My Documents) : 1/6171
~ Mon Bureau (My Desktop) : 2/9312
~ Menu demarrer (Programs) : 1/70
~ Hidden Files: Scanned in 00mn 22s

---\\ Processos lançados
[MD5.4CB575D97653FA91FFB02DA3105EB084] - (.ESET - ESET Service.) -- C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe [1337752] [PID.296]
[MD5.B9436A665A8621073A12338B16D7BFD4] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Arquivos de programas\Java\jre7\bin\jqs.exe [182696] [PID.392]
[MD5.1C7C6D7481CABD4EF38A81F5B68F02E8] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Arquivos de programas\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304] [PID.480]
[MD5.2FC25B526E743A6D0FB06DF38E068B97] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 332.2.) -- C:\WINDOWS\system32\nvsvc32.exe [156960] [PID.536]
[MD5.D31F88C5F19EEFA366A415D6BC5F2ABC] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [69632] [PID.556]
[MD5.96EFEC24346A8EB1157E80523079ADDC] - (...) -- C:\Arquivos de programas\RealNetworks\RealDownloader\rndlresolversvc.exe [39056] [PID.636]
[MD5.0E34B7BB1FCF22BCC1E394D16F9E992B] - (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe [30040] [PID.3776]
[MD5.255E405D801CF01247390F38F92D8042] - (...) -- C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe [17408] [PID.3784]
[MD5.F6158734F1E24C6C510155CF0D363911] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Arquivos de programas\real\realplayer\update\realsched.exe [295512] [PID.3860]
[MD5.588BEEE7B106E6520F550A45897D00B2] - (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Arquivos de programas\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384] [PID.3868]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe [254336] [PID.3876]
[MD5.529ABF7BC07F5688EF22B8F7FE2C76BF] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [20145368] [PID.3900]
[MD5.C7F05A3FD4A8DC4EE7A7866876E1534C] - (.No owner - DivX Update.) -- C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.3928]
[MD5.8F718DDFA603F9CB73B2D164A239D1B9] - (...) -- ystem32\RUNDLL32.exe [0] [PID.4016]
[MD5.05C5CBE5C0C26EFF48AF60639F30F4F5] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Arquivos de programas\NVIDIA Corporation\Update Core\NvBackend.exe [2279712] [PID.1696]
[MD5.DE9BA389EB53B8A499FF0C12E8C8ABB4] - (.ESET - ESET Main GUI.) -- C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe [5110672] [PID.2760]
[MD5.1EEA6C1B35191DC177EA83672B9C3FC0] - (.Mozilla Corporation - Firefox.) -- C:\Arquivos de programas\Mozilla Firefox\firefox.exe [275568] [PID.744]
[MD5.C94590AF0DB0E97199688FF1A77037D2] - (.Microsoft Corporation - Internet Explorer.) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe [727904] [PID.3372]
[MD5.DDBE89226D55D694F1B7B3DD0C324640] - (.RealNetworks, Inc. - RealDownloader.) -- C:\Arquivos de programas\RealNetworks\RealDownloader\recordingmanager.exe [233048] [PID.3308]
[MD5.E936FA1DF62070DCE5F08A7E68F68094] - (.Eyeo GmbH - Adblock Plus Engine.) -- C:\Arquivos de programas\Adblock Plus for IE\AdblockPlusEngine.exe [4227336] [PID.820]
[MD5.94CF528EB40DA55F715995E117916C56] - (...) -- C:\Documents and Settings\Administrador\Desktop\Games\Updated DeSmuME\DeSmuME_0.9.9_x86.exe [1061376] [PID.360]
[MD5.8E5651B04BE775696B32F7F1F5DA8871] - (.Nicolas Coolman - ZHPDiag.) -- C:\Arquivos de programas\ZHPDiag\ZHPDiag.exe [8336896] [PID.5196]
~ Processes Running: Scanned in 00mn 02s

---\\ Mozilla Firefox, Plugins,Arranque,Pesquisa,Extensões (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@raidcall.en/RCplugin] - (...) -- C:\Documents and Settings\Administrador\Dados de aplicativos\raidcall\plugins\nprcplugin.dll (.not file.)
~ Firefox Browser: 22 Legitimates Filtered in 00mn 00s

---\\ Internet Explorer, Gestão do Proxy (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

---\\ Análise das linhas F0, F1, F2, F3 - Ficheiros ini, Carregamento Automático de programas
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s

---\\ Redireção do ficheiro Hosts (01)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19

---\\ Browser Helper Objects do navegador (02)
O2 - BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} . (.Adblock Plus - Adblock Plus Module.) -- C:\Arquivos de programas\Adblock Plus for IE\AdblockPlus32.dll
~ BHO: 12 Legitimates Filtered in 00mn 00s

---\\ Barras do Internet Explorer (03))
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} Chave orfã
~ Toolbar: Scanned in 00mn 00s

---\\ Outras conexões do utilizador (04)
O4 - GS\Desktop [AllUsers]: Free 3GP Video Converter.lnk . (.DVDVideoSoft Ltd. - Free All Converter.) -- C:\Arquivos de programas\DVDVideoSoft\Free 3GP Video Converter\Free3GPVideoConverter.exe
O4 - GS\Desktop [AllUsers]: Magentic by IncrediMail.lnk . (...) -- C:\Arquivos de programas\Magentic\bin\Magentic.exe
O4 - GS\Desktop [AllUsers]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Arquivos de programas\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [AllUsers]: SpywareBlaster.lnk . (...) -- C:\Arquivos de programas\SpywareBlaster\spywareblaster.exe
O4 - GS\Desktop [Administrador]: Eset Smart Security 7.lnk . (.ESET - ESET Main GUI.) -- C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe
O4 - GS\Desktop [Administrador]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [Administrador]: Internet Explorer 8.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Administrador]: KMPlayer.lnk . (.KMP Media co.,Ltd - The KMPlayer.) -- C:\Arquivos de programas\The KMPlayer\KMPlayer.exe
O4 - GS\Desktop [Administrador]: Universal MH.lnk . (.www.GarenaWorld.com - No Comment.) -- C:\Documents and Settings\Administrador\Desktop\MH\GarenaUniversalMHv13\Garena Universal MH.exe
~ Global Startup: 20 Legitimates Filtered in 00mn 01s

---\\ Aplicações iniciadas por registo & pastas (04)
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [UnlockerAssistant] . (...) -- C:\Arquivos de programas\Unlocker\UnlockerAssistant.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Arquivos de programas\real\realplayer\update\realsched.exe =>.RealNetworks, Inc
O4 - HKLM\..\Run: [Nvtmru] . (.NVIDIA Corporation - NVIDIA NvTmru Application.) -- C:\Arquivos de programas\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Arquivos de programas\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [DivXMediaServer] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Arquivos de programas\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [DivXUpdate] . (.No owner - DivX Update.) -- C:\Arquivos de programas\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll =>.NVIDIA Corporation
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Arquivos de programas\NVIDIA Corporation\nview\nwiz.exe
O4 - HKLM\..\Run: [egui] . (.ESET - ESET Main GUI.) -- C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-1715567821-1844237615-1801674531-500\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Application: Scanned in 00mn 00s

