Jump to content

douglasalmena

Members
  • Posts

    1
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Here it is my FRST.txt: Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:9-08-2014 01Ran by Douglas (administrator) on DOUG on 09-08-2014 16:37:37Running from C:\LIMPANDOPlatform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Português (Brasil)Internet Explorer Version 8Boot Mode: Normal The only official download link for FRST:Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated.See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel® Corporation) C:\Arquivos de programas\Intel\WiFi\bin\S24EvMon.exe(Intel® Corporation) C:\Arquivos de programas\Intel\WiFi\bin\EvtEng.exe(Microsoft Corporation) C:\WINDOWS\system32\inetsrv\inetinfo.exe(Intel® Corporation) C:\Arquivos de programas\Arquivos comuns\Intel\WirelessCommon\RegSrvc.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.214\deploy\LoLLauncher.exe() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.101\deploy\LolClient.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKU\S-1-5-21-515967899-299502267-1177238915-1003\...\Policies\Explorer: [NoChangeStartMenu] 0HKU\S-1-5-21-515967899-299502267-1177238915-1003\...\Policies\Explorer: [NoLogOff] 0HKU\S-1-5-21-515967899-299502267-1177238915-1003\...\MountPoints2: {20e6bde3-5133-11e1-a9d5-001b2441784a} - G:\Launcher.exeHKU\S-1-5-21-515967899-299502267-1177238915-1003\...\MountPoints2: {86bc6040-fa08-11e1-8595-001b2441784a} - F:\RunClubSanDisk.exeHKU\S-1-5-21-515967899-299502267-1177238915-1003\...\MountPoints2: {93c40dd2-0f29-11e1-ab63-001b2441784a} - G:\LaunchU3.exe -aHKU\S-1-5-21-515967899-299502267-1177238915-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoChangeStartMenu] 0HKU\S-1-5-21-515967899-299502267-1177238915-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\Explorer: [NoLogOff] 0HKU\S-1-5-21-515967899-299502267-1177238915-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {20e6bde3-5133-11e1-a9d5-001b2441784a} - G:\Launcher.exeHKU\S-1-5-21-515967899-299502267-1177238915-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {86bc6040-fa08-11e1-8595-001b2441784a} - F:\RunClubSanDisk.exeHKU\S-1-5-21-515967899-299502267-1177238915-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {93c40dd2-0f29-11e1-ab63-001b2441784a} - G:\LaunchU3.exe -aHKU\S-1-5-21-515967899-299502267-1177238915-1007-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [NeroHomeFirstStart] => C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMFirstStart.exe [16432 2007-03-02] (Nero AG)ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)ShellIconOverlayIdentifiers: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = &http://home.microsoft.com/intl/br/access/allinone.aspHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://br.msn.com/?ocid=iehpHKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xC87CE076D522CE01HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = pt-brSearchScopes: HKCU - DefaultScope {7F2C2B6F-F202-4707-BCFB-878C3C35A2E9} URL = http://www.google.com/search?hl=en&q={searchTerms}SearchScopes: HKCU - {7F2C2B6F-F202-4707-BCFB-878C3C35A2E9} URL = http://www.google.com/search?hl=en&q={searchTerms}BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Arquivos de programas\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Arquivos de programas\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKCU - E&ndereço - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cabDPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cabDPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cabHandler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de programas\Arquivos comuns\Skype\Skype4COM.dll (Skype Technologies)Winsock: Catalog5 01 %SystemRoot%\system32\networkdlllsp.dll [427376] (Network Tunnel Lab)Winsock: Catalog9 01 %SystemRoot%\system32\networkdlllsp.dll [427376] (Network Tunnel Lab)Winsock: Catalog9 02 %SystemRoot%\system32\networkdlllsp.dll [427376] (Network Tunnel Lab)Winsock: Catalog9 03 %SystemRoot%\system32\networkdlllsp.dll [427376] (Network Tunnel Lab)Winsock: Catalog9 04 %SystemRoot%\system32\networkdlllsp.dll [427376] (Network Tunnel Lab)Winsock: Catalog9 05 %SystemRoot%\system32\networkdlllsp.dll [427376] (Network Tunnel Lab)Winsock: Catalog9 06 %SystemRoot%\system32\networkdlllsp.dll [427376] (Network Tunnel Lab)Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62 FireFox:========FF ProfilePath: C:\Documents and Settings\Douglas\Dados de aplicativos\Mozilla\Firefox\Profiles\mo9gau7f.defaultFF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Arquivos de programas\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Arquivos de programas\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Arquivos de programas\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Arquivos de programas\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Arquivos de programas\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin HKCU: gastecnologia.com.br/sf/abn -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\npsf_abn.dll (GAS Tecnologia)FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Arquivos de programas\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)FF SearchPlugin: C:\Arquivos de programas\mozilla firefox\searchplugins\babylon.xmlFF SearchPlugin: C:\Arquivos de programas\mozilla firefox\searchplugins\buscape.xmlFF SearchPlugin: C:\Arquivos de programas\mozilla firefox\searchplugins\mercadolivre.xmlFF SearchPlugin: C:\Arquivos de programas\mozilla firefox\searchplugins\yahoo-br.xmlFF Extension: Java Console - C:\Arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-06-25]FF Extension: Java Console - C:\Arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-09-06]FF Extension: Java Console - C:\Arquivos de programas\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-11-03]FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtensionFF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-09-15]FF HKCU\...