[Arquivado] Como retirar i mirar toolbar do meu pc

[mmnunes 0]

Prezado moderador,

 

Gostaria de saber como tirar o mirar toolbar do meu pc, ja tentei seguir as instruçoes de um topico postado nesta pagina, mas nao deu certo.

Conheço pouco de computador, mas me indicando os passos talvez consiga.

Meu sistema operacional é o windons vista, e caso precisa de mais informaçoes me envie explicando, dependendo da complexidade como as forneço a você.

Agradeço antecipadamente a atençao prestada e aguardo resposta urgentemente.

[DigRam 144]

Prezado moderador,

 

Gostaria de saber como tirar o mirar toolbar do meu pc, ja tentei seguir as instruçoes de um topico postado nesta pagina, mas nao deu certo.

Conheço pouco de computador, mas me indicando os passos talvez consiga.

Meu sistema operacional é o windons vista, e caso precisa de mais informaçoes me envie explicando, dependendo da complexidade como as forneço a você.

Agradeço antecipadamente a atençao prestada e aguardo resposta urgentemente.

<><><><><><><><><>

Opa! mmnunes

 

<!> Poste o log do HijackThis,segundo este Tutorial.

 

< Regra Nº 02 - Utilizando O Hijackthis - LEIA ANTES DE POSTAR! >

 

<!> Maiores detalhes,na postagem: < http://forum.imasters.com.br/index.php...amp;pid=1229050 >

 

Abraços!

[mmnunes 0]

Gostaria de retirar o mirar toolbar do meu pc.

Agradeço a atençao prestada antecipadamente.

Segue o log do hijack this, e gostaria de informa-los que caso achem outro spyware ou virus que me fosse dito.

Aguardo resposta.

Att.

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 01:34:03, on 03/07/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\Sony\ISB Utility\ISBMgr.exe

C:\Program Files\AVG\AVG8\avgtray.exe

C:\Program Files\Java\jre1.6.0\bin\jusched.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Live\Messenger\msnmsgr.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Windows\System32\mobsync.exe

C:\Users\sipolatti\AppData\Roaming\Save\Save.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Internet Explorer\ieuser.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe

C:\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaio.sony-latin.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaio.sony-latin.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O2 - BHO: (no name) - {CFB6AE4D-4CA3-4513-88BB-8CA29F2F47C4} - C:\Windows\system32\winc578.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O3 - Toolbar: (no name) - {CFB6AE4C-4CA3-4513-88BB-8CA29F2F47C4} - C:\Windows\system32\winc578.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [unattend0000000001{F1D87F65-04D9-4366-84AB-E1360924BD02}] %PROGRAMFILES%\Sony\First Experience\VAIOWelcome.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [save] C:\Users\sipolatti\AppData\Roaming\Save\Save.exe

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O13 - Gopher Prefix:

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update Service (gupdate1c9b960445bafe1) (gupdate1c9b960445bafe1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe

O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe

O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 11963 bytes

[DigRam 144]

Bom Dia! mmnunes

 

<@> Abra o Spybot Search & Destroy!

<@> No menu superior,vá em Modo e selecione a opção Avançado. Confirme!

<@> Clique no botão Ferramentas e depois em Residente.

<@> Desmarque a opção: Ativar "TeaTimer" do Residente. ( Proteção geral das configurações de sistema )

<><><><><><><><><><>

<@> Baixe: < Malwarebytes >

<@> Atualize o programa!

<@> Escolha o escaneamento Completo!

<@> Desabilite programas de proteção,ao executar o malwarebytes.

<@> Procure enviar os ítens detectados para a quarentena,clicando em Remover itens.

<@> Para maiores detalhes: < Link >

<><><><><><><><><><>

<@> Poste,os relatórios: mbam-log-2009-xx-xx (00-00-00).txt + HijackThis,atualizado.

 

Abraços!

[mmnunes 0]

Prezado DigRam,

 

Segui os passos que me foram fornecidos por você e acho que consegui resolver meu problema, pois o mirar toolbar desapareceu da minha barra de ferramentas da net.

Agradeço a atençao prestada e parabenizo o excelente trabalho feito por vcs.

Segue os logs do hisjack e malwarebytes como me foi pedido.

Atenciosamente.