---\\ Boutões da barra de ferramentas principal do Internet Explorer (09)
O9 - Extra button: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Arquivos de programas\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Chave orfã
~ IE Extra Buttons: Scanned in 00mn 00s

---\\ Piratagem da Opção " Redefinir Configurações da Web " (014)
O14 - IERESET.INF: SEARCH_PAGE_URL=SEARCH_PAGE_URL="&http://home.microsoft.com/intl/br/access/allinone.asp"
O14 - IERESET.INF: SAFESITE_VALUE=SAFESITE_VALUE="search.msn.com.br"
~ IE Paramètres WEB: Scanned in 00mn 00s

---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Objets ActiveX: Scanned in 00mn 00s

---\\ Alteração Dominio/Clientes DNS (017)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8FE06CD5-6C14-45DE-914C-43E4A518237A}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CCS\Services\Tcpip\..\{8FE06CD5-6C14-45DE-914C-43E4A518237A}: DhcpNameServer = 187.122.191.56 187.122.191.52
O17 - HKLM\System\CCS\Services\Tcpip\..\{F27C1E84-D878-41B2-85CE-70F726C6FCC4}: DhcpNameServer = 187.122.188.101 187.122.188.53 201.6.4.116
O17 - HKLM\System\CS1\Services\Tcpip\..\{F27C1E84-D878-41B2-85CE-70F726C6FCC4}: DhcpNameServer = 187.122.191.56 187.122.188.53 201.6.4.116
O17 - HKLM\System\CS2\Services\Tcpip\..\{8FE06CD5-6C14-45DE-914C-43E4A518237A}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS2\Services\Tcpip\..\{8FE06CD5-6C14-45DE-914C-43E4A518237A}: DhcpNameServer = 187.122.191.56 187.122.191.52
O17 - HKLM\System\CS2\Services\Tcpip\..\{F27C1E84-D878-41B2-85CE-70F726C6FCC4}: DhcpNameServer = 187.122.188.101 187.122.188.53 201.6.4.116
O17 - HKLM\System\CS3\Services\Tcpip\..\{8FE06CD5-6C14-45DE-914C-43E4A518237A}: NameServer = 8.26.56.26,156.154.70.22
O17 - HKLM\System\CS3\Services\Tcpip\..\{8FE06CD5-6C14-45DE-914C-43E4A518237A}: DhcpNameServer = 187.122.191.56 187.122.191.52
O17 - HKLM\System\CS3\Services\Tcpip\..\{F27C1E84-D878-41B2-85CE-70F726C6FCC4}: DhcpNameServer = 187.122.188.101 187.122.188.53 201.6.4.116
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 187.122.188.101 187.122.188.53 201.6.4.116
~ Domain: Scanned in 00mn 00s

---\\ Protocolo adicional (018)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

---\\ Valor do Registo AppInit_DLLs e sub-chaves Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agente de rede off-line.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL de notificação do serviço de logon secu.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notificações do Programa de Vantagens do Wi.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL comum para receber notificações do Winl.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s

---\\ Chave do Registo autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Pré-carregador Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Pré-carregador Browseui - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioteca da interface de usuário do naveg.) -- C:\WINDOWS\system32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s

---\\ Enumeração Ativa do Ambiente de trabalho & Editor MHTML (024)
O24 - Desktop Component 0: Minha página inicial atual - file:About:Home
O24 - Desktop General: BackupWallPaper - .(...) - C:\WINDOWS\Web\Wallpaper\vista.bmp
O24 - Desktop General: WallPaper - .(...) - C:\WINDOWS\Web\Wallpaper\vista.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s

---\\ Drivers lançados ao arranque do sistema (041)
O41 - Driver: (avipbb) . (. - .) - C:\WINDOWS\system32\DRIVERS\avipbb.sys (.not file.)
O41 - Driver: (avkmgr) . (. - .) - C:\WINDOWS\system32\DRIVERS\avkmgr.sys (.not file.)
O41 - Driver: (sp_rsdrv2) . (...) - C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
O41 - Driver: (ssmdrv) . (. - .) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys (.not file.)
O41 - Driver: (Vsdatant) . (. - .) - C:\WINDOWS\system32\vsdatant.sys (.not file.)
~ Drivers: 98 Legitimates Filtered in 00mn 01s

---\\ Software instalados (042)
O42 - Logiciel: KMP Media Toolbar - (.APN, LLC.) [HKLM] -- {4B4D5056-3700-A76A-76A7-A758B70C0700} =>Toolbar.Ask
O42 - Logiciel: SKTimeStamp - (.Stefans Tools.) [HKLM] -- {8CFD0DBA-1D16-48A8-B3B1-426D4140CBCD}
O42 - Logiciel: VistaMizer 3.6.0.0 - (.Manuel Hoefs (alias Zottel).) [HKLM] -- VistaMizer
~ Logic: 20 Legitimates Filtered in 00mn 01s

---\\ HKCU & HKLM Software Keys
[HKCU\Software\APN]
[HKCU\Software\AskPartnerNetwork]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\HLDS]
[HKCU\Software\NeonDS.com]
[HKCU\Software\UltraDownloads.com.br]
[HKCU\Software\spookie]
[HKLM\Software\APN]
[HKLM\Software\AskPartnerNetwork]
[HKLM\Software\GF099EDA7]
[HKLM\Software\MediaTab]
[HKLM\Software\v9magic]
~ Key Software: 433 Legitimates Filtered in 00mn 01s