\Firefox\Extensions: [{87F8774F-B485-47E2-A755-A40A8A5E8874}] - C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\abn\xpiFF Extension: Módulo de Proteção - Banco Santander (Brasil) S.A. - C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\abn\xpi [2013-05-18] Chrome: =======CHR Extension: (GBBD Banco Santander (Brasil) S.A.) - C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\abmojiekfpcmkkfamgfcpgfgipocface [2013-05-18]CHR Extension: (Google Docs) - C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-08]CHR Extension: (Google Drive) - C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-08]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-07]CHR Extension: (YouTube) - C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-09]CHR Extension: (Google Search) - C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-09]CHR Extension: (Google Wallet) - C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]CHR Extension: (Gmail) - C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-09]CHR HKCU\...\Chrome\Extension: [abmojiekfpcmkkfamgfcpgfgipocface] - C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\abn\sf.crx [2013-05-18]CHR StartMenuInternet: Google Chrome - C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\chrome.exe ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 EvtEng; C:\Arquivos de programas\Intel\WiFi\bin\EvtEng.exe [870672 2012-04-24] (Intel® Corporation)S4 gupdate; C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [116648 2012-07-13] (Google Inc.)S4 gupdatem; C:\Arquivos de programas\Google\Update\GoogleUpdate.exe [116648 2012-07-13] (Google Inc.)R2 IISADMIN; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15872 2008-04-14] (Microsoft Corporation)S4 JavaQuickStarterService; C:\Arquivos de programas\Java\jre7\bin\jqs.exe [182184 2013-07-09] (Oracle Corporation)S4 Microsoft Office Groove Audit Service; C:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe [65824 2006-10-27] (Microsoft Corporation)S4 MSSQL$SQL; C:\Arquivos de programas\Microsoft SQL Server\MSSQL10_50.SQL\MSSQL\Binn\sqlservr.exe [42884448 2010-04-03] (Microsoft Corporation)S4 MSSQL$SQLEXPRESS; C:\Arquivos de programas\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)S4 MSSQLServerADHelper100; C:\Arquivos de programas\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [44896 2010-04-03] (Microsoft Corporation)S4 msvsmon90; c:\Arquivos de programas\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [3201024 2008-07-29] (Microsoft Corporation)S4 NBService; C:\Arquivos de programas\Nero\Nero 7\Nero BackItUp\NBService.exe [779824 2007-03-02] (Nero AG)S3 NMIndexingService; C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMIndexingService.exe [267824 2007-03-02] (Nero AG)S4 odserv; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE [441136 2006-10-26] (Microsoft Corporation)S4 ose; C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE [145184 2006-10-26] (Microsoft Corporation)R2 RegSrvc; C:\Arquivos de programas\Arquivos comuns\Intel\WirelessCommon\RegSrvc.exe [481552 2012-04-24] (Intel® Corporation)R2 S24EventMonitor; C:\Arquivos de programas\Intel\WiFi\bin\S24EvMon.exe [919824 2012-04-24] (Intel® Corporation)S4 SkypeUpdate; C:\Arquivos de programas\Skype\Updater\Updater.exe [160944 2012-07-13] (Skype Technologies)R2 SMTPSVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15872 2008-04-14] (Microsoft Corporation)S4 SQLAgent$SQL; C:\Arquivos de programas\Microsoft SQL Server\MSSQL10_50.SQL\MSSQL\Binn\SQLAGENT.EXE [367456 2010-04-03] (Microsoft Corporation)S4 SQLAgent$SQLEXPRESS; C:\Arquivos de programas\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)S4 SQLBrowser; C:\Arquivos de programas\Microsoft SQL Server\90\Shared\sqlbrowser.exe [267616 2010-04-03] (Microsoft Corporation)S4 SQLWriter; C:\Arquivos de programas\Microsoft SQL Server\90\Shared\sqlwriter.exe [97632 2010-04-03] (Microsoft Corporation)R2 W3SVC; C:\WINDOWS\system32\inetsrv\inetinfo.exe [15872 2008-04-14] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2967168 2010-04-10] (Broadcom Corporation)S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)R3 hidshim; C:\WINDOWS\System32\DRIVERS\hidshim.sys [5632 2007-05-30] (Windows ® Codename Longhorn DDK provider)R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [210688 2007-03-01] (Conexant Systems, Inc.)R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [988032 2007-03-01] (Conexant Systems, Inc.)S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [54232 2014-08-09] (Malwarebytes Corporation)R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2014-08-09] (Malwarebytes Corporation)S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)S3 NETw5x32; C:\WINDOWS\System32\DRIVERS\NETw5x32.sys [3636864 2008-11-17] (Intel Corporation)R3 NETwLx32; C:\WINDOWS\System32\DRIVERS\NETwLx32.sys [6609920 2010-10-07] (Intel Corporation)S4 RsFx0150; C:\WINDOWS\System32\DRIVERS\RsFx0150.sys [240608 2010-04-03] (Microsoft Corporation)R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13952 2010-05-19] (Intel Corporation)R3 winbondhidcir; C:\WINDOWS\System32\DRIVERS\winbondhidcir.sys [21504 2007-05-30] (Winbond Electronics Corporation)S4 IntelIde; No ImagePathS3 mcdbus; system32\DRIVERS\mcdbus.sys [X]U1 WS2IFSL; ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-09 15:50 - 2014-08-09 15:50 - 00000000 ____D () C:\TDSSKiller_Quarantine2014-08-09 15:48 - 2014-08-09 15:48 - 00000000 ____D () C:\Inetpub2014-08-09 15:03 - 2014-08-09 16:37 - 00000000 ____D () C:\FRST2014-08-09 12:59 - 2014-08-09 12:59 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes2014-08-09 12:58 - 2014-08-09 16:04 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes' Anti-Malware (portable)2014-08-09 12:58 - 2014-08-09 16:02 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2014-08-09 12:57 - 2014-08-09 16:37 - 00000000 ____D () C:\LIMPANDO2014-08-09 12:57 - 2014-08-09 12:57 - 00054232 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2014-08-08 20:41 - 2014-08-08 20:41 - 00000000 ____D () C:\Riot Games2014-08-08 20:40 - 2014-08-08 20:40 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\Riot Games2014-08-08 20:11 - 2014-08-08 20:11 - 00000000 ____D () C:\Documents and Settings\Douglas\Dados de