HijackThis:Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:27:43, on 07/07/2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16446)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Users\João Henrique\AppData\Local\Facebook\Update\FacebookUpdate.exe
C:\Users\João Henrique\AppData\Local\Facebook\Messenger\2.1.4554.0\FacebookMessenger.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
C:\Users\João Henrique\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.uol.com.br/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Auxiliar de Conexão do Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: G-Buster Browser Defense CEF - {C41A1C0E-EA6C-11D4-B1B8-444553540003} - C:\Program Files (x86)\GbPlugin\gbiehcef.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Dolby Advanced Audio v2] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [PlusService] C:\Program Files (x86)\Yuna Software\Messenger Plus!\PlusService.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\João Henrique\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - Startup: Facebook Messenger.lnk = ?
O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube Download - C:\Users\João Henrique\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: imagem.caixa.gov.br
O15 - Trusted Zone: internetbanking.caixa.gov.br
O15 - Trusted Zone: www.caixa.gov.br
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.m...ash/swflash.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: GbPluginCef - C:\Program Files (x86)\GbPlugin\gbiehCef.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: avast! antivírus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Gbp Service (GbpSv) - - C:\PROGRA~2\GbPlugin\GbpSv.exe
O23 - Service: Serviço do Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Serviço do Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 10685 bytes
ComboFix.tst.ComboFix 12-07-07.02 - João Henrique 07/07/2012 13:09:39.2.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.55.1046.18.2924.1721 [GMT -3:00]
Executando de: c:\users\JoÒo Henrique\Desktop\ComboFix.exe
Comandos utilizados :: c:\users\JoÒo Henrique\Desktop\CFScript.txt
AV: avast! antivírus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! antivírus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - drivers: deleted 212 bytes in 1 streams. .
(((((((((((((((( Arquivos/Ficheiros criados de 2012-06-07 to 2012-07-07 ))))))))))))))))))))))))))))
.
.
2012-07-07 16:15 . 2012-07-07 16:15 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-07-07 16:00 . 2012-07-07 16:00 -------- d-----w- c:\program files\AVAST Software
2012-07-07 04:42 . 2012-05-04 11:00 366592 ----a-w- c:\windows\system32\qdvd.dll
2012-07-07 04:42 . 2012-05-04 09:59 514560 ----a-w- c:\windows\SysWow64\qdvd.dll
2012-07-07 04:18 . 2012-07-07 04:18 -------- d-----w- c:\programdata\Malwarebytes
2012-07-07 04:18 . 2012-07-07 04:18 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-07 04:18 . 2012-04-04 18:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-06 16:16 . 2012-07-06 16:16 -------- d-----w- c:\programdata\Messenger Plus!
2012-07-06 14:04 . 2012-06-18 06:12 9013136 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{984512C9-8C8A-48C4-8D7F-BD2C201DC453}\mpengine.dll
2012-07-06 02:06 . 2012-07-06 02:06 -------- d-----w- c:\program files (x86)\VS Revo Group
2012-07-05 22:27 . 2012-07-05 22:27 -------- d-----w- c:\windows\system32\SPReview
2012-07-05 21:56 . 2010-11-20 08:37 2560 ----a-w- c:\windows\system32\drivers\pt-BR\rdpwd.sys.mui
2012-07-05 21:56 . 2010-11-20 08:45 3584 ----a-w- c:\windows\system32\drivers\pt-BR\tsusbflt.sys.mui
2012-07-05 21:52 . 2010-11-20 08:26 675328 ----a-w- c:\windows\system32\DXPTaskRingtone.dll
2012-07-05 21:51 . 2010-11-20 08:34 34688 ----a-w- c:\windows\system32\drivers\storvsc.sys
2012-07-05 21:50 . 2010-11-20 08:26 551936 ----a-w- c:\windows\system32\localsec.dll
2012-07-05 13:13 . 2012-07-05 13:13 -------- d-----w- c:\windows\CheckSur