---\\ Conteúdo das pastas Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 25/4/2013 - 02:39:42 - [5,269] ----D C:\Arquivos de programas\Baba' Soft
O43 - CFD: 6/11/2013 - 17:31:17 - [0] ----D C:\Arquivos de programas\Baidu Security =>Adware.BDSearch
O43 - CFD: 31/7/2012 - 23:03:47 - [0,001] ----D C:\Arquivos de programas\Journal Macro
O43 - CFD: 11/4/2013 - 13:19:54 - [8,902] ----D C:\Arquivos de programas\Sanny Builder 3
O43 - CFD: 2/5/2012 - 15:40:41 - [0,001] ----D C:\Arquivos de programas\Serviços on-line
O43 - CFD: 8/12/2013 - 02:07:54 - [0,186] ----D C:\Arquivos de programas\SKTimeStamp
O43 - CFD: 5/12/2013 - 19:43:34 - [0] ----D C:\Arquivos de programas\Uninstaller
O43 - CFD: 2/5/2012 - 15:40:16 - [0,008] ----D C:\Arquivos de programas\Arquivos comuns\Serviços
O43 - CFD: 14/5/2013 - 15:00:34 - [1,487] ----D C:\Documents and Settings\All Users\Dados de aplicativos\APN
O43 - CFD: 31/8/2013 - 01:17:34 - [0,213] ----D C:\Documents and Settings\All Users\Dados de aplicativos\AskPartnerNetwork
O43 - CFD: 6/11/2013 - 17:31:51 - [0] ----D C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security =>Adware.BDSearch
O43 - CFD: 1/12/2013 - 16:37:43 - [0] ----D C:\Documents and Settings\All Users\Dados de aplicativos\ProductData
O43 - CFD: 16/11/2013 - 22:17:37 - [0] ----D C:\Documents and Settings\All Users\Dados de aplicativos\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
O43 - CFD: 15/12/2012 - 14:02:23 - [0] ----D C:\Documents and Settings\All Users\Dados de aplicativos\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
O43 - CFD: 21/1/2013 - 14:55:40 - [0] ----D C:\Documents and Settings\All Users\Dados de aplicativos\{BDDB56DE-AE4E-48A2-B856-FB60C8498453}
O43 - CFD: 15/12/2012 - 14:02:25 - [0] ----D C:\Documents and Settings\All Users\Dados de aplicativos\{D76294E6-03B8-4971-AF2E-3F846161A690}
O43 - CFD: 6/11/2013 - 17:32:06 - [0] ----D C:\Documents and Settings\Administrador\Dados de aplicativos\Baidu Security =>Adware.BDSearch
O43 - CFD: 5/11/2012 - 21:46:20 - [0,219] ----D C:\Documents and Settings\Administrador\Dados de aplicativos\RCKR
O43 - CFD: 11/5/2012 - 14:32:59 - [0] ----D C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\APN
O43 - CFD: 2/5/2012 - 15:48:32 - [0,014] R---D C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Acessórios
O43 - CFD: 3/5/2012 - 10:48:37 - [0,001] ----D C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Bluebirds
O43 - CFD: 15/10/2013 - 00:09:19 - [0] R---D C:\Documents and Settings\Administrador\Menu Iniciar\Programas\Inicializar
~ Program Folder: 203 Legitimates Filtered in 59mn 27s

---\\ Últimos ficheiros alterados ou criados no Windows e Sistema32 (044)
O44 - LFC:[MD5.B4FA46F5ACA0131980D22E004873FB2D] - 15/1/2014 - 14:37:46 ---A- . (...) -- C:\WINDOWS\system32\jupdate-1.7.0_51-b13.log [5293]
O44 - LFC:[MD5.EA6EDEDC323CCA8D3231BC73609EC371] - 15/1/2014 - 20:41:30 ---A- . (...) -- C:\WINDOWS\msmqinst.log [1968]
O44 - LFC:[MD5.6DAD7C13CCF6AEF808901DAC986DD4EF] - 15/1/2014 - 20:41:31 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [6184]
O44 - LFC:[MD5.D1E0B290648ED6C55104B959E1845FB4] - 15/1/2014 - 20:41:31 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [425]
O44 - LFC:[MD5.AB8647514FD966525876222F26596A84] - 15/1/2014 - 20:41:31 ---A- . (...) -- C:\WINDOWS\msgsocm.log [303]
O44 - LFC:[MD5.AEED6CDF5E11489DCC2DB1A5AD35E00B] - 15/1/2014 - 20:41:31 ---A- . (...) -- C:\WINDOWS\netfxocm.log [1083]
O44 - LFC:[MD5.05BAC16AE5CB0FF51F7648BAE2B09022] - 15/1/2014 - 20:41:31 ---A- . (...) -- C:\WINDOWS\ocgen.log [3146]
O44 - LFC:[MD5.F8EDF692D2CCF38BF6DA6A6E30F5C4B4] - 15/1/2014 - 20:41:32 ---A- . (...) -- C:\WINDOWS\comsetup.log [2072]
O44 - LFC:[MD5.E1AEFA26BBC81AC8C303792ADED638BE] - 15/1/2014 - 20:41:32 ---A- . (...) -- C:\WINDOWS\iis6.log [6726]
O44 - LFC:[MD5.B3CC815589FC0D9F8D7BD9D5E06D4E4B] - 15/1/2014 - 20:41:32 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.A92A1B722EA7C619F885636BAD5D2EF6] - 15/1/2014 - 20:41:32 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [1247]
O44 - LFC:[MD5.312A715E84EBA64311878962C74658D0] - 15/1/2014 - 20:41:32 ---A- . (...) -- C:\WINDOWS\ocmsn.log [386]
O44 - LFC:[MD5.A88CF1D1D18333BE07443CA2677881A8] - 15/1/2014 - 20:41:32 ---A- . (...) -- C:\WINDOWS\tabletoc.log [311]
O44 - LFC:[MD5.682E036795D502F7515910FDB4FB6025] - 15/1/2014 - 20:41:32 ---A- . (...) -- C:\WINDOWS\tsoc.log [2821]
O44 - LFC:[MD5.8F7637DEEB792A1E3A03233E19ED5B15] - 22/1/2014 - 18:13:23 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.FC9A0750F4CD5E7A63822F1CA6473789] - 22/1/2014 - 18:13:23 ---A- . (...) -- C:\WINDOWS\wiaservc.log [49]
O44 - LFC:[MD5.7A5319D1843FAECB675350AB2C83C1DF] - 22/1/2014 - 18:23:25 ---A- . (...) -- C:\hijackthis.log [8200]
O44 - LFC:[MD5.58866EBCCDA415B369C4753CD70F186B] - 22/1/2014 - 23:00:41 ---A- . (...) -- C:\WINDOWS\system32\nvAppTimestamps [23106]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 9/1/2014 - 00:49:28 ---A- . (...) -- C:\END [0]
O44 - LFC:[MD5.A56D752CDE00998B4CEA8730267B08D1] - 9/1/2014 - 18:33:02 ---A- . (...) -- C:\WINDOWS\system32\nvinfo.pb [18657]
O44 - LFC:[MD5.0BC318DD9A66AA076FA84FC5B5DDBF28] - 9/1/2014 - 18:35:05 ---A- . (...) -- C:\WINDOWS\system32\nvdrsdb1.bin [1134316]
O44 - LFC:[MD5.79E527457453EE7649EE7A078242C5BF] - 9/1/2014 - 18:35:09 ---A- . (...) -- C:\WINDOWS\system32\nvdrsdb0.bin [1134316]
O44 - LFC:[MD5.93B885ADFE0DA089CDF634904FD59F71] - 9/1/2014 - 18:35:09 ---A- . (...) -- C:\WINDOWS\system32\nvdrssel.bin [1]
~ Files: 51 Legitimates Filtered in 02mn 04s

---\\ Operações e funções ao arranque do Windows Explorer (046)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s