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 17:14:58, on 04/07/2009

Platform: Windows Vista SP1 (WinNT 6.00.1905)

MSIE: Internet Explorer v7.00 (7.00.6001.18000)

Boot mode: Normal

 

Running processes:

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Windows Defender\MSASCui.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\Sony\ISB Utility\ISBMgr.exe

C:\Program Files\AVG\AVG8\avgtray.exe

C:\Program Files\Java\jre1.6.0\bin\jusched.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Windows\System32\mobsync.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Users\sipolatti\AppData\Roaming\Save\Save.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Beautyscreens\Beautyscreens.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Internet Explorer\IEUser.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe

C:\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaio.sony-latin.com/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaio.sony-latin.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

O3 - Toolbar: (no name) - {CFB6AE4C-4CA3-4513-88BB-8CA29F2F47C4} - (no file)

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [iSBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe"

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [unattend0000000001{F1D87F65-04D9-4366-84AB-E1360924BD02}] %PROGRAMFILES%\Sony\First Experience\VAIOWelcome.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [save] C:\Users\sipolatti\AppData\Roaming\Save\Save.exe

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')

O4 - Startup: Beautyscreens1934258099.lnk = C:\Program Files\Beautyscreens\Beautyscreens.exe

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

O8 - Extra context menu item: E&xportar para o Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O13 - Gopher Prefix:

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll

O20 - AppInit_DLLs: avgrsstx.dll

O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update Service (gupdate1c9b960445bafe1) (gupdate1c9b960445bafe1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe

O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDms.exe

O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files\Sony\VAIO Media plus\SOHDs.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

--

End of file - 11808 bytes

 

 

 

Malwarebytes' Anti-Malware 1.38

Versão do banco de dados: 2368

Windows 6.0.6001 Service Pack 1

 

03/07/2009 12:35:55

mbam-log-2009-07-03 (12-35-55).txt

 

Tipo de Verificação: Completa (C:\|)

Objetos verificados: 198932

Tempo decorrido: 1 hour(s), 10 minute(s), 30 second(s)

 

Processos da Memória infectados: 0

Módulos de Memória Infectados: 1

Chaves do Registro infectadas: 5

Valores do Registro infectados: 2

Ítens do Registro infectados: 0

Pastas infectadas: 1

Arquivos infectados: 3

 

Processos da Memória infectados:

(Nenhum ítem malicioso foi detectado)

 

Módulos de Memória Infectados:

C:\Windows\System32\winc578.dll (Adware.Mirar) -> Delete on reboot.

 

Chaves do Registro infectadas:

HKEY_CLASSES_ROOT\CLSID\{cfb6ae4c-4ca3-4513-88bb-8ca29f2f47c4} (Adware.Mirar) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cfb6ae4c-4ca3-4513-88bb-8ca29f2f47c4} (Adware.Mirar) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{cfb6ae4d-4ca3-4513-88bb-8ca29f2f47c4} (Adware.Mirar) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cfb6ae4d-4ca3-4513-88bb-8ca29f2f47c4} (Adware.Mirar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cfb6ae4d-4ca3-4513-88bb-8ca29f2f47c4} (Adware.Mirar) -> Quarantined and deleted successfully.

 

Valores do Registro infectados:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{cfb6ae4c-4ca3-4513-88bb-8ca29f2f47c4} (Adware.Mirar) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{cfb6ae4c-4ca3-4513-88bb-8ca29f2f47c4} (Adware.Mirar) -> Quarantined and deleted successfully.

 

Ítens do Registro infectados:

(Nenhum ítem malicioso foi detectado)

 

Pastas infectadas:

C:\Program Files\Save (Adware.WhenUSave) -> Quarantined and deleted successfully.

 

Arquivos infectados:

C:\Windows\System32\winc578.dll (Adware.Mirar) -> Delete on reboot.

c:\Users\sipolatti\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\33E1C1CU\SETUP[1].exe (Adware.Mirar) -> Quarantined and deleted successfully.

c:\program files\Save\SaveUninst.exe (Adware.WhenUSave) -> Quarantined and deleted successfully.

[DigRam 144]

Boa Noite! mmnunes

 

<!> O Adware foi removido,e o log está limpo! :thumbsup:

<><><><><><><><><><>

<@> Baixe: < CCleaner >

<@> Salve-o no Desktop!

<@> Com a opção < Limpador >,já selecionada,clique em Analisar. --> Aguarde o progresso!

<@> Terminando,clique em Executar Cleaner.

<@> Na janela que surgir,dê o Ok. --> Aguarde o progresso!

<@> Selecionando a opção Registro,clique em Procurar erros.

<@> Terminando,clique em Corrigir erros selecionados...

<@> Na pergunta,clique em Sim!

<@> Nomeie os backups e clique em Salvar.

<@> Por alguns dias,estando tudo Ok,poderá deletar esse arquivo de backup. ( .reg )

<@> Na janela que aparecer,clique em: "Corrigir todos os erros selecionados"

<@> Clique em Ok --> Fechar.

<@> Para maiores detalhes,leia o Tutorial: < Link >

<><><><><><><><><><>

<@> Estando tudo Ok,crie um ponto limpo na Restauração do Sistema.

<@> Clique com o direito do mouse,em cima de Meu Computador --> Propriedades --> Restauração do Sistema.

<@> Marque: Desativar Restauração do Sistema --> Aplicar --> Aguarde! --> Ok.