2012-07-04 21:56 . 2012-07-04 21:56 -------- d-----w- c:\program files\CCleaner
2012-07-04 19:04 . 2012-07-04 19:04 -------- d-----w- c:\program files (x86)\MSXML 4.0
2012-07-04 18:29 . 2012-07-04 18:29 -------- d-----w- c:\program files (x86)\Yuna Software
2012-07-04 17:11 . 2012-07-04 17:11 -------- d-----w- c:\windows\system32\EventProviders
2012-07-04 15:39 . 2012-07-04 15:47 -------- d-----w- c:\program files (x86)\Project64 1.6
2012-07-04 15:03 . 2012-06-05 12:50 44208 ----a-w- c:\windows\SysWow64\drivers\gbpkm.sys
2012-07-04 15:02 . 2012-07-04 15:03 -------- d-----w- c:\program files (x86)\GbPlugin
2012-07-04 15:02 . 2012-07-04 15:03 -------- d-----w- c:\programdata\GbPlugin
2012-07-04 15:01 . 2012-07-04 15:01 525544 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-04 15:01 . 2012-07-04 15:01 -------- d-----w- c:\program files\Java
2012-07-04 14:16 . 2012-07-04 14:16 -------- d-----w- c:\program files (x86)\Common Files\xing shared
2012-07-04 14:15 . 2012-07-04 14:15 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll
2012-07-04 14:15 . 2012-07-04 14:15 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll
2012-07-04 14:15 . 2012-07-04 14:16 -------- d-----w- c:\program files (x86)\Real
2012-07-04 13:02 . 2012-07-04 13:02 -------- d-----w- c:\program files (x86)\Common Files\Java
2012-07-04 13:02 . 2012-07-04 13:02 -------- d-----w- c:\program files (x86)\Oracle
2012-07-04 13:01 . 2012-05-04 22:29 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-04 13:01 . 2012-05-04 22:29 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-07-04 13:00 . 2012-07-04 14:59 -------- d-----w- c:\program files (x86)\Java
2012-07-04 03:22 . 2012-07-07 04:25 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2012-07-04 03:22 . 2012-07-07 04:14 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy
2012-07-04 02:42 . 2012-07-04 02:42 -------- d-----w- c:\windows\SysWow64\Wat
2012-07-04 02:42 . 2012-07-04 02:42 -------- d-----w- c:\windows\system32\Wat
2012-07-04 02:40 . 2012-07-04 02:40 -------- d-----w- c:\users\Default\AppData\Local\Microsoft Help
2012-07-04 02:27 . 2010-10-04 16:02 53248 ----a-w- c:\windows\SysWow64\CSVer.dll
2012-07-04 02:17 . 2012-07-04 02:17 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2012-07-04 02:04 . 2012-07-04 02:04 -------- d-----w- c:\program files (x86)\Common Files\Skype
2012-07-04 02:04 . 2012-07-04 02:05 -------- d-----r- c:\program files (x86)\Skype
2012-07-04 02:04 . 2012-07-04 02:05 -------- d-----w- c:\programdata\Skype
2012-07-04 01:59 . 2010-02-09 19:37 65602 ----a-w- c:\windows\SysWow64\cook3260.dll
2012-07-04 01:59 . 2010-02-09 19:37 217127 ----a-w- c:\windows\SysWow64\drv43260.dll
2012-07-04 01:59 . 2010-02-09 19:37 208935 ----a-w- c:\windows\SysWow64\drv33260.dll
2012-07-04 01:59 . 2010-02-09 19:37 176165 ----a-w- c:\windows\SysWow64\drv23260.dll
2012-07-04 01:59 . 2010-02-09 19:37 102439 ----a-w- c:\windows\SysWow64\sipr3260.dll
2012-07-04 01:59 . 2010-02-09 19:37 626688 ----a-w- c:\windows\SysWow64\vp7vfw.dll
2012-07-04 01:59 . 2010-02-09 19:37 1184984 ----a-w- c:\windows\SysWow64\wvc1dmod.dll
2012-07-04 01:59 . 2012-07-04 01:59 -------- d-----w- c:\program files (x86)\VSO
2012-07-04 01:28 . 2012-07-04 01:28 -------- d-----w- c:\programdata\Ahead
2012-07-04 01:25 . 2012-07-04 01:25 -------- d-----w- c:\program files (x86)\Nero
2012-07-04 01:25 . 2012-07-04 01:27 -------- d-----w- c:\program files (x86)\Common Files\Ahead
2012-07-04 01:25 . 2012-07-04 01:25 -------- d-----w- c:\programdata\Nero
2012-07-04 00:55 . 2011-02-19 12:05 1139200 ----a-w- c:\windows\system32\FntCache.dll
2012-07-04 00:55 . 2011-02-19 12:04 902656 ----a-w- c:\windows\system32\d2d1.dll
2012-07-04 00:55 . 2011-02-19 06:30 739840 ----a-w- c:\windows\SysWow64\d2d1.dll
2012-07-03 23:13 . 2012-07-04 22:38 -------- d-----w- c:\programdata\Freemake
2012-07-03 23:13 . 2012-07-03 23:13 -------- d-----w- c:\program files (x86)\Freemake