aplicativos\TuneUp Software2014-08-07 22:29 - 2014-08-07 22:33 - 00000000 ____D () C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\PMB Files2014-08-07 22:29 - 2014-08-07 22:33 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\PMB Files2014-08-07 21:55 - 2014-08-07 21:55 - 00051568 ____H () C:\WINDOWS\system32\mlfcache.dat2014-08-07 21:55 - 2014-08-07 21:55 - 00000000 ____D () C:\Documents and Settings\Default User\Dados de aplicativos\Macromedia2014-08-07 21:55 - 2014-08-07 21:55 - 00000000 ____D () C:\Arquivos de programas\Arquivos comuns\Adobe AIR2014-08-07 20:28 - 2014-08-08 20:20 - 00000000 __SHD () C:\WINDOWS\system32\AI_RecycleBin2014-08-07 20:27 - 2014-08-07 20:27 - 00000000 ____D () C:\Documents and Settings\Douglas\Dados de aplicativos\Riot Games2014-08-07 20:27 - 2014-08-07 20:27 - 00000000 ____D () C:\Arquivos de programas\Pando Networks2014-08-06 22:17 - 2014-08-06 22:17 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-299502267-1177238915-1003Core1cfb1e5c85aeb24.job ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-09 16:38 - 2011-09-15 12:13 - 00000000 ____D () C:\Documents and Settings\Douglas\Configurações locais\Temp2014-08-09 16:37 - 2014-08-09 15:03 - 00000000 ____D () C:\FRST2014-08-09 16:37 - 2014-08-09 12:57 - 00000000 ____D () C:\LIMPANDO2014-08-09 16:04 - 2014-08-09 12:58 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes' Anti-Malware (portable)2014-08-09 16:02 - 2014-08-09 12:58 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys2014-08-09 15:55 - 2011-09-15 08:36 - 01735416 _____ () C:\WINDOWS\system32\PerfStringBackup.INI2014-08-09 15:55 - 2011-09-15 08:26 - 00000000 ____D () C:\WINDOWS\system32\inetsrv2014-08-09 15:55 - 2008-04-14 08:00 - 00715562 _____ () C:\WINDOWS\system32\perfh016.dat2014-08-09 15:55 - 2008-04-14 08:00 - 00164050 _____ () C:\WINDOWS\system32\perfc016.dat2014-08-09 15:51 - 2011-09-15 08:39 - 00000159 _____ () C:\WINDOWS\wiadebug.log2014-08-09 15:51 - 2011-09-15 08:39 - 00000048 _____ () C:\WINDOWS\wiaservc.log2014-08-09 15:50 - 2014-08-09 15:50 - 00000000 ____D () C:\TDSSKiller_Quarantine2014-08-09 15:50 - 2011-09-15 12:13 - 00000210 ___SH () C:\Documents and Settings\Douglas\ntuser.ini2014-08-09 15:50 - 2011-09-15 12:06 - 00408551 _____ () C:\WINDOWS\WindowsUpdate.log2014-08-09 15:48 - 2014-08-09 15:48 - 00000000 ____D () C:\Inetpub2014-08-09 12:59 - 2014-08-09 12:59 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\Malwarebytes2014-08-09 12:59 - 2011-09-15 08:35 - 00000000 __RHD () C:\Documents and Settings\All Users\Dados de aplicativos2014-08-09 12:57 - 2014-08-09 12:57 - 00054232 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys2014-08-09 12:19 - 2011-09-15 21:38 - 00000000 ____D () C:\WINDOWS\SxsCaPendDel2014-08-08 21:19 - 2011-09-15 08:35 - 00656716 _____ () C:\WINDOWS\setupapi.log2014-08-08 20:41 - 2014-08-08 20:41 - 00000000 ____D () C:\Riot Games2014-08-08 20:40 - 2014-08-08 20:40 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\Riot Games2014-08-08 20:40 - 2011-09-16 09:41 - 00000000 ____D () C:\Documents and Settings\Douglas\Meus documentos\SQL Server Management Studio2014-08-08 20:20 - 2014-08-07 20:28 - 00000000 __SHD () C:\WINDOWS\system32\AI_RecycleBin2014-08-08 20:20 - 2012-07-20 12:53 - 00000000 ____D () C:\Arquivos de programas\Git2014-08-08 20:20 - 2011-09-15 08:36 - 00000000 ___RD () C:\Documents and Settings\All Users\Menu Iniciar\Programas2014-08-08 20:19 - 2011-09-16 01:11 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\MFAData2014-08-08 20:11 - 2014-08-08 20:11 - 00000000 ____D () C:\Documents and Settings\Douglas\Dados de aplicativos\TuneUp Software2014-08-08 20:11 - 2011-09-15 12:13 - 00000000 __RHD () C:\Documents and Settings\Douglas\Dados de aplicativos2014-08-08 20:09 - 2011-09-15 08:36 - 00000000 ____D () C:\Arquivos de programas\Arquivos comuns2014-08-08 20:02 - 2013-06-28 14:01 - 00000000 ____D () C:\Arquivos de programas\Adobe2014-08-08 20:02 - 2011-09-15 19:50 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\Adobe2014-08-08 18:49 - 2011-09-15 08:34 - 00000211 ___SH () C:\boot.ini2014-08-08 18:49 - 2008-04-14 08:00 - 00000633 _____ () C:\WINDOWS\win.ini2014-08-08 18:49 - 2008-04-14 08:00 - 00000227 _____ () C:\WINDOWS\system.ini2014-08-08 01:23 - 2011-09-16 10:07 - 00324482 _____ () C:\Documents and Settings\LocalService\Configurações locais\Dados de aplicativos\WPFFontCache_v0400-System.dat2014-08-07 23:30 - 2011-09-15 20:29 - 00000000 ____D () C:\WINDOWS\Microsoft.NET2014-08-07 23:25 - 2011-09-15 22:42 - 00000000 ____D () C:\Arquivos de programas\Microsoft Visual Studio 10.02014-08-07 23:25 - 2011-09-15 20:30 - 00000000 ____D () C:\Arquivos de programas\MSBuild2014-08-07 23:25 - 2011-09-15 08:36 - 00000000 ___RD () C:\Arquivos de programas2014-08-07 23:22 - 2011-09-15 20:34 - 00000000 ____D () C:\Arquivos de programas\Arquivos comuns\Merge Modules2014-08-07 23:22 - 2011-09-15 08:36 - 00000000 ____D () C:\Arquivos de programas\Arquivos comuns\Microsoft Shared2014-08-07 22:43 - 2011-09-15 21:53 - 00000000 ____D () C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Paint.NET2014-08-07 22:33 - 2014-08-07 22:29 - 00000000 ____D () C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\PMB Files2014-08-07 22:33 - 2014-08-07 22:29 - 00000000 ____D () C:\Documents and Settings\All Users\Dados de aplicativos\PMB Files2014-08-07 22:30 - 2011-09-15 12:06 - 00000000 ____D () C:\WINDOWS\system32\DirectX2014-08-07 22:29 - 2011-09-15 12:13 - 00000000 ___HD () C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos2014-08-07 22:27 - 2011-11-19 15:35 - 00000000 ___RD () C:\Arquivos de programas\Skype2014-08-07 22:25 - 2013-10-22 01:26 - 00000000 ____D () C:\Documents and Settings\Douglas\Dados de aplicativos\Mozilla2014-08-07 22:25 - 2011-09-15 18:25 - 00000000 ____D () C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google2014-08-07 22:24 - 2012-07-11 19:15 - 00000000 ____D () C:\Arquivos de programas\Google2014-08-07 22:22 - 2012-01-15 03:17 - 00000000 ____D () C:\Documents and Settings\Douglas\Menu Iniciar\Programas\Exhedra2014-08-07 21:56 - 2011-09-15 18:25 - 00000000 ____D () C:\Documents and Settings\Douglas\Dados de aplicativos\Adobe2014-08-07 21:55 - 2014-08-07 21:55 - 00051568 ____H () C:\WINDOWS\system32\mlfcache.dat2014-08-07 21:55 - 2014-08-07 21:55 - 00000000 ____D () C:\Documents and Settings\Default User\Dados de aplicativos\Macromedia2014-08-07 21:55 - 2014-08-07 21:55 - 00000000 ____D () C:\Arquivos de programas\Arquivos comuns\Adobe AIR2014-08-07 21:55 - 2011-09-15 08:35 - 00000000 __RHD () C:\Documents and Settings\Default User\Dados de aplicativos2014-08-07 20:27 - 2014-08-07 20:27 - 00000000 ____D () C:\Documents and Settings\Douglas\Dados de aplicativos\Riot Games2014-08-07 20:27 - 2014-08-07 20:27 - 00000000 ____D () C:\Arquivos de programas\Pando Networks2014-08-07 20:22 - 2011-09-15 18:52 - 00000000 ___HD () C:\Arquivos de programas\InstallShield Installation Information2014-08-06 22:17 - 2014-08-06 22:17 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-299502267-1177238915-1003Core1cfb1e5c85aeb24.job2014-08-06 22:08 - 2008-04-14 08:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl Some content of TEMP:====================C:\Documents and Settings\Douglas\Configurações locais\Temp\.gbas.dllC:\Documents and Settings\Douglas\Configurações locais\Temp\dotnetfx35setup.exeC:\Documents and Settings\Douglas\Configurações locais\Temp\FP_PL_PFS_INSTALLER.exeC:\Documents and Settings\Douglas\Configurações locais\Temp\fvdsuite-2.6.9.exeC:\Documents and Settings\Douglas\Configurações locais\Temp\install_reader11_en_mssd_aaa_aih.exeC:\Documents and Settings\Douglas\Configurações locais\Temp\jre-6u29-windows-i586-iftw-rv.exeC:\Documents and Settings\Douglas\Configurações locais\Temp\jre-6u33-windows-i586-iftw.exeC:\Documents and Settings\Douglas\Configurações locais\Temp\jre-6u35-windows-i586-iftw.exeC:\Documents and Settings\Douglas\Configurações locais\Temp\jre-6u37-windows-i586-iftw.exeC:\Documents and Settings\Douglas\Configurações locais\Temp\jre-7u25-windows-i586-iftw.exeC:\Documents and Settings\Douglas\Configurações locais\Temp\RtkBtMnt.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signedC:\WINDOWS\system32\winlogon.exe => File is digitally signedC:\WINDOWS\system32\svchost.exe => File is digitally signedC:\WINDOWS\system32\services.exe => File is digitally signedC:\WINDOWS\system32\User32.dll => File is digitally signedC:\WINDOWS\system32\userinit.exe => File is digitally signedC:\WINDOWS\system32\rpcss.dll => File is digitally signedC:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End Of Log ============================ And this is the Addition.txt: Additional scan result of Farbar Recovery Scan Tool (x86) Version:9-08-2014 01Ran by Douglas at 2014-08-09 16:39:51Running from C:\LIMPANDOBoot Mode: Normal========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: AVG Anti-Virus Free Edition 2012 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Acer Crystal Eye webcam (HKLM\...\{AA047D7C-5E7C-4878-B75C-77589151B563}) (Version: 1.0.13 - SUYIN)Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)Adobe AIR (Version: 14.0.0.110 - Adobe Systems Incorporated) HiddenBitTorrent (HKLM\...\BitTorrent) (Version: 7.7.2.28499 - BitTorrent Inc.)Broadcom Driver v4.102.15.63_Foxconn Installation Program (HKLM\...\{88410D8F-8529-492B-B556-2394A29B811B}) (Version: 5.0 - Broadcom)Broadcom Wireless Network Adapter (HKLM\...\{4FCBCF89-1823-4D97-A6F2-0E8DD66E273A}) (Version: 1.00.0000 - AzureWave)Core FTP LE 2.1 (HKLM\...\Core FTP LE 2.1) (Version: - )Crystal Reports Basic for Visual Studio 2008 (HKLM\...\{AA467959-A1D6-4F45-90CD-11DC57733F32}) (Version: 10.5.0.0 - Business Objects)Ferramentas do Visual Studio 2005 para Office Second Edition Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation)Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)Google Update Helper (Version: 1.3.21.123 - Google Inc.) HiddenHDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version: - )Hotfix para Windows XP (KB932716-v2) (HKLM\...\KB932716-v2) (Version: 2 - Microsoft Corporation)Hotfix para Windows XP (KB942288-v3) (HKLM\...\KB942288-v3) (Version: 3 - Microsoft Corporation)Intel PROSet Wireless (Version: - ) HiddenJava 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) HiddenJava 6 Update 22 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)Java 6 Update 37 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.370 - Oracle)K-Lite Mega Codec Pack 9.2.0 (HKLM\...\KLiteCodecPack_is1) (Version: 9.2.0 - )Microsoft .NET Compact Framework 2.0 SP2 (HKLM\...\{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}) (Version: 2.0.7045 - Microsoft Corporation)Microsoft .NET Compact Framework 3.5 (HKLM\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - PTB (HKLM\...\{3F31F3B5-C1FF-3708-8611-869DE39C0CB6}) (Version: 2.2.30729 - Microsoft Corporation)Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - PTB (HKLM\...\{B1FA73D8-AB79-3A2E-81AC-DBBAC155B2FE}) (Version: 3.2.30729 - Microsoft Corporation)Microsoft .NET Framework 3.5 Language Pack SP1 - ptb (Version: 3.5.30729 - Microsoft Corporation) HiddenMicrosoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) HiddenMicrosoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) HiddenMicrosoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)Microsoft ASP.NET MVC 2 (HKLM\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)Microsoft Device Emulator version 3.0 - ENU (HKLM\...\{B32E7732-B2FB-3FD0-81AC-6025B1104C66}) (Version: 9.0.21022 - Microsoft Corporation)Microsoft Document Explorer 2008 (HKLM\...\Microsoft Document Explorer 2008) (Version: - Microsoft Corporation)Microsoft Document Explorer 2008 (Version: 9.0.21022 - Microsoft Corporation) HiddenMicrosoft Expression Web (HKLM\...\WebDesigner) (Version: 12.0.4518.1014 - Microsoft Corporation)Microsoft Expression Web (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Expression Web MUI (English) (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) HiddenMicrosoft Kernel-Mode Driver Framework Feature Pack 1.5 (Version: - Microsoft Corporation) HiddenMicrosoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Project MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Project Professional 2007 (HKLM\...