---\\ Exportar a chave da aplicação autorizada (047)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrador\Desktop\PokeGen\PokeGen.exe" [Enabled] .(..) -- C:\Documents and Settings\Administrador\Desktop\PokeGen\PokeGen.exe
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrador\Desktop\Launcher\PokeGen\PokeGen.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrador\Desktop\Launcher\PokeGen\PokeGen.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrador\Desktop\Games\Battlefield 2\BF2.exe" [Enabled] .(.No owner.) -- C:\Documents and Settings\Administrador\Desktop\Games\Battlefield 2\BF2.exe
~ Keys Export: 9 Legitimates Filtered in 00mn 00s

---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s

---\\ Lista dos drivers do sistema (SDL) (O58)
O58 - SDL:[MD5.202A10996987B279DFAF74CEF1709041] - 8/8/2013 - 00:25:30 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\WINDOWS\system32\Drivers\Bhbase.sys [64480] =>Adware.BDSearch
O58 - SDL:[MD5.DA6675E1400D58412C93180F8651A9FB] - 14/1/2011 - 07:39:46 ---A- . (.RAVISENT Technologies Inc. - CineMaster C 1.2 WDM Main Driver.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528]
O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 14/4/2008 - 06:00:00 ---A- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384]
O58 - SDL:[MD5.566C5FD480FDBCE3BA5CF9FBCFFAEA9A] - 9/10/2008 - 15:42:42 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\WINDOWS\system32\Drivers\KMWDFILTER.sys [17408]
O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 14/4/2008 - 06:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792]
O58 - SDL:[MD5.7B426B8E809EDF081D771EF429345528] - 21/6/2011 - 11:24:06 ---A- . (...) -- C:\WINDOWS\system32\Drivers\sp_rsdrv2.sys [32768]
O58 - SDL:[MD5.D8522960163FA593694E441194A9A574] - 18/10/2011 - 02:43:42 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\WINDOWS\system32\Drivers\ssudbus.sys [78136]
O58 - SDL:[MD5.1B4052F016BA5E087689ABA536A0A927] - 18/10/2011 - 02:43:42 ---A- . (.DEVGURU Co., LTD.([Tens de ter uma conta e sessão iniciada para poderes visualizar este link] - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\WINDOWS\system32\Drivers\ssudmdm.sys [181432]
O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 14/1/2011 - 07:39:46 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112]
O58 - SDL:[MD5.C1E76718BAB6BCA0D18E5670F074F821] - 14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9032]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]
O58 - SDL:[MD5.912150FE88E79AFEE0BB72216FAB2617] - 14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4896]
O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]
O58 - SDL:[MD5.19D4F0DAD3F393C13DE7F849ADE72EFE] - 14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27900]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]
O58 - SDL:[MD5.86BB7AF2533B342B8E274590AD2190FA] - 14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [33984]
O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]
O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]
O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]
O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 14/4/2008 - 06:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]
~ Drivers: 6 Legitimates Filtered in 00mn 03s

---\\ Lista das ferramentas de remoção de vírus (LAT) (063)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

---\\ Lista dos serviços Legacy du registo (064)
O64 - Services: CurCS - 14/8/2013 - C:\Arquivos de programas\RealNetworks\RealDownloader\rndlresolversvc.exe (RealNetworks Downloader Resolver Service) .(...) - LEGACY_REALNETWORKS_DOWNLOADER_RESOLVER_SERVICE
~ Legacy: 167 Legitimates Filtered in 00mn 01s

---\\ Associações Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 10 Legitimates Filtered in 00mn 00s

---\\ Menu de inicialização Internet (068)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Arquivos de programas\Comodo\Dragon\dragon.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Arquivos de programas\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Arquivos de programas\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- C:\Arquivos de programas\Opera\launcher.exe (.not file.)
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa de infeção nos navegadores da Internet (SBI) (069)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {2500E9FE-EC9A-4FCE-BCA1-D9C768FA1EC7} [DefaultScope] - (Search By ZoneAlarm) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
O69 - SBI: SearchScopes [HKCU] {ADAF2259-616F-4E1F-8455-7B8C394935D7} - (Google) - [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
~ Keys: Scanned in 00mn 00s

---\\ Pesquisa adicional à raiz do sistema (radicular) (SPRF) (O84)
[MD5.20E3FE616106EAC69E0448EBE2A6F941] [SPRF][9/1/2014] (...) -- C:\Documents and Settings\All Users\Dados de aplicativos\lpm.dat [10498]
[MD5.D9DE89F0FAF18019BC9595F0F47BCA61] [SPRF][18/12/2013] (.Atribune.org - ATF Cleaner.exe.) -- C:\Documents and Settings\Administrador\Desktop\ATF-Cleaner.exe [50688]
[MD5.B7C1232387A656FD57F1D4D5B69C2F90] [SPRF][1/1/2002] (...) -- C:\Documents and Settings\Administrador\Desktop\HJTscanlist.bat [35839]
[MD5.64BAEC464B396B66A353D8FC2F42A4E3] [SPRF][31/7/2011] (.RaProducts.org - System Purification Tool.) -- C:\Documents and Settings\Administrador\Desktop\PureRa.exe [76565]
~ Files: 5 Legitimates Filtered in 00mn 00s

---\\ Listagem dos códigos dos software (PUC) (090)
O90 - PUC: "6505D4B40073A67A677A7A857BC07000" . (.KMP Media Toolbar.) -- C:\WINDOWS\Installer\{4B4D5056-3700-A76A-76A7-A758B70C0700}\ToolbarIcon.exe =>Toolbar.Ask
~ Update Products: 67 Legitimates Filtered in 00mn 00s

---\\ Pesquisa dos pacotes WindowsInstaller (WIS) (O93) (NTFS)
[MD5.9FE99EB9A38BED54752973BD0C72A811] [WIS][4/1/2014] (.Eyeo GmbH - Adblock Plus for IE.) -- C:\Windows\Installer\10fe196.msi [236032]
[MD5.90E55EE66AC2C7F1EA8FF5417789464F] [WIS][14/7/2012] (.DocumentViewerQFolder - DocumentViewerQFolder.) -- C:\Windows\Installer\223d720.msi [121344]
[MD5.27EA2D012284CA9387D7B9745C6DE7F8] [WIS][8/12/2013] (.Stefans Tools - File/Folder Time Stamp Changer.) -- C:\Windows\Installer\23bee70.msi [140800]
[MD5.2D5604253D127FA894947031285AC24B] [WIS][15/11/2013] (.APN, LLC - KMP Media Toolbar.) -- C:\Windows\Installer\41bb1.msi [359424] =>Toolbar.Ask
~ WIS: 76 Legitimates Filtered in 00mn 06s

---\\ Estado general dos serviços não Microsoft (EGS) (SR=Executados, SS=Parados)
SS - | Demand 12/1/2014 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 14/4/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SS - | Auto 9/5/2012 136176 | (gupdate) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SS - | Demand 9/5/2012 136176 | (gupdatem) . (.Google Inc..) - C:\Arquivos de programas\Google\Update\GoogleUpdate.exe
SS - | Demand 10/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Arquivos de programas\Mozilla Maintenance Service\maintenanceservice.exe