2012-07-03 23:09 . 2012-07-04 01:10 -------- d-----w- c:\program files (x86)\v9Soft
2012-07-03 23:07 . 2012-07-03 23:07 -------- d-----w- c:\program files (x86)\FreeTime
2012-07-03 22:45 . 2012-06-01 00:21 289952 ----a-r- c:\windows\system32\drivers\360FltOEM.sys
2012-07-03 22:42 . 2012-07-03 22:42 249 ----a-w- C:\user.js
2012-07-03 22:34 . 2012-06-22 19:32 405144 ----a-w- c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
2012-07-03 22:32 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-07-03 22:32 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2012-07-03 22:32 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2012-07-03 22:32 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2012-07-03 22:32 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2012-07-03 22:32 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2012-07-03 22:32 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2012-07-03 22:23 . 2012-07-03 22:23 -------- d-----w- C:\DVDVideoSoft
2012-07-03 22:22 . 2012-07-03 22:34 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2012-07-03 22:22 . 2012-07-04 00:55 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2012-07-03 22:22 . 2002-01-05 18:37 344064 ----a-w- c:\windows\SysWow64\msvcr70.dll
2012-07-03 22:19 . 2012-07-03 22:19 -------- d-----w- c:\program files (x86)\PhotoScape
2012-07-03 22:16 . 2011-04-29 03:06 467456 ----a-w- c:\windows\system32\drivers\srv.sys
2012-07-03 22:16 . 2011-04-29 03:05 410112 ----a-w- c:\windows\system32\drivers\srv2.sys
2012-07-03 22:16 . 2011-04-29 03:05 168448 ----a-w- c:\windows\system32\drivers\srvnet.sys
2012-07-03 22:16 . 2010-12-23 10:42 961024 ----a-w- c:\windows\system32\CPFilters.dll
2012-07-03 22:16 . 2010-12-23 05:54 642048 ----a-w- c:\windows\SysWow64\CPFilters.dll
2012-07-03 22:16 . 2010-12-23 10:42 1118720 ----a-w- c:\windows\system32\sbe.dll
2012-07-03 22:16 . 2010-12-23 10:36 259072 ----a-w- c:\windows\system32\mpg2splt.ax
2012-07-03 22:16 . 2010-12-23 05:54 850944 ----a-w- c:\windows\SysWow64\sbe.dll
2012-07-03 22:16 . 2010-12-23 05:50 199680 ----a-w- c:\windows\SysWow64\mpg2splt.ax
2012-07-03 22:16 . 2012-03-03 06:35 1544704 ----a-w- c:\windows\system32\DWrite.dll
2012-07-03 22:16 . 2012-03-03 05:31 1077248 ----a-w- c:\windows\SysWow64\DWrite.dll
2012-07-03 22:16 . 2012-03-30 11:35 1918320 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-07-03 22:16 . 2010-11-20 13:33 288640 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-07-03 22:15 . 2012-04-24 05:37 1462272 ----a-w- c:\windows\system32\crypt32.dll
2012-07-03 22:15 . 2012-04-24 04:36 1158656 ----a-w- c:\windows\SysWow64\crypt32.dll
2012-07-03 22:15 . 2012-04-24 05:37 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2012-07-03 22:15 . 2012-04-24 05:37 140288 ----a-w- c:\windows\system32\cryptnet.dll
2012-07-03 22:15 . 2012-04-24 04:36 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2012-07-03 22:15 . 2012-04-24 04:36 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2012-07-03 22:13 . 2011-02-19 09:00 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-07-03 22:12 . 2011-06-15 10:02 212992 ----a-w- c:\windows\system32\odbctrac.dll
2012-07-03 22:11 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll
2012-07-03 22:11 . 2012-04-26 05:41 149504 ----a-w- c:\windows\system32\rdpcorekmts.dll
2012-07-03 22:11 . 2012-04-26 05:34 9216 ----a-w- c:\windows\system32\rdrmemptylst.exe
2012-07-03 22:11 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 22:11 . 2011-10-26 05:21 43520 ----a-w- c:\windows\system32\csrsrv.dll
2012-07-03 22:11 . 2011-04-22 22:15 27520 ----a-w- c:\windows\system32\drivers\Diskdump.sys
2012-07-03 22:10 . 2011-11-05 05:32 2048 ----a-w- c:\windows\system32\tzres.dll
2012-07-03 22:10 . 2011-11-05 04:26 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-07-03 22:10 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll
2012-07-03 22:10 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll
2012-07-03 22:10 . 2010-11-20 13:24 2164224 ----a-w- c:\program files\Windows Journal\Journal.exe
2012-07-03 22:05 . 2012-07-03 22:05 -------- d-----w- c:\programdata\eMule
2012-07-03 22:03 . 2012-07-03 22:03 -------- d-----w- c:\program files (x86)\eMule
2012-07-03 21:58 . 2012-07-03 21:58 -------- d-----w- c:\program files (x86)\Ares
2012-07-03 21:52 . 2012-07-03 21:53 -------- d-----w- c:\program files (x86)\Megacubo
2012-07-03 21:48 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll
2012-07-03 21:48 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll
2012-07-03 21:42 . 2012-07-03 21:42 -------- d-----w- c:\programdata\NCH Software
2012-07-03 21:42 . 2012-07-03 21:42 -------- d-----w- c:\program files (x86)\NCH Software
2012-07-03 17:18 . 2012-07-03 17:18 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-07-03 17:01 . 2012-07-04 02:37 -------- d-----w- c:\program files (x86)\Microsoft Works
2012-07-03 16:59 . 2012-07-03 23:20 -------- d-----w- c:\program files (x86)\Microsoft.NET
2012-07-03 16:55 . 2012-07-03 16:55 -------- d-----w- c:\program files (x86)\Microsoft Visual Studio 8
2012-07-03 16:54 . 2012-07-04 18:10 -------- d-----w- c:\programdata\Microsoft Help
.
.
((((((((((((((((((((((((((((((((((((( Relatório Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-05 22:20 . 2009-07-14 02:36 175616 ----a-w- c:\windows\system32\msclmd.dll
2012-07-05 22:20 . 2009-07-14 02:36 152576 ----a-w- c:\windows\SysWow64\msclmd.dll
2012-07-04 15:39 . 2012-07-04 15:39 40960 ----a-r- c:\users\João Henrique\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2012-07-04 15:39 . 2012-07-04 15:39 40960 ----a-r- c:\users\João Henrique\AppData\Roaming\Microsoft\Installer\{9559F7CA-5E34-4237-A2D9-D856464AD727}\ARPPRODUCTICON.exe
2012-07-04 01:59 . 2012-07-04 01:59 99384 ----a-w- c:\users\João Henrique\AppData\Roaming\inst.exe
2012-07-04 01:59 . 2012-07-04 01:59 99384 ----a-w- c:\users\João Henrique\AppData\Roaming\inst.exe
2012-07-04 01:59 . 2012-07-04 01:59 82816 ----a-w- c:\users\João Henrique\AppData\Roaming\pcouffin.sys
2012-07-04 01:59 . 2012-07-04 01:59 82816 ----a-w- c:\users\João Henrique\AppData\Roaming\pcouffin.sys
2012-07-03 16:08 . 2011-03-28 21:36 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-07-07_14.15.12 )))))))))))))))))))))))))))))))))))))))))
.
- 2009-07-14 04:54 . 2012-07-07 14:16 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-07-07 16:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2009-07-14 04:54 . 2012-07-07 16:02 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-07 14:16 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2009-07-14 04:54 . 2012-07-07 14:16 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2009-07-14 04:54 . 2012-07-07 16:02 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2012-07-03 15:04 . 2012-07-07 15:53 34240 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2009-07-14 05:10 . 2012-07-07 15:53 28100 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin
+ 2012-07-03 14:59 . 2012-07-07 15:53 6652 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2566388436-1531716911-88725320-1000_UserData.bin
- 2012-07-07 14:14 . 2012-07-07 14:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2012-07-07 16:16 . 2012-07-07 16:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2012-07-07 14:14 . 2012-07-07 14:14 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2012-07-07 16:16 . 2012-07-07 16:16 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2009-07-14 04:46 . 2012-07-07 14:23 104672 c:\windows\ServiceProfiles\NetworkService\AppData\Roaming\Microsoft\SoftwareProtectionPlatform\Cache\cache.dat
- 2009-07-14 05:01 . 2012-07-07 14:13 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2009-07-14 05:01 . 2012-07-07 16:16 389832 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat
+ 2012-07-03 19:08 . 2012-07-07 16:16 9293512 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-2566388436-1531716911-88725320-1000-8192.dat
.