\PRJPRO) (Version: 12.0.4518.1014 - Microsoft Corporation)Microsoft Office Project Professional 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Visio MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Visio Professional 2007 (HKLM\...\VISPRO) (Version: 12.0.4518.1014 - Microsoft Corporation)Microsoft Office Visio Professional 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Office Visual Web Developer 2007 (Version: 12.0.4518.1066 - Microsoft Corporation) HiddenMicrosoft Office Visual Web Developer MUI (English) 2007 (Version: 12.0.4518.1066 - Microsoft Corporation) HiddenMicrosoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft Report Viewer Redistributable 2008 (KB971119) (Version: 9.0.30731 - Microsoft Corporation) HiddenMicrosoft Report Viewer Redistributable 2008 SP1 (HKLM\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation)Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.10411.0 - Microsoft Corporation)Microsoft Silverlight 3 SDK (HKLM\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)Microsoft Software Update for Web Folders (English) 12 (Version: 12.0.4518.1014 - Microsoft Corporation) HiddenMicrosoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)Microsoft SQL Server 2005 Tools Express Edition (Version: 9.2.3042.00 - Microsoft Corporation) HiddenMicrosoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) HiddenMicrosoft SQL Server 2008 R2 (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)Microsoft SQL Server 2008 R2 (Version: - Microsoft Corporation) HiddenMicrosoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{4AB6A079-178B-4144-B21F-4D1AE71666A2}) (Version: 10.50.1600.1 - Microsoft Corporation)Microsoft SQL Server 2008 R2 Policies (HKLM\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)Microsoft SQL Server 2008 R2 RsFx Driver (Version: 10.50.1600.1 - Microsoft Corporation) HiddenMicrosoft SQL Server 2008 R2 Setup (English) (HKLM\...\{72DE3C67-FB48-450E-8BEA-4EB1B3B5355D}) (Version: 10.50.1600.1 - Microsoft Corporation)Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) HiddenMicrosoft SQL Server 2008 Setup Support Files (HKLM\...\{D441BD04-E548-4F8E-97A4-1B66135BAAA8}) (Version: 10.1.2731.0 - Microsoft Corporation)Microsoft SQL Server Browser (HKLM\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.50.1600.1 - Microsoft Corporation)Microsoft SQL Server Compact 3.5 for Devices ENU (HKLM\...\{241F2BF7-69EB-42A4-9156-96B2426C7504}) (Version: 3.5.5386.0 - Microsoft Corporation)Microsoft SQL Server Compact 3.5 SP1 Design Tools English (HKLM\...\{0C19D563-5F25-4621-BF10-01F741BD283F}) (Version: 3.5.5692.0 - Microsoft Corporation)Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)Microsoft SQL Server Database Publishing Wizard 1.3 (HKLM\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 10.0.1600.22 - Microsoft Corporation)Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)Microsoft SQL Server Native Client (HKLM\...\{F9B3DD02-B0B3-42E9-8650-030DFF0D133D}) (Version: 9.00.3042.00 - Microsoft Corporation)Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.3042.00 - Microsoft Corporation)Microsoft SQL Server System CLR Types (HKLM\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)Microsoft SQL Server VSS Writer (HKLM\...\{47BE41E6-2F0F-4D17-9C2D-3850FFD9D405}) (Version: 10.50.1600.1 - Microsoft Corporation)Microsoft Sync Framework Runtime v1.0 SP1 (x86) (HKLM\...\{C6DD625F-4B61-4561-8286-87CA0275CEA1}) (Version: 1.0.3010.0 - Microsoft Corporation)Microsoft Sync Framework SDK v1.0 SP1 (HKLM\...\{97CE8B73-AA5A-4987-A1BE-50DD1A187478}) (Version: 1.0.3010.0 - Microsoft Corporation)Microsoft Sync Framework Services v1.0 SP1 (x86) (HKLM\...\{F990B526-8F7C-46E0-B1F1-6C893A8B478F}) (Version: 1.0.3010.0 - Microsoft Corporation)Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) (HKLM\...\{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}) (Version: 2.0.3010.0 - Microsoft Corporation)Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.30319 - Microsoft Corporation) HiddenMicrosoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)Microsoft Visual F# 2.0 Runtime (HKLM\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2008 Professional Edition - ENU (HKLM\...\Microsoft Visual Studio 2008 Professional Edition - ENU) (Version: - Microsoft Corporation)Microsoft Visual Studio 2008 Professional Edition - ENU (Version: 9.0.30729 - Microsoft Corporation) HiddenMicrosoft Visual Studio 2008 Professional Edition - ENU Service Pack 1 (KB945140) (HKLM\...\{D7DAD1E4-45F4-3B2B-899A-EA728167EC4F}.KB945140) (Version: 1 - Microsoft Corporation)Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.30319 - Microsoft Corporation)Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.30319 - Microsoft Corporation) HiddenMicrosoft Visual Studio Macro Tools (HKLM\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)Microsoft Visual Studio Macro Tools (Version: 9.0.30729 - Microsoft Corporation) HiddenMicrosoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)Microsoft Visual Studio Web Authoring Component (HKLM\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools - enu (HKLM\...\{05EC21B8-4593-3037-A781-A6B5AFFCB19D}) (Version: 3.5.21022 - Microsoft Corporation)Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{842FAF7C-50EF-4463-9B8F-6222E1384D7D}) (Version: 6.1.5288.17011 - Microsoft Corporation)Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{64c5b887-b5ee-42b8-8596-78905a6b5f1f}) (Version: 6.1.5288.17011 - Microsoft Corporation)Microsoft Windows SDK for Visual Studio 2008 SP1 Tools (HKLM\...\{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}) (Version: 6.1.5294.17011 - Microsoft Corporation)Microsoft Windows SDK for Visual Studio 2008 SP1 Win32 Tools (HKLM\...\{B268E9A1-04A9-40D0-9866-846BE2B74BA7}) (Version: 6.1.5294.17011 - Microsoft Corporation)Microsoft XNA Framework Redistributable 3.1 (HKLM\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)Módulo de Proteção Santander 3.2.0.2 (HKLM\...