SR - | Auto 12/9/2013 1337752 | (ekrn) . (.ESET.) - C:\Arquivos de programas\ESET\ESET Smart Security\ekrn.exe
SR - | Auto 18/12/2013 182696 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Arquivos de programas\Java\jre7\bin\jqs.exe
SR - | Auto 9/12/2013 1494304 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Arquivos de programas\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 19/12/2013 156960 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SR - | Auto 3/3/2006 69632 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe
SR - | Auto 14/8/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Arquivos de programas\RealNetworks\RealDownloader\rndlresolversvc.exe

~ Services: Scanned in 00mn 08s

---\\ Scâner Aditional (088)
Database Version : 13024 - (17/1/2014)
Clés trouvées (Keys found) : 8
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 4
Fichiers trouvés (Files found) : 2

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B4D5056-3700-A76A-76A7-A758B70C0700}] =>Toolbar.Ask^
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}] =>Toolbar.ZoneAlarm
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}] =>Toolbar.ZoneAlarm
[HKCU\Software\APN] =>Toolbar.Ask
[HKLM\Software\APN] =>Toolbar.Ask
[HKCU\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\AskPartnerNetwork] =>Toolbar.Ask
C:\Arquivos de programas\Baidu Security =>Adware.BDSearch^
C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security =>Adware.BDSearch^
C:\Documents and Settings\Administrador\Dados de aplicativos\Baidu Security =>Adware.BDSearch^
C:\Documents and Settings\All Users\Dados de aplicativos\AskPartnerNetwork =>Toolbar.Ask
[HKCU\Software\Conduit] =>Toolbar.Conduit^
C:\Windows\Installer\41bb1.msi =>Toolbar.Ask^
~ Additionnel Scan: 211590 Items scanned in 01mn 33s

---\\ Sumário das deteções encontradas na sua estação
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Ask
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Toolbar.Conduit
~ [Tens de ter uma conta e sessão iniciada para poderes visualizar este link] =>Adware.BDSearch
~ MSI: 3 link(s) detected in 01mn 33s

~ 1097 Legitimates filtered by white list
End of the scan (547 lines in 54mn 45s)(0)

por **Power Max** Qui 23 Jan 2014, 01:31

Selecione todo este texto que está destacado em vermelho abaixo e o copie (Ctrl + C):

script zhpfix
P2 - FPN: [HKLM] [@raidcall.en/RCplugin] - (...) -- C:\Documents and Settings\Administrador\Dados de aplicativos\raidcall\plugins\nprcplugin.dll (.not file.)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Chave orfã
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} Chave orfã
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Chave orfã
O41 - Driver: (avipbb) . (. - .) - C:\WINDOWS\system32\DRIVERS\avipbb.sys (.not file.)
O41 - Driver: (avkmgr) . (. - .) - C:\WINDOWS\system32\DRIVERS\avkmgr.sys (.not file.)
O41 - Driver: (ssmdrv) . (. - .) - C:\WINDOWS\system32\DRIVERS\ssmdrv.sys (.not file.)
O41 - Driver: (Vsdatant) . (. - .) - C:\WINDOWS\system32\vsdatant.sys (.not file.)
O42 - Logiciel: KMP Media Toolbar - (.APN, LLC.) [HKLM] -- {4B4D5056-3700-A76A-76A7-A758B70C0700} =>Toolbar.Ask
[HKCU\Software\APN]
[HKCU\Software\AskPartnerNetwork]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\APN]
[HKLM\Software\AskPartnerNetwork]
O43 - CFD: 6/11/2013 - 17:31:17 - [0] ----D C:\Arquivos de programas\Baidu Security =>Adware.BDSearch
O43 - CFD: 14/5/2013 - 15:00:34 - [1,487] ----D C:\Documents and Settings\All Users\Dados de aplicativos\APN
O43 - CFD: 31/8/2013 - 01:17:34 - [0,213] ----D C:\Documents and Settings\All Users\Dados de aplicativos\AskPartnerNetwork
O43 - CFD: 6/11/2013 - 17:31:51 - [0] ----D C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security =>Adware.BDSearch
O43 - CFD: 15/12/2012 - 14:02:23 - [0] ----D C:\Documents and Settings\All Users\Dados de aplicativos\{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
O43 - CFD: 6/11/2013 - 17:32:06 - [0] ----D C:\Documents and Settings\Administrador\Dados de aplicativos\Baidu Security =>Adware.BDSearch
O43 - CFD: 11/5/2012 - 14:32:59 - [0] ----D C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\APN
O47 - AAKE:Key Export SP - "C:\Documents and Settings\Administrador\Desktop\Launcher\PokeGen\PokeGen.exe" [Enabled] .(...) -- C:\Documents and Settings\Administrador\Desktop\Launcher\PokeGen\PokeGen.exe (.not file.)
O58 - SDL:[MD5.202A10996987B279DFAF74CEF1709041] - 8/8/2013 - 00:25:30 ---A- . (.Baidu, Inc. - Baidu Antivirus Hook Base.) -- C:\WINDOWS\system32\Drivers\Bhbase.sys [64480] =>Adware.BDSearch
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Arquivos de programas\Comodo\Dragon\dragon.exe (.not file.)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (...) -- C:\Arquivos de programas\Opera\launcher.exe (.not file.)
O90 - PUC: "6505D4B40073A67A677A7A857BC07000" . (.KMP Media Toolbar.) -- C:\WINDOWS\Installer\{4B4D5056-3700-A76A-76A7-A758B70C0700}\ToolbarIcon.exe =>Toolbar.Ask
[MD5.2D5604253D127FA894947031285AC24B] [WIS][15/11/2013] (.APN, LLC - KMP Media Toolbar.) -- C:\Windows\Installer\41bb1.msi [359424] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B4D5056-3700-A76A-76A7-A758B70C0700}] =>Toolbar.Ask^
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}] =>Toolbar.ZoneAlarm
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}] =>Toolbar.ZoneAlarm
[HKCU\Software\APN] =>Toolbar.Ask
[HKLM\Software\APN] =>Toolbar.Ask
[HKCU\Software\AskPartnerNetwork] =>Toolbar.Ask
[HKLM\Software\AskPartnerNetwork] =>Toolbar.Ask
C:\Arquivos de programas\Baidu Security =>Adware.BDSearch^
C:\Documents and Settings\All Users\Dados de aplicativos\Baidu Security =>Adware.BDSearch^
C:\Documents and Settings\Administrador\Dados de aplicativos\Baidu Security =>Adware.BDSearch^
C:\Documents and Settings\All Users\Dados de aplicativos\AskPartnerNetwork =>Toolbar.Ask
[HKCU\Software\Conduit] =>Toolbar.Conduit^
C:\Windows\Installer\41bb1.msi =>Toolbar.Ask^