(((((((((((((((((((((((((( Pontos de Carregamento do Registro )))))))))))))))))))))))))))))))))))))))
.
.
*Nota* entradas vazias e legítimas por padrão não são apresentadas.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Facebook Update"="c:\users\João Henrique\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-04 137536]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dolby Advanced Audio v2"="c:\dolby pcee4\pcee4.exe" [2011-02-03 506712]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-04-27 113288]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1103440]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]
"PlusService"="c:\program files (x86)\Yuna Software\Messenger Plus!\PlusService.exe" [2012-02-27 801792]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
.
c:\users\João Henrique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Facebook Messenger.lnk - c:\users\João Henrique\AppData\Local\Facebook\Messenger\2.1.4554.0\FacebookMessenger.exe [2012-6-20 209920]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ GbPluginCef]
2012-06-05 12:48 607664 ----a-w- c:\program files (x86)\GbPlugin\gbiehcef.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer4"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R0 GbpKm;Gbp KernelMode;c:\windows\system32\drivers\gbpkm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Serviço do Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-03 136176]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-07 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-03 250056]
R3 gupdatem;Serviço do Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-03 136176]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 WatAdminSvc;Serviço de Tecnologias de Ativação do Windows;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-04 1255736]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-04-04 63928]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-10-29 868224]
S2 GbpSv;Gbp Service;c:\progra~2\GbPlugin\GbpSv.exe [2012-06-05 211888]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-06-19 3048136]
S3 b57xdbd;Broadcom xD Picture Bus Driver Service;c:\windows\system32\DRIVERS\b57xdbd.sys [2011-01-20 67624]
S3 b57xdmp;Broadcom xD Picture vstorp client drv;c:\windows\system32\DRIVERS\b57xdmp.sys [2011-01-20 19496]
S3 bScsiMSa;bScsiMSa;c:\windows\system32\DRIVERS\bScsiMSa.sys [2011-01-19 52264]
S3 bScsiSDa;bScsiSDa;c:\windows\system32\DRIVERS\bScsiSDa.sys [2011-01-13 85544]
S3 IntcDAud;Áudio do vídeo Intel®;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-15 317440]
S3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2010-12-02 411688]
S3 MEIx64;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-20 56344]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-09-30 80384]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-09-30 180736]
.
.
Conteúdo da pasta 'Tarefas Agendadas'
.
2012-07-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-03 17:24]
.
2012-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-03 15:43]
.
2012-07-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-03 15:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21 133400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-31 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-31 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-31 418840]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-28 11786344]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-21 2207848]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-10-29 860040]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
.
------- Scan Suplementar -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.uol.com.br/
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xportar para o Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\João Henrique\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
Trusted Zone: caixa.gov.br\imagem
Trusted Zone: caixa.gov.br\internetbanking
Trusted Zone: caixa.gov.br\www
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\João Henrique\AppData\Roaming\Mozilla\Firefox\Profiles\hruy4qu3.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - www.uol.com.br
.
.
--------------------- CHAVES DO REGISTRO BLOQUEADAS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_257_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_257.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Outros Processos em Execução ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Launch Manager\LMutilps32.exe
c:\windows\SysWOW64\IoctlSvc.exe
.
**************************************************************************
.
Tempo para conclusão: 2012-07-07 13:21:52 - Máquina reiniciou
ComboFix-quarantined-files.txt 2012-07-07 16:21
ComboFix2.txt 2012-07-07 14:20
.
Pré-execução: 118.087.929.856 bytes disponíveis
Pós execução: 117.650.673.664 bytes disponíveis
.
- - End Of File - - DF280582F8B8E50CFB7DB7EA009AFF3D