<@> Depois,desmarque novamente! --> Aplicar --> Aguarde! --> Ok.

<@> Para maiores detalhes,leia o Tutorial: < Link >

 

Abraços!

[mmnunes 0]

Prezado Digram,

 

Gostariade saber qual a finalidade desse novo procedimento que pediu que eu tomasse.

Tambem gostaria que soubesse que apos a retirada do meu mirar toolbar, meu pc agora fica abrindo sozinho a pagina: http://ad.globe7.com/rw?title=&qs=ifra...advertise%2Ephp

Se puder resolva mais esse problema para mim.

Agradeço antecipadamente e aguardo resposta.

Atenciosamente.

[DigRam 144]

Boa Noite! mmnunes

 

Gostariade saber qual a finalidade desse novo procedimento que pediu que eu tomasse.

<!> É um procedimento de limpeza que,devido ao novo problema,será adiado.

 

Tambem gostaria que soubesse que apos a retirada do meu mirar toolbar, meu pc agora fica abrindo sozinho a pagina: http://ad.globe7.com/rw?title=&qs=ifra...advertise%2Ephp

Se puder resolva mais esse problema para mim.

<!> Vamos tentar! :thumbsup:

<><><><><><><><><>

<@> Baixe: < EliStarA >

<@> Na página,clique no botão: Descargar EliStarA v xx.xx,que fica situado ao pé da página.

<@> Salve-a no Desktop!

<@> Desabilite a(s) proteções residente,de antiVírus ou antiSpywares.

<@> Reinicie o computador em Modo de Segurança. <-- Importante!

<@> Vá ao ícone de EliStarA e execute-a!

<@> Aguarde o término do scan,e dê prosseguimento ao escaneamento exploratório.

<@> Terminando,será gerado um relatório ( infoSat.txt ),no Disco Local-C.

<@> A ferramenta,por opção,deletará a sua página inicial!

<@> Posteriormente,voçê à estabelecerá novamente!

<@> Reinicie,normalmente,o computador!

<@> Faça e poste,na sua resposta: infoSat.txt

<><><><><><><><><>

<@> Baixe: < DDS > ( ...by sUBs )

<@> Salve-o no desktop!

<@> Desabilite seus programas de proteção: antivírus,antimalware,antispyware ou firewall.

<@> Estando desconectado,execute a ferramenta! --> Duplo clique em dds.scr.

<@> Aguarde o término do scan,até obtermos o relatório. ( DDS.txt ) <--

<@> Surgirá,também,uma nova janela: "D.D.S - Optional_Scan" --> Clique em Sim.

<@> O Bloco de Notas irá abrir,com outro relatório. ( Attach.txt ) <--

<@> Ps: Caso o relatório seja incompreensível,renomeie o executável para DDS.exe e repita o scan.

<@> Outra janela,finalmente,abrir-se-à! --> Clique em OK.

<@> Salve os relatórios: DDS.txt + Attach.txt <-- Poste-os!

 

Abraços!

[mmnunes 0]

Prezado DigRam,

 

Segue os relatorios EliStar e DDS como me foi pedido.

Aguardo proximo procedimentos a serem tomados.

Agradeço antecipadamente a atença prestada.

Atenciosamente.

 

 

(6-7-2009 5:45:34 (GMT))

EliStartPage v18.95 ©2009 S.G.H. / Satinfo S.L. (Actualizado el 3 de Julio del 2009)

--------------------------------------------------

Lista de Acciones (por Acción Directa):

Sospechosa Clave "HKLM\...\Image File Execution Options\IEInstal.exe"

"Debugger"="NULL1"

 

(6-7-2009 5:46:44 (GMT))

EliStartPage v18.95 ©2009 S.G.H. / Satinfo S.L. (Actualizado el 3 de Julio del 2009)

--------------------------------------------------

Lista de Acciones (por Exploración):

Explorando "C:\"

 

Nº Total de Directorios: 19002

Nº Total de Ficheros: 113523

Nº de Ficheros Analizados: 26910

Nº de Ficheros Infectados: 0

Nº de Ficheros Limpiados: 0

 

 

 

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_09-06-26.01)

 

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 14/10/2008 06:16:59

System Uptime: 07/06/2009 02:59:18 (697 hours ago)

 

Motherboard: Sony Corporation | | VAIO

Processor: Intel® Pentium® Dual CPU T2390 @ 1.86GHz | N/A | 1867/133mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 141 GiB total, 91,062 GiB free.