Sysrestore
firewallraz
emptytemp
emptyflash
emptyclsid

Vá no menu: Iniciar > Todos os programas > ZHP > ZHPFix > Na tela que abrir cole o que você copiou (Ctrl + V) > Clique no botão GO > Clique em Oui > Caso queira que os arquivos da lixeira sejam excluídos clique em Oui novamente > Um relatório aparecerá no bloco de notas. Copie este relatório e poste em sua próxima resposta.

por # DanieL # Qui 23 Jan 2014, 02:13

Rapport de ZHPFix 2014.1.17.2 par Nicolas Coolman, Update du 17/01/2014
Fichier d'export Registre :
Run by Administrador at 23/1/2014 02:11:36
High Elevated Privileges : OK
Windows XP Professional Service Pack 3 (Build 2600)

Reciclagem vazia (00mn 04s)

========== Softwares ==========
ELIMINÉ: KMP Media Toolbar

========== Chaves do Registo ==========
ELIMINÉ: [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4B4D5056-3700-A76A-76A7-A758B70C0700}]
ELIMINÉ: Mozilla Plugin: @raidcall.en/RCplugin
ELIMINÉ: CLSID Extra Buttons: {e2e2dd38-d088-4134-82b7-f2ba38496583}
ELIMINÉ Driver Key: avipbb
ELIMINÉ Driver Key: avkmgr
ELIMINÉ Driver Key: ssmdrv
ELIMINÉ Driver Key: Vsdatant
ELIMINÉ: HKCU\Software\APN
ELIMINÉ: HKCU\Software\AskPartnerNetwork
ELIMINÉ: HKCU\Software\Conduit
ELIMINÉ: HKLM\Software\APN
ELIMINÉ: HKLM\Software\AskPartnerNetwork
ELIMINÉ: [HKLM\Software\Classes\Installer\Products\\6505D4B40073A67A677A7A857BC07000]
ELIMINÉ: [HKLM\Software\Classes\Installer\Features\6505D4B40073A67A677A7A857BC07000]
ELIMINÉ: HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}
ELIMINÉ: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59}

========== Valores do Registo ==========
ELIMINÉ: Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F}
ELIMINÉ: Toolbar: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}
ELIMINÉ AAKE KeyValue: C:\Documents and Settings\Administrador\Desktop\Launcher\PokeGen\PokeGen.exe
Nenhum valor presente na chave de exceções do registo (FirewallRaz)

========== Pastas ==========
Nenhuma pasta CLSID local utilizador vazia

========== Ficheiros ==========
ELIMINÉ: c:\windows\system32\drivers\bhbase.sys
ELIMINÉ: C:\Windows\Installer\41bb1.msi
ELIMINÉ Temporários windows (154) (9.646.950 octets)
ELIMINÉ Flash Cookies (24) (2.122 octets)

========== Restauração Sistema ==========
Ponto de restauro do sistema criado com sucesso

========== Recapitulativo ==========
17 : Chaves do Registo
4 : Valores do Registo
1 : Pastas
4 : Ficheiros
1 : Softwares
1 : Restauração Sistema

End of clean in 00mn 49s

========== Caminho do ficheiro do relatório ==========
C:\Documents and Settings\Administrador\Dados de aplicativos\ZHP\ZHPFix[R1].txt - 23/1/2014 02:11:40 [2353]

por **Power Max** Qui 23 Jan 2014, 09:12

Siga, por gentileza, as dicas dos tutoriais abaixo:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

* Na sua próxima resposta poste, por gentileza, o log do Adwcleaner que estará em C:\AdwCleaner\AdwCleaner[S0].txt e o log do Junkware Removal Tool que estará salvo em sua área de trabalho com o nome de JRT.txt e nos diga como está seu PC depois destes procedimentos.

Ficamos na espera.

por Convidado Qui 23 Jan 2014, 12:27

# DanieL # escreveu:Log muito grande, não dá pra editar o post..

~> [Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

Infelizmente não consegui baixar o relatório, nem mesmo me cadastrando ao site, não consegui fazer o Download do Relatório!
Alguém conseguiu baixar o relatório ?

Uma dica:
Para resolver seu problema repare o sistema com o CD de instalação do Windows XP,
Ou Formate e reinstale o Sistema.., caso houver tela Azul, não tenha duvida o problema é de Hardware. placas de memória, Placa de vídeio, etc..

Fica de Olho Esquilinho!!, rsrs

por **Power Max** Qui 23 Jan 2014, 12:31

Você pode baixar o relatório diretamente neste link abaixo:
[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]

por # DanieL # Qui 23 Jan 2014, 13:11

# Brando Lee

Infelizmente não posso fazer isso pois não tenho o CD de instalação do Windows (don't ask why)

# Marcos Felipe

Segue abaixo os Relatórios

Junkware Removal Tool ~

Código:: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.0 (01.07.2014:1) OS: Microsoft Windows XP x86 Ran by Administrador on qui 23/01/2014 at 12:56:25,89 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar ~~~ Files Successfully deleted: [File] "C:\end" ~~~ Folders ~~~ FireFox Emptied folder: C:\Documents and Settings\Administrador\Dados de aplicativos\mozilla\firefox\profiles\c4ir3byz.default\minidumps [4 files] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on qui 23/01/2014 at 13:02:42,09 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AdwCleaner ~

Código:: # AdwCleaner v3.017 - Relatório criado 23/01/2014 às 13:04:17 # Atualizado 12/01/2014 por Xplode # Sistema Operacional : Microsoft Windows XP Service Pack 3 (32 bits) # Usuário : Administrador - GRSPC # Executando de : C:\Documents and Settings\Administrador\Desktop\AdwCleaner.exe # Opção : Limpar ***** [ Serviços ] ***** ***** [ Arquivos / Pastas ] ***** Pasta Deletada : C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp\boost_interprocess ***** [ Atalhos ] ***** ***** [ Registro ] ***** Chave Deletedo : HKLM\Software\DivX\Install\Setup\WizardLayout\ConduitToolbar ***** [ Navegadores ] ***** -\\ Internet Explorer v8.0.6001.18702 -\\ Mozilla Firefox v26.0 (pt-BR) [ Arquivo : C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\c4ir3byz.default\prefs.js ] -\\ Google Chrome v [ Arquivo : C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [11191 octets] - [15/11/2013 22:39:39] AdwCleaner[R1].txt - [40122 octets] - [01/12/2013 19:01:30] AdwCleaner[R2].txt - [1773 octets] - [23/01/2014 13:03:04] AdwCleaner[S0].txt - [11066 octets] - [15/11/2013 22:41:35] AdwCleaner[S1].txt - [39253 octets] - [01/12/2013 19:02:55] AdwCleaner[S2].txt - [1329 octets] - [23/01/2014 13:04:17] ########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1389 octets] ##########

por **Power Max** Qui 23 Jan 2014, 13:45

Siga, por gentileza, as dicas deste tutorial:

[Tens de ter uma conta e sessão iniciada para poderes visualizar este link]
________________________________________________

Na sua próxima resposta poste o log do Zoek que estará em C:\zoek-results para que possamos analisá-lo.