\{83033d93-48d0-48fc-9c5b-82e57e7e0dd6}_is1) (Version: Módulo de Proteção Banco Santander (Brasil) S.A. - )Mozilla Firefox 9.0.1 (x86 pt-BR) (HKLM\...\Mozilla Firefox 9.0.1 (x86 pt-BR)) (Version: 9.0.1 - Mozilla)MSXML 6.0 Parser (HKLM\...\{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}) (Version: 6.10.1129.0 - Microsoft Corporation)Nero 7 Essentials (HKLM\...\{9D0B763A-627E-47A7-942F-311B1B611046}) (Version: 7.02.5998 - Nero AG)Pacote de Idiomas do Microsoft .NET Framework 3.5 SP1 - PTB (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - ptb) (Version: - Microsoft Corporation)Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC)Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)Poedit (HKLM\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 1.4.6 - Vaclav Slavik)Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )Respondus LockDown Browser (HKLM\...\{C0E5147E-C9F3-4360-9ED0-2E875F11766C}) (Version: 1.02.0001 - Respondus, Inc.)Service Pack 1 for SQL Server 2008 (KB968369) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)Skype™ 5.10 (HKLM\...\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}) (Version: 5.10.116 - Skype Technologies S.A.)Software Intel® PROSet/Wireless WiFi (HKLM\...\{7AD5EA39-06F0-4D29-915D-3D908B6AA2AF}) (Version: 15.02.0000 - Intel Corporation)SQL Server 2008 R2 Common Files (Version: 10.50.1600.1 - Microsoft Corporation) HiddenSQL Server 2008 R2 Database Engine Services (Version: 10.50.1600.1 - Microsoft Corporation) HiddenSQL Server 2008 R2 Database Engine Shared (Version: 10.50.1600.1 - Microsoft Corporation) HiddenSQL Server 2008 R2 Management Studio (Version: 10.50.1600.1 - Microsoft Corporation) HiddenSql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) HiddenTextPad 5 (HKLM\...\{B6EC7388-E277-4A5B-8C8F-71067A41BA64}) (Version: 5.3.1 - Helios)Update for Microsoft Visual Studio Web Authoring Component (KB945140) (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{F9DE79A2-9049-4589-9787-815147371581}) (Version: - Microsoft)Visual C++ 2008 IA64 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) HiddenVisual C++ 2008 IA64 Runtime - v9.0.30729.01 (HKLM\...\{22E23C71-C27A-3F30-8849-BB6129E50679}.vc_i64runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)Visual C++ 2008 x64 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) HiddenVisual C++ 2008 x64 Runtime - v9.0.30729.01 (HKLM\...\{0DF3AE91-E533-3960-8516-B23737F8B7A2}.vc_x64runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) HiddenVisual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)Visual CertExam Suite 1.9 (HKLM\...\Visual CertExam Suite_is1) (Version: - Visual CertExam Software)Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)Visual Studio Tools for the Office system 3.0 Runtime (HKLM\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version: - Microsoft Corporation)Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.30729 - Microsoft Corporation) HiddenVisual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) HiddenWindows 7 USB/DVD Download Tool (HKLM\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version: - )Windows Media Player 10 (HKLM\...\Windows Media Player) (Version: - )Windows Mobile 5.0 SDK R2 for Pocket PC (HKLM\...\{6C9F6D23-E9AD-43C9-B43A-011562AAF876}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)Windows Mobile 5.0 SDK R2 for Smartphone (HKLM\...\{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)Windows PowerShell 1.0 (HKLM\...\KB926139) (Version: 1 - Microsoft Corporation)WinMerge 2.12.4 (HKLM\...\WinMerge_is1) (Version: 2.12.4 - Thingamahoochie Software)WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )XML Paper Specification Shared Components Language Pack 1.0 (Version: - Microsoft Corporation) HiddenXML Paper Specification Shared Components Pack 1.0 (Version: - Microsoft Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.135 (the data entry has 19 more characters).CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{0783EB25-59F8-4F02-B6B0-F1D4349F0001}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\npsf_abn.dll (GAS Tecnologia)CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{0783EB25-59F8-4F02-B6B1-F1D4349F0001}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\GAS Tecnologia\GBBD\npsf_abn.dll (GAS Tecnologia)CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.99\ (the data entry has 18 more characters).CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.69\ (the data entry has 18 more characters).CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Arquivos de programas\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.79\ (the data entry has 18 more characters).CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\36.0.1985.125\delegate_execute.exe (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.145 (the data entry has 19 more characters).CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.123 (the data entry has 19 more characters).CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.153 (the data entry has 19 more characters).CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.24.15\psuser.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.22.3\p (the data entry has 17 more characters).CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.165 (the data entry has 19 more characters).CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{ABECE8A0-FF84-4efb-82AE-9B3181CE097D}\InprocServer32 -> C:\Arquivos de programas\TextPad 5\System\shellext32.dll (Helios Software Solutions)CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.115 (the data entry has 19 more characters).CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.24.15\psuser.dll (Google Inc.)CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.22.5\p (the data entry has 17 more characters).CustomCLSID: HKU\S-1-5-21-515967899-299502267-1177238915-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\1.3.21.111 (the data entry has 19 more characters). ==================== Restore Points ========================= 07-08-2014 02:51:10 Installed League of Legends07-08-2014 23:36:35 Removed League of Legends07-08-2014 23:37:49 Installed League of Legends08-08-2014 00:22:23 