D: is Removable

E: is Removable

F: is CDROM ()

 

==== Disabled Device Manager Items =============

 

==== System Restore Points ===================

 

 

==== Installed Programs ======================

 

 

2007 Microsoft Office Suite Service Pack 1 (SP1)

Add/Remove Pro (Freeware)

Adobe Common File Installer

Adobe Flash Player 10 ActiveX

Adobe Flash Player Plugin

Adobe Photoshop Elements 6.0

Adobe Premiere Elements 4.0

Adobe Premiere Elements 4.0 Templates

Adobe Reader 8.1.2 - Português

Alps Pointing-device for VAIO

Apple Mobile Device Support

Apple Software Update

Assistente de Conexão do Windows Live

AVG Free 8.0

AVIConverter 3.0

Bonjour

CDBurnerXP

Click to Disc

Click to Disc Editor

ConsumerUpdate

Extensão do Windows Live Toolbar (Windows Live Toolbar)

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Google Updater

HDAUDIO SoftV92 Data Fax Modem with SmartCP

Intel® Graphics Media Accelerator Driver

iTunes

Java SE Runtime Environment 6

LimeWire 4.18.8

Malwarebytes' Anti-Malware

Menus Inteligentes (Windows Live Toolbar)

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office Home and Student 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint Viewer 2007 (Portuguese (Brazil))

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

MSXML 4.0 SP2 (KB954430)

OpenMG Secure Module 5.0.00

Pacote de Compatibilidade para o sistema Office 2007

QuickTime

Realtek High Definition Audio Driver

SA25x5 & SA26x5 Device Manager

Save

Security Update for 2007 Microsoft Office System (KB951550)

Security Update for 2007 Microsoft Office System (KB951944)

Security Update for 2007 Microsoft Office System (KB955936)

Security Update for Microsoft Office Excel 2007 (KB955470)

Security Update for Microsoft Office OneNote 2007 (KB950130)

Security Update for Microsoft Office PowerPoint 2007 (KB951338)

Security Update for Microsoft Office Publisher 2007 (KB950114)

Security Update for Microsoft Office system 2007 (KB951808)

Security Update for Microsoft Office system 2007 (KB954326)

Security Update for Microsoft Office Word 2007 (KB950113)

Setting Utility Series

Skype™ 3.8

SonicStage Mastering Studio

SonicStage Mastering Studio Audio Filter

SonicStage Mastering Studio Audio Filter Custom Preset

SonicStage Mastering Studio Plugins

Sony Video Shared Library

Spybot - Search & Destroy

Update for Microsoft Office Excel 2007 Help (KB957242)

Update for Microsoft Office Outlook 2007 (KB952142)

Update for Microsoft Office Outlook 2007 Help (KB957246)

Update for Office 2007 (KB946691)

Update for Outlook 2007 Junk Email Filter (kb957829)

VAIO Content Folder Setting

VAIO Content Metadata Intelligent Analyzing Manager

VAIO Content Metadata Manager Setting

VAIO Content Metadata XML Interface Library

VAIO Control Center

VAIO DVD Menu Data Basic

VAIO Edit Components 6.4

VAIO Entertainment Platform

VAIO Event Service

VAIO Help and Support

VAIO Launcher

VAIO Media plus

VAIO Movie Story

VAIO Movie Story Template Data

VAIO MusicBox

VAIO MusicBox Sample Music

VAIO OOBE and Welcome Center

VAIO Original Function Setting

VAIO Power Management

VAIO Update 3

VAIO Wallpaper Contents

Visualizador do Marcador (Windows Live Toolbar)

Windows Live Favorites para Windows Live Toolbar

Windows Live installer

Windows Live Messenger

Windows Live Toolbar

WinDVD for VAIO

 

==== End Of File ===========================

[DigRam 144]

Bom Dia! mmnunes

 

<!> O relatório do DDS está incompleto!

<!> Resta postar: DDS.txt <--

 

Abraços!

[mmnunes 0]

Bom dia DigRam,

 

seguem os 2 relatorios: dds + attack.

Aguardo resposta.

Atemciosamente.

 

 

DDS (Ver_09-06-26.01) - NTFSx86

Run by sipolatti at 1:26:33,39 on 07/07/2009

Internet Explorer: 7.0.6001.18000

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.55.1046.18.2038.1112 [GMT -3:00]

 

AV: AVG Anti-Virus Free *On-access scanning disabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

SP: AVG Anti-Virus Free *enabled* (Outdated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

SP: Spybot - Search and Destroy *disabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}

SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}

 

============== Running Processes ===============

 

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

C:\Program Files\CDBurnerXP\NMSAccessU.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

C:\Windows\system32\igfxext.exe

C:\Windows\system32\igfxsrvc.exe

C:\Windows\system32\taskeng.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\Windows\system32\Dwm.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\system32\igfxsrvc.exe

C:\Program Files\Apoint\Apoint.exe

C:\Program Files\Sony\ISB Utility\ISBMgr.exe

C:\Program Files\AVG\AVG8\avgtray.exe

C:\Program Files\Java\jre1.6.0\bin\jusched.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\Beautyscreens\Beautyscreens.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Apoint\ApMsgFwd.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe

C:\Program Files\Windows Live\Messenger\usnsvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

C:\Windows\system32\taskeng.exe

C:\Windows\ehome\mcupdate.EXE

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Users\sipolatti\Desktop\dds.scr

C:\Windows\system32\conime.exe

C:\Windows\system32\wbem\wmiprvse.exe

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.terra.com.br/

uDefault_Page_URL = hxxp://vaio.sony-latin.com/

mDefault_Page_URL = hxxp://vaio.sony-latin.com/

uInternet Settings,ProxyOverride = *.local

BHO: Facilitador de Leitor de Link Adobe PDF: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll

BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL

BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll

BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File

BHO: Auxiliar de Conexão do Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.1.1309.3572\swg.dll

BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

BHO: 1 (0x1) - No File

BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll

TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll

uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe

uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background

uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun

uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe

uRun: [ares] "c:\program files\ares\Ares.exe" -h

mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [RtHDVCpl] RtHDVCpl.exe

mRun: [Apoint] c:\program files\apoint\Apoint.exe

mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"

mRun: [iSBMgr.exe] "c:\program files\sony\isb utility\ISBMgr.exe"

mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe

mRun: [unattend0000000001{F1D87F65-04D9-4366-84AB-E1360924BD02}] %PROGRAMFILES%\Sony\First Experience\VAIOWelcome.exe

mRun: [sunJavaUpdateSched] "c:\program files\java\jre1.6.0\bin\jusched.exe"

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"

dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background

StartupFolder: c:\users\sipola~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\beauty~1.lnk - c:\program files\beautyscreens\Beautyscreens.exe

StartupFolder: c:\users\sipola~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\beauty~1.lnk - c:\program files\beautyscreens\Beautyscreens.exe

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm

IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx

IE: E&xportar para o Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll

IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL

IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\google\google toolbar\component\fastsearch_A8904FB862BD9564.dll

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GR99D3~1.DLL

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: igfxcui - igfxdev.dll

Notify: VESWinlogon - VESWinlogon.dll

AppInit_DLLs: avgrsstx.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL

 

============= SERVICES / DRIVERS ===============

 

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-11-26 97928]

R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-2-1 76040]

R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\program files\adobe\photoshop elements 6.0\PhotoshopElementsFileAgent.exe [2007-9-11 124832]

R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-11-26 875288]

R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-11-26 231704]

R2 regi;regi;c:\windows\system32\drivers\regi.sys [2007-4-17 11032]

R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-6-30 1153368]

R2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\sony\vcm intelligent analyzing manager\VcmIAlzMgr.exe [2008-5-12 333088]

R3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys [2008-5-12 9344]

R3 ti21sony;ti21sony;c:\windows\system32\drivers\ti21sony.sys [2008-5-12 812544]

S2 gupdate1c9b960445bafe1;Google Update Service (gupdate1c9b960445bafe1);c:\program files\google\update\GoogleUpdate.exe [2009-4-9 133104]

S3 SOHCImp;VAIO Media plus Content Importer;c:\program files\sony\vaio media plus\SOHCImp.exe [2008-6-13 104288]

S3 SOHDms;VAIO Media plus Digital Media Server;c:\program files\sony\vaio media plus\SOHDms.exe [2008-6-13 350048]

S3 SOHDs;VAIO Media plus Device Searcher;c:\program files\sony\vaio media plus\SOHDs.exe [2008-6-13 63328]

S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\common files\sony shared\vcmxml\VcmXmlIfHelper.exe [2008-5-12 87328]

 

============== File Associations ===============

 

inffile=Notepad.exe "%1"

inifile=Notepad.exe "%1"

txtfile=Notepad.exe "%1"

 

=============== Created Last 30 ================

 

2009-07-03 11:07 <DIR> --d----- c:\users\sipola~1\appdata\roaming\Malwarebytes

2009-07-03 11:06 <DIR> --d----- c:\programdata\Malwarebytes

2009-07-03 11:06 <DIR> --d----- c:\progra~2\Malwarebytes

2009-07-03 02:08 1,222,519 a------- c:\windows\system32\aquariumwithfishes.Scr

2009-07-03 02:08 <DIR> --d----- c:\program files\Beautyscreens

2009-07-02 01:08 <DIR> --d----- c:\windows\pss

2009-07-01 23:11 <DIR> a-d----- c:\programdata\TEMP

2009-07-01 23:10 <DIR> --d----- c:\program files\common files\PC Tools

2009-07-01 23:10 <DIR> --d----- c:\users\sipola~1\appdata\roaming\PC Tools

2009-07-01 23:10 <DIR> --d----- c:\programdata\PC Tools

2009-07-01 23:10 <DIR> --d----- c:\program files\Spyware Doctor

2009-07-01 23:10 <DIR> --d----- c:\progra~2\PC Tools

2009-06-30 23:02 <DIR> --d----- c:\programdata\Spybot - Search & Destroy

2009-06-30 23:02 <DIR> --d----- c:\program files\Spybot - Search & Destroy

2009-06-30 23:02 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy

2009-06-30 15:14 70,626 a------- c:\windows\system32\winc5.exe

 