Ficamos no aguardo.

por # DanieL # Qui 23 Jan 2014, 14:27

Opa! Marcos Felipe!

Relatório Pronto!

Zoek ~

Código:: Zoek.exe v5.0.0.0 Updated 22-Januari-2014 Tool run by Administrador on qui 23/01/2014 at 14:08:19,85. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Administrador\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 23/1/2014 14:10:21 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1715567821-1844237615-1801674531-500\Software\Microsoft\Internet Explorer\Approved Extensions\{fe063412-bea4-4d76-8ed3-183be6220d17} deleted successfully HKEY_USERS\S-1-5-21-1715567821-1844237615-1801674531-500\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110311121157} deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\c4ir3byz.default user.js not found ---- Lines ask.com modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{ABDE892B-13A8-4d1b-88E6-365A6E755758}\":{\"descriptor\":\"C:\\\\ ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 3); ---- FireFox user.js and prefs.js backups ---- prefs_20142301_1418_.backup ==== Deleting Files \ Folders ====================== C:\Documents and Settings\All Users\Dados de aplicativos\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted C:\Documents and Settings\All Users\Dados de aplicativos\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted C:\Arquivos de programas\Arquivos comuns\DVDVideoSoft\bin deleted C:\autorun.inf deleted C:\Documents and Settings\Administrador\Dados de aplicativos\MPQEditor.ini deleted C:\Documents and Settings\All Users\Dados de aplicativos\lpm.dat deleted C:\Documents and Settings\All Users\Dados de aplicativos\ProductData deleted C:\Documents and Settings\All Users\Dados de aplicativos\Package Cache deleted C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\BIT14B.tmp deleted C:\WINDOWS\System32\InstallUtil.InstallLog deleted C:\WINDOWS\System32\SET72.tmp deleted "C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\c4ir3byz.default\extensions\toolbar_KMPV7@apn.ask.com.xpi" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\Documents and Settings\All Users\Dados de aplicativos\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [31/08/2013 00:21] ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\c4ir3byz.default - Freemake Video Converter Plugin - C:\Arquivos de programas\Freemake\Freemake Video Converter\BrowserPlugin\Firefox - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\Administrador\Dados de aplicativos\Mozilla\Firefox\Profiles\c4ir3byz.default F891089A6AB9E12FEDEBCC5EC0F40D66 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll - Shockwave Flash 4380B55D9167DC87793A97329C6C4059 - C:\Arquivos de programas\DivX\DivX Web Player\npdivx32.dll - DivX Plus Web Player AC987EE8037531807C5D7E6217A23501 - C:\Arquivos de programas\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat EB41064BC07017F5694CF16B4DEF6B10 - C:\Arquivos de programas\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat A9191AE22A8F1287B5E2DF33E3A57253 - C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U51 9B10927CFD0F7AD39E40C0E34005B1AD - C:\Arquivos de programas\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.510.13 C36444D7301A8C881FC7296B092609C7 - C:\Arquivos de programas\Google\Update\1.3.22.3\npGoogleUpdate3.dll - Google Update 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Arquivos de programas\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 86244E1B6D062BBE2B91AA5DA7376806 - C:\Arquivos de programas\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in BE501CBC29B2025A263D80D399F1797A - C:\Arquivos de programas\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In 3A9E1940B4459CC97FDCBB24FCB69004 - c:\arquivos de programas\real\realplayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) 0FCEAA7D12B7B0BA825E5C770B1DCA48 - c:\arquivos de programas\real\realplayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin BE126CB7049E89ED6F3038016668B502 - C:\Documents and Settings\All Users\Dados de aplicativos\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) EAC427FEF96A13058C1ACD17C38966CF - C:\Documents and Settings\All Users\Dados de aplicativos\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) 96B3689320E9B16EDF38B7A5001C35F0 - C:\Documents and Settings\All Users\Dados de aplicativos\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\Documents and Settings\All Users\Dados de aplicativos\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin 66640A55AEFF3819C94E0A8D40D7E0AD - C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation CF4ABE599858E10EEB911E16FBCFD87D - C:\Arquivos de programas\Windows Media Player\npdrmv2.dll - Microsoft® DRM 76E34EA1089E92709C5725407B565DA1 - C:\Arquivos de programas\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library 02A4A41FAC9BF96155B3E8068D1DF4B6 - C:\Arquivos de programas\Windows Media Player\npwmsdrm.dll - Microsoft® DRM B27CCB1168B1960AEC6E9D3E0E0F0D2A - C:\Arquivos de programas\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\Documents and Settings\All Users\Dados de aplicativos\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 16:24] jbolfgndggfhhpbnkgnpjkfhinclbigj - C:\Arquivos de programas\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[24/10/2013 10:37] jndgbbkddogdjbjdckoheoaakboeccio - C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\22find.crx[] RealDownloader - Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com.br/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com.br/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {2500E9FE-EC9A-4FCE-BCA1-D9C768FA1EC7} Search By ZoneAlarm Url="http://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=en&q={searchTerms}&gu=788ea8da84704247b24f51cd8014bb1a&tu=10G90008A2B0008&sku=&tstsId=&ver=&&r=140" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {ADAF2259-616F-4E1F-8455-7B8C394935D7} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFB_pt-BRBR483" ==== shortcuts on All Users Desktop ====================== C:\Documents and Settings\All Users\Desktop\CCleaner.lnk - C:\Arquivos de programas\CCleaner\CCleaner.exe C:\Documents and Settings\All Users\Desktop\Driver Booster.lnk - C:\Arquivos de programas\IObit\Driver Booster\DriverBooster.exe C:\Documents and Settings\All Users\Desktop\Free 3GP Video Converter.lnk - C:\Arquivos de programas\DVDVideoSoft\Free 3GP Video Converter\Free3GPVideoConverter.exe C:\Documents and Settings\All Users\Desktop\Freemake Video Converter.lnk - C:\Arquivos de programas\Freemake\Freemake Video Converter\FreemakeVideoConverter.exe C:\Documents and Settings\All Users\Desktop\Magentic by IncrediMail.lnk - C:\Arquivos de programas\Magentic\bin\Magentic.exe C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk - C:\Arquivos de programas\Malwarebytes' Anti-Malware\mbam.exe C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk - C:\Arquivos de programas\Mozilla Firefox\firefox.exe C:\Documents and Settings\All Users\Desktop\RealPlayer.lnk - C:\Arquivos de programas\real\realplayer\realplay.exe /launch:desktop C:\Documents and Settings\All Users\Desktop\Recuva.lnk - C:\Arquivos de programas\Recuva\Recuva.exe C:\Documents and Settings\All Users\Desktop\SpywareBlaster.lnk - C:\Arquivos de programas\SpywareBlaster\spywareblaster.exe ==== shortcuts in All Users Start Menu ====================== C:\Documents and Settings\All Users\Menu Iniciar\Programas\Adobe Reader XI.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1046-7B44-AB0000000001}\SC_Reader.ico C:\Documents and Settings\All Users\Menu Iniciar\Programas\Acessórios\Calculadora.lnk - C:\WINDOWS\system32\calc.exe C:\Documents and Settings\All Users\Menu Iniciar\Programas\DivX\Check for Updates.lnk - C:\Arquivos de programas\DivX\DivX Control Panel\DivXControlPanelLauncher.exe /start=update C:\Documents and Settings\All Users\Menu Iniciar\Programas\DivX\DivX Converter.lnk - C:\Arquivos de programas\DivX\DivX Converter\DivXConverterLauncher.exe C:\Documents and Settings\All Users\Menu Iniciar\Programas\DivX\DivX Player.lnk - C:\Arquivos de programas\DivX\DivX Player\DivX Player.exe C:\Documents and Settings\All Users\Menu Iniciar\Programas\DivX\Register.lnk - C:\Arquivos de programas\DivX\DivX Control Panel\DivXControlPanelLauncher.exe /start=registration C:\Documents and Settings\All Users\Menu Iniciar\Programas\ESET\ESET Smart Security\Documentation.lnk - C:\Arquivos de programas\ESET\ESET Smart Security\eset.chm C:\Documents and Settings\All Users\Menu Iniciar\Programas\ESET\ESET Smart Security\ESET Smart Security.lnk - C:\Arquivos de programas\ESET\ESET Smart Security\egui.exe C:\Documents and Settings\All Users\Menu Iniciar\Programas\ESET\ESET Smart Security\ESET SysInspector.lnk - C:\Arquivos de programas\ESET\ESET Smart Security\SysInspector.exe C:\Documents and Settings\All Users\Menu Iniciar\Programas\ESET\ESET Smart Security\ESET SysRescue.lnk - C:\Arquivos de programas\ESET\ESET Smart Security\SysRescue.exe C:\Documents and Settings\All Users\Menu Iniciar\Programas\ESET\ESET Smart Security\License agreement.lnk - C:\Arquivos de programas\ESET\ESET Smart Security\eula.rtf C:\Documents and Settings\All Users\Menu Iniciar\Programas\ESET\ESET Smart Security\Uninstall.lnk - C:\Arquivos de programas\ESET\ESET Smart Security\callmsi.exe /i {B291A3F9-4F96-4B07-8FA9-72C0D06A42CF} C:\Documents and Settings\All Users\Menu Iniciar\Programas\Java\About Java.lnk - C:\Arquivos de programas\Java\jre7\bin\javacpl.exe -tab about C:\Documents and Settings\All Users\Menu Iniciar\Programas\Java\Check For Updates.lnk - C:\Arquivos de programas\Java\jre7\bin\javacpl.exe -tab update C:\Documents and Settings\All Users\Menu Iniciar\Programas\Java\Configure Java.lnk - C:\Arquivos de programas\Java\jre7\bin\javacpl.exe C:\Documents and Settings\All Users\Menu Iniciar\Programas\Java\Get Help.lnk - C:\Documents and Settings\All Users\Menu Iniciar\Programas\Java\Visit Java.com.lnk - C:\Documents and Settings\All Users\Menu Iniciar\Programas\VistaMizer\Data rebuild.lnk - C:\WINDOWS\VistaMizer\Rebuild.exe C:\Documents and Settings\All Users\Menu Iniciar\Programas\VistaMizer\Set UnSet CurrentUser.lnk - C:\WINDOWS\VistaMizer\User.exe C:\Documents and Settings\All Users\Menu Iniciar\Programas\VistaMizer\Uninstall.lnk - C:\WINDOWS\VistaMizer\Uninstall.exe C:\Documents and Settings\All Users\Menu Iniciar\Programas\ZHP\ZHPDiag.lnk - C:\Arquivos de programas\ZHPDiag\ZHPhep.exe C:\Documents and Settings\All Users\Menu Iniciar\Programas\ZHP\ZHPFix.lnk - C:\Arquivos de programas\ZHPDiag\ZHPFix\ZHPhep.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jndgbbkddogdjbjdckoheoaakboeccio deleted successfully ==== Empty IE Cache ====================== C:\Documents and Settings\Administrador\Configurações locais\temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Administrador\Configurações locais\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Mozilla\Firefox\Profiles\c4ir3byz.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Documents and Settings\Administrador\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=124 folders=27 15748120 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Default User\Configurações locais\Temp emptied successfully C:\Documents and Settings\Gorishi\Configurações locais\Temp emptied successfully C:\Documents and Settings\LocalService\Configurações locais\Temp emptied successfully C:\Documents and Settings\NetworkService\Configurações locais\Temp emptied successfully C:\WINDOWS\system32\config\systemprofile\Configurações locais\Temp emptied successfully C:\Documents and Settings\Administrador\Configurações locais\Temp will be emptied at reboot C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\ADMINI~1\CONFIG~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Administrador\Configurações locais\Temporary Internet Files\Content.IE5\index.dat" not found ==== EOF on qui 23/01/2014 at 14:22:49,29 ======================