Removed League of Legends08-08-2014 00:28:19 Instalado Microsoft Visual C++ 2005 Redistributable08-08-2014 00:28:41 Installed League of Legends08-08-2014 00:28:55 DirectX instalado08-08-2014 02:23:02 Removido Apple Software Update08-08-2014 02:23:53 Removido Bonjour08-08-2014 02:24:35 Removed Google Drive08-08-2014 02:24:58 Removed Google Talk Plugin08-08-2014 02:25:46 Removed Microsoft Visual C++ 2010 x86 Runtime - 10.0.3031908-08-2014 02:27:15 Removed Skype Click to Call08-08-2014 02:29:43 Installed League of Legends08-08-2014 02:29:57 DirectX instalado09-08-2014 00:02:23 Removed Adobe Reader XI (11.0.05).09-08-2014 00:03:03 Removido Apple Application Support09-08-2014 00:08:55 Removed Apple Mobile Device Support09-08-2014 00:11:03 Removido AVG 201209-08-2014 00:12:13 Removido AVG 201209-08-2014 00:20:39 Removed League of Legends ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2008-04-14 08:00 - 2008-04-14 08:00 - 00000776 ____A C:\WINDOWS\system32\Drivers\etc\hosts127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Arquivos de programas\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Arquivos de programas\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-299502267-1177238915-1003Core1cfb1e5c85aeb24.job => C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-515967899-299502267-1177238915-1003UA.job => C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exeTask: C:\WINDOWS\Tasks\ROC_REG_JAN.job => C:\Documents and Settings\All Users\Dados de aplicativos\AVG January 2013 Campaign\ROC.exeTask: C:\WINDOWS\Tasks\ROC_REG_JAN_DELETE.job => C:\Documents and Settings\All Users\Dados de aplicativos\AVG January 2013 Campaign\ROC.exe ==================== Loaded Modules (whitelisted) ============= 2011-09-15 16:50 - 2010-02-10 17:10 - 00141824 _____ () C:\Arquivos de programas\WinRAR\rarext.dll2008-04-14 08:00 - 2008-04-14 08:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll2014-08-06 22:20 - 2014-07-15 05:24 - 08537928 _____ () C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\36.0.1985.125\pdf.dll2014-08-06 22:20 - 2014-07-15 05:24 - 00353096 _____ () C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll2014-08-06 22:20 - 2014-07-15 05:24 - 01732936 _____ () C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll2014-08-08 20:41 - 2013-12-07 01:24 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe2014-08-08 20:41 - 2014-08-04 20:43 - 05431800 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.214\deploy\LoLLauncher.exe2014-08-08 20:41 - 2014-08-04 20:43 - 01640440 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.214\deploy\RiotLauncher.dll2014-08-08 20:47 - 2013-12-07 01:59 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.101\deploy\LolClient.exe2014-08-06 22:20 - 2014-07-15 05:24 - 14664008 _____ () C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll2014-08-07 20:02 - 2014-02-10 13:44 - 04592128 _____ () C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll2014-08-07 20:02 - 2014-02-10 13:44 - 00112128 _____ () C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\18997320.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\57892877.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\18997320.sys => ""="Driver"HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\57892877.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Adobe ARM => "C:\Arquivos de programas\Arquivos comuns\Adobe\ARM\1.0\AdobeARM.exe"MSCONFIG\startupreg: Alcmtr => ALCMTR.EXEMSCONFIG\startupreg: APSDaemon => "C:\Arquivos de programas\Arquivos comuns\Apple\Apple Application Support\APSDaemon.exe"MSCONFIG\startupreg: AVG_TRAY => "C:\Arquivos de programas\AVG\AVG2012\avgtray.exe"MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NMBgMonitor.exe"MSCONFIG\startupreg: Conime => %windir%\system32\conime.exeMSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exeMSCONFIG\startupreg: DAEMON Tools Lite => "C:\Arquivos de programas\DAEMON Tools Lite\DTLite.exe" -autorunMSCONFIG\startupreg: EKIJ5000StatusMonitor => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exeMSCONFIG\startupreg: Google Update => "C:\Documents and Settings\Douglas\Configurações locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe" /cMSCONFIG\startupreg: GoogleDriveSync => "C:\Arquivos de programas\Google\Drive\googledrivesync.exe" /autostartMSCONFIG\startupreg: googletalk => C:\Arquivos de programas\Google\Google Talk\googletalk.exe /autostartMSCONFIG\startupreg: GrooveMonitor => "C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe"MSCONFIG\startupreg: IntelWireless => "C:\Arquivos de programas\Arquivos comuns\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless TrayMSCONFIG\startupreg: IntelZeroConfig => "C:\Arquivos de programas\Intel\WiFi\bin\ZCfgSvc.exe"MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -kMSCONFIG\startupreg: NeroFilterCheck => C:\Arquivos de programas\Arquivos comuns\Ahead\Lib\NeroCheck.exeMSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupMSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInitMSCONFIG\startupreg: nwiz => nwiz.exe /installMSCONFIG\startupreg: RTHDCPL => RTHDCPL.EXEMSCONFIG\startupreg: SunJavaUpdateSched => "C:\Arquivos de programas\Arquivos comuns\Java\Java Update\jusched.exe"MSCONFIG\startupreg: WTFast Tray => "C:\Arquivos de programas\WTFast\WTFast.exe" trayonly ==================== Faulty Device Manager Devices ============= Name: Ricoh SD/MMC Host ControllerDescription: Ricoh SD/MMC Host ControllerClass Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}Manufacturer: Ricoh CompanyService: rimmptskProblem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. Name: Ricoh Memory Stick ControllerDescription: Ricoh Memory Stick Host ControllerClass Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}Manufacturer: Ricoh CompanyService: rimsptskProblem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. Name: Ricoh xD-Picture Card ControllerDescription: Ricoh xD-Picture Card ControllerClass Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}Manufacturer: Ricoh CompanyService: rismxdpProblem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)Resolution: A registry problem was detected. This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver. ==================== Event log errors: ========================= Application errors:==================Error: (09/14/2012 02:07:05 AM) (Source: BugSplat) (EventID: 1) (User: )Description: lol_beta_riotgames_comLOL_Public29562282 Error: (08/02/2012 00:30:01 AM) (Source: MsiInstaller) (EventID: 10005) (User: DOUG)Description: Product: Windows 7 USB/DVD Download Tool -- This application requires the Image Mastering API v2. Please install the Image Mastering API then run this installer again. Error: (07/31/2012 08:12:09 PM) (Source: Application Hang) (EventID: 1002) (User: )Description: Aplicativo com falha wmplayer.exe, versão 10.0.0.3802, módulo com falha hungapp, versão 0.0.0.0, endereço com falha 0x00000000. Error: (07/26/2012 08:49:15 AM) (Source: crypt32) (EventID: 11) (User: )Description: Falha ao extrair lista de raízes de terceiros do CAB de atualização automática em: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> com erro: Os dados são inválidos. Error: (07/26/2012 08:49:14 AM) (Source: crypt32) (EventID: 11) (User: )Description: Falha ao extrair lista de raízes de terceiros do CAB de atualização automática em: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> com erro: Os dados são inválidos. Error: (07/20/2012 05:02:49 PM) (Source: MySQL) (EventID: 100) (User: )Description: Use --lc-messages-dir without language specific part instead. For more information, see Help and Support Center at http://www.mysql.com. Error: (07/20/2012 05:02:49 PM) (Source: MySQL) (EventID: 100) (User: )Description: An old style --language value with language specific part detected: C:\Arquivos de programas\EasyPHP-5.3.9\mysql\share\english\ For more information, see Help and Support Center at http://www.mysql.com. Error: (07/19/2012 11:26:57 AM) (Source: Application Hang) (EventID: 1002) (User: )Description: Aplicativo com falha LolClient.exe, versão 2.0.2.12610, módulo com falha hungapp, versão 0.0.0.0, endereço com falha 0x00000000. Error: (07/16/2012 05:03:16 PM) (Source: crypt32) (EventID: 8) (User: )Description: Falha na recuperação de atualização automática do número de seqüência de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> com erro: Esta operação foi retornada porque o tempo limite expirou. Error: (07/16/2012 05:03:01 PM) (Source: crypt32) (EventID: 11) (User: )Description: Falha ao extrair lista de raízes de terceiros do CAB de atualização automática em: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> com erro: Os dados são inválidos. System errors:=============Error: (08/09/2014 03:51:54 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)Description: Erro "%%1058" no DCOM na tentativa de iniciar o serviço SENS com argumentos ""para iniciar o servidor:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} Error: (08/09/2014 03:51:54 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)Description: Erro "%%1058" no DCOM na tentativa de iniciar o serviço SENS com argumentos ""para iniciar o servidor:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} Error: (08/09/2014 03:51:54 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)Description: Erro "%%1058" no DCOM na tentativa de iniciar o serviço SENS com argumentos ""para iniciar o servidor:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} Error: (08/09/2014 03:51:54 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)Description: Erro "%%1058" no DCOM na tentativa de iniciar o serviço SENS com argumentos ""para iniciar o servidor:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} Error: (08/09/2014 03:51:54 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)Description: Erro "%%1058" no DCOM na tentativa de iniciar o serviço SENS com argumentos ""para iniciar o servidor:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} Error: (08/09/2014 03:51:54 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)Description: Erro "%%1058" no DCOM na tentativa de iniciar o serviço SENS com argumentos ""para iniciar o servidor:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} Error: (08/09/2014 03:51:54 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)Description: Erro "%%1058" no DCOM na tentativa de iniciar o serviço SENS com argumentos ""para iniciar o servidor:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} Error: (08/09/2014 03:51:54 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)Description: Erro "%%1058" no DCOM na tentativa de iniciar o serviço SENS com argumentos ""para iniciar o servidor:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} Error: (08/09/2014 03:51:54 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)Description: Erro "%%1058" no DCOM na tentativa de iniciar o serviço SENS com argumentos ""para iniciar o servidor:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} Error: (08/09/2014 03:51:54 PM) (Source: DCOM) (EventID: 10005) (User: AUTORIDADE NT)Description: Erro "%%1058" no DCOM na tentativa de iniciar o serviço SENS com argumentos ""para iniciar o servidor:{D3938AB0-5B9D-11D1-8DD2-00AA004ABD5E} Microsoft Office Sessions:========================= ==================== Memory info =========================== Percentage of memory in use: 43%Total physical RAM: 3070.36 MBAvailable physical RAM: 1724.18 MBTotal Pagefile: 4955.51 MBAvailable Pagefile: 3149.7 MBTotal Virtual: 2047.88 MBAvailable Virtual: 1921.69 MB ==================== Drives ================================ Drive c: (DANGEROUS) (Fixed) (Total:74.52 GB) (Free:13.14 GB) NTFS ==>[Drive with boot components (Windows XP)]Drive d: (DANGEROUS) (Fixed) (Total:74.52 GB) (Free:71.3 GB) NTFS ==================== MBR & Partition Table ================== ========================================================Disk: 0 (Size: 149 GB) (Disk ID: 4B994005)Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)Partition 2: (Not Active) - (Size=75 GB) - (Type=OF Extended) ==================== End Of Log ============================ Could somebody help me?
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.