==================== Find3M ====================

 

2009-06-30 19:02 634,222 a------- c:\windows\system32\prfh0416.dat

2009-06-30 19:02 121,888 a------- c:\windows\system32\prfc0416.dat

2008-12-14 22:26 86,016 a------- c:\windows\inf\infstrng.dat

2008-12-14 22:26 86,016 a------- c:\windows\inf\infstor.dat

2008-12-14 22:26 51,200 a------- c:\windows\inf\infpub.dat

2008-11-28 01:06 665,600 a------- c:\windows\inf\drvindex.dat

2008-11-25 17:49 56 a---h--- c:\programdata\ezsidmv.dat

2008-11-25 17:49 56 a---h--- c:\progra~2\ezsidmv.dat

2008-01-21 02:23 37,412 a------- c:\windows\inf\perflib\0416\perfd.dat

2008-01-21 02:23 318,818 a------- c:\windows\inf\perflib\0416\perfi.dat

2008-01-21 02:23 318,818 a------- c:\windows\inf\perflib\0416\perfh.dat

2008-01-21 02:23 37,412 a------- c:\windows\inf\perflib\0416\perfc.dat

2008-01-20 23:43 174 a--sh--- c:\program files\desktop.ini

2006-11-02 06:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat

2006-11-02 06:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat

2006-11-02 06:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat

2006-11-02 06:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat

 

============= FINISH: 1:27:36,95 ===============

 

 

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_09-06-26.01)

 

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume2

Install Date: 14/10/2008 06:16:59

System Uptime: 07/07/2009 01:15:25 (0 hours ago)

 

Motherboard: Sony Corporation | | VAIO

Processor: Intel® Pentium® Dual CPU T2390 @ 1.86GHz | N/A | 1867/133mhz

 

==== Disk Partitions =========================

 

C: is FIXED (NTFS) - 141 GiB total, 90,796 GiB free.

D: is Removable

E: is Removable

F: is CDROM ()

 

==== Disabled Device Manager Items =============

 

==== System Restore Points ===================

 

 

==== Installed Programs ======================

 

 

2007 Microsoft Office Suite Service Pack 1 (SP1)

Adobe Common File Installer

Adobe Flash Player 10 ActiveX

Adobe Flash Player Plugin

Adobe Photoshop Elements 6.0

Adobe Premiere Elements 4.0

Adobe Premiere Elements 4.0 Templates

Adobe Reader 8.1.2 - Português

Alps Pointing-device for VAIO

Apple Mobile Device Support

Apple Software Update

Assistente de Conexão do Windows Live

AVG Free 8.0

Bonjour

CDBurnerXP

Click to Disc

Click to Disc Editor

ConsumerUpdate

Extensão do Windows Live Toolbar (Windows Live Toolbar)

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

Google Updater

HDAUDIO SoftV92 Data Fax Modem with SmartCP

Intel® Graphics Media Accelerator Driver

iTunes

Java SE Runtime Environment 6

LimeWire 4.18.8

Menus Inteligentes (Windows Live Toolbar)

Microsoft Office Access MUI (Portuguese (Brazil)) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

Microsoft Office Home and Student 2007

Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

Microsoft Office PowerPoint Viewer 2007 (Portuguese (Brazil))

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (Portuguese (Brazil)) 2007

Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

Microsoft Office Suite Activation Assistant

Microsoft Office Word MUI (Portuguese (Brazil)) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

MSXML 4.0 SP2 (KB954430)

OpenMG Secure Module 5.0.00

Pacote de Compatibilidade para o sistema Office 2007

QuickTime

Realtek High Definition Audio Driver

SA25x5 & SA26x5 Device Manager

Security Update for 2007 Microsoft Office System (KB951550)

Security Update for 2007 Microsoft Office System (KB951944)

Security Update for 2007 Microsoft Office System (KB955936)

Security Update for Microsoft Office Excel 2007 (KB955470)

Security Update for Microsoft Office OneNote 2007 (KB950130)

Security Update for Microsoft Office PowerPoint 2007 (KB951338)

Security Update for Microsoft Office Publisher 2007 (KB950114)

Security Update for Microsoft Office system 2007 (KB951808)

Security Update for Microsoft Office system 2007 (KB954326)

Security Update for Microsoft Office Word 2007 (KB950113)

Setting Utility Series

Skype™ 3.8

SonicStage Mastering Studio

SonicStage Mastering Studio Audio Filter

SonicStage Mastering Studio Audio Filter Custom Preset

SonicStage Mastering Studio Plugins

Sony Video Shared Library

Spybot - Search & Destroy

Update for Microsoft Office Excel 2007 Help (KB957242)

Update for Microsoft Office Outlook 2007 (KB952142)

Update for Microsoft Office Outlook 2007 Help (KB957246)

Update for Office 2007 (KB946691)

Update for Outlook 2007 Junk Email Filter (kb957829)

VAIO Content Folder Setting

VAIO Content Metadata Intelligent Analyzing Manager

VAIO Content Metadata Manager Setting

VAIO Content Metadata XML Interface Library

VAIO Control Center

VAIO DVD Menu Data Basic

VAIO Edit Components 6.4

VAIO Entertainment Platform

VAIO Event Service

VAIO Help and Support

VAIO Launcher

VAIO Media plus

VAIO Movie Story

VAIO Movie Story Template Data

VAIO MusicBox

VAIO MusicBox Sample Music

VAIO OOBE and Welcome Center

VAIO Original Function Setting

VAIO Power Management

VAIO Update 3

VAIO Wallpaper Contents

Visualizador do Marcador (Windows Live Toolbar)

Windows Live Favorites para Windows Live Toolbar

Windows Live installer

Windows Live Messenger

Windows Live Toolbar

WinDVD for VAIO

 

==== End Of File ===========================

 

 

Bom Dia! mmnunes

 

<!> O relatório do DDS está incompleto!

<!> Resta postar: DDS.txt <--

 

Abraços!

[DigRam 144]

Bom Dia! mmnunes

 

<!> Não encontro maiores problemas,no log,originando esses redirecionamentos.

<!> Tente,à princípio,um escaneamento online.

<!> Caso não resolva,edite o arquivo hosts.

<><><><><><><><><><>

<@> Faça um escaneamento,online,em: < Eset Nod32 >

<@> Utilize o navegador Internet Explorer.

<@> Marque a caixa: "SIM,aceito as condições de uso" --> Iniciar.

<@> Marque a caixa: "YES, I accept the Terms of Use" --> Start.

<@> Aceite a instalação do ActiveX e,ao terminar,salve e poste o relatório. ( C:\Arquivos de programas\EsetOnlineScanner\log )

<><><><><><><><><><>

<@> Edite o arquivo hosts,e verifique se o endereço ainda lhe incomoda.

<@> Abra o Notepad,com privilégios de administrador.

<@> Vá em Iniciar --> Todos os Programas --> Acessórios.

<@> Clique com o direito do mouse,sobre o programa Notepad. ( Bloco de Notas! )

<@> Selecione-o para abrir como administrador.

<@> Abra,o arquivo em destaque,utilizando o Bloco de Notas.

 

<!> c:\windows\System32\drivers\etc\hosts <-- Este aquivo!

 

<@> Ps: Para inserir um nome,"meudominio" no hosts,bastando adicionar a linha abaixo e salvar o arquivo.

 

<!> 127.0.0.1 meudominio <-- Exemplo!

<><><><><><><><><><>

<!> Ps: No seu caso,basta a linha: 127.0.0.1 ad.globe7.com

<!> Temos,logo abaixo,outros domínios que queira bloquear.

 