por **Power Max** Qui 23 Jan 2014, 14:45

Mais problemas foram removidos pelo Zoek.

Como está seu PC após estes procedimentos?

por # DanieL # Qui 23 Jan 2014, 14:48

A sim, esqueci de reportar..

Bom.. tá normal.. como de costume.. mais o problema das pasta ainda persiste.. talvez seja mesmo problema com hardwares como o amigo Brando Lee disse.. mais infelizmente não tem como eu resolver tão cedo se for esse o caso..

por **Power Max** Qui 23 Jan 2014, 15:48

Vá no menu: Iniciar > Executar > digite: sysdm.cpl e tecle Enter.

Na janela que abrirá clique na aba Avançado > Configurações (relativa a Desempenho) > Prevenção de execução de dados > marque a opção Ativar a DEP só para programas e serviços essenciais do Windows > Clique em OK.

Veja se assim este erro das pastas se resolve e nos diga, por gentileza.

por # DanieL # Qui 23 Jan 2014, 16:34

Feito, mais a opção "Ativar a DEP só para programas e serviços essenciais do Windows" já estava marcada...

por Conteúdo patrocinado

Anormalidade relacionada a Pastas

Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Re: Anormalidade relacionada a Pastas

Seg	Ter	Qua	Qui	Sex	Sáb	Dom
1	2	3	4	5	6	7
8	9	10	11	12	13	14
15	16	17	18	19	20	21
22	23	24	25	26	27	28
29	30