127.0.0.1 hs2.zonelabs.com

127.0.0.1 pa2.zonelabs.com

127.0.0.1 chatenabled.mail.google.com

127.0.0.1 www.google-analytics.com

127.0.0.1 www.alexa.com

127.0.0.1 google-analytics.com

127.0.0.1 c32.statcounter.com

127.0.0.1 refer.ccbill.com

127.0.0.1 content.yieldmanager.edgesuite.net

127.0.0.1 aj.600z.com

127.0.0.1 ad.doubleclick.net

127.0.0.1 adrequisitor-af.lp.uol.com.br

127.0.0.1 adclient-af.lp.uol.com.br

127.0.0.1 beta.easyhitcounters.com

127.0.0.1 ads.adbrite.com

127.0.0.1 adserving.cpxinteractive.com

127.0.0.1 ad.yieldmanager.com

127.0.0.1 imppt.tradedoubler.com

127.0.0.1 hstpt.tradedoubler.com

127.0.0.1 view.atdmt.com

127.0.0.1 ff.connextra.com

127.0.0.1 dd.connextra.com

127.0.0.1 ad.adlegend.com

127.0.0.1 jlinks.industrybrains.com

127.0.0.1 pixel.quantserve.com

127.0.0.1 pagead2.googlesyndication.com

127.0.0.1 img.bol.com.br

127.0.0.1 barra.uol.com.br

127.0.0.1 s4.histats.com

127.0.0.1 adv.blogupp.com

127.0.0.1 img.netaffiliation.com

127.0.0.1 us.i1.yimg.com

127.0.0.1 us.a2.yimg.com

127.0.0.1 l.yimg.com

127.0.0.1 a.tribalfusion.com

127.0.0.1 action.metaffiliation.com

127.0.0.1 ad.adlegend.com

127.0.0.1 ad.adserverplus.com

127.0.0.1 ad.bus400.tbn.ruDB

127.0.0.1 ad.directaclick.com

127.0.0.1 ad.doubleclick.net

127.0.0.1 ad.globe7.comDB

127.0.0.1 ad.globe7.com

127.0.0.1 ad.harrenmedianetwork.com

127.0.0.1 ad.linksynergy.com

127.0.0.1 ad.statcounter.com

127.0.0.1 ad.theadhost.comDB

127.0.0.1 ad.yieldmanager.com

127.0.0.1 adclient-af.lp.uol.com.br

127.0.0.1 adinstall.com

127.0.0.1 adrequisitor-af.lp.uol.com.br

127.0.0.1 ads.adbrite.com

127.0.0.1 ads.clicksor.com

127.0.0.1 ads.rediff.com

127.0.0.1 ads10533.hotwords.com.br

127.0.0.1 ads10535.hotwords.com.br

127.0.0.1 ads11487.hotwords.com.br

127.0.0.1 ads30.hotword.com.br

127.0.0.1 ads8672.hotwords.com.br

127.0.0.1 adsense-tech.blogspot.com

127.0.0.1 adserver.ig.com.br

127.0.0.1 adserving.cpxinteractive.com

127.0.0.1 adv.blogupp.com

127.0.0.1 ak-media.beatport.com

127.0.0.1 ak.imgfarm.com

127.0.0.1 analytics.hosting24.com

127.0.0.1 assets.blogcatalog.com

127.0.0.1 assets1.blogblogs.com.br

127.0.0.1 assets1.dihitt.com.br

127.0.0.1 assets2.blogblogs.com.br

127.0.0.1 assets3.blogblogs.com.br

127.0.0.1 assets4.blogblogs.com.br

127.0.0.1 assets5.blogblogs.com.br

127.0.0.1 awsurveys.com

127.0.0.1 b1.adbrite.com

127.0.0.1 banners.amfibi.com

127.0.0.1 barra.bol.com.br

127.0.0.1 barra.uol.com.br

127.0.0.1 bdv.bidvertiser.com

127.0.0.1 bloggeradsense.k.nu

127.0.0.1 c.fsdn.com

127.0.0.1 c.statcounter.com

127.0.0.1 c1.statcounter.com

127.0.0.1 c11.statcounter.com

127.0.0.1 c13.statcounter.com

127.0.0.1 c26.statcounter.com

127.0.0.1 c31.statcounter.com

127.0.0.1 c32.statcounter.com

127.0.0.1 c34.statcounter.com

127.0.0.1 c39.statcounter.com

127.0.0.1 cache.btrll.com

127.0.0.1 cafepress.com

127.0.0.1 caoazul.com

127.0.0.1 cbk0.google.com

127.0.0.1 ccp.vo.llnwd.net

127.0.0.1 cdn.widgetserver.com

127.0.0.1 cdn5.tribalfusion.com

127.0.0.1 celldorado.com

127.0.0.1 click.adbrite.com

127.0.0.1 contador.2w.com.br

127.0.0.1 contentwatch.com

127.0.0.1 core.videoegg.com

127.0.0.1 count1.altastat.com

127.0.0.1 counter.yadro.ru

127.0.0.1 counter01.abacho.net

127.0.0.1 counter160.com

127.0.0.1 counters.gigya.com

127.0.0.1 ctxt.tribalfusion.com

127.0.0.1 ctxtad.tribalfusion.com

127.0.0.1 ctxtfly.tribalfusion.com

127.0.0.1 download.windowsupdate.com

127.0.0.1 e-referrer.com

127.0.0.1 e2.extreme-dm.com

127.0.0.1 edge.devshed.com

127.0.0.1 edge.quantserve.com

127.0.0.1 eprimer.com.br

127.0.0.1 error.000webhost.com

127.0.0.1 farm1.static.flickr.com

127.0.0.1 farm2.static.flickr.com

127.0.0.1 farm3.static.flickr.com

127.0.0.1 farm4.static.flickr.com

127.0.0.1 geo.digitalpoint.com

127.0.0.1 geo.yahoo.com

127.0.0.1 geoloc1.geovisite.com

127.0.0.1 googleadservices.com

127.0.0.1 hstpt.tradedoubler.com

127.0.0.1 https.dontrateme.com

127.0.0.1 i.i.com.com

127.0.0.1 jlinks.industrybrains.com

127.0.0.1 jscripts.ning.com

127.0.0.1 kona.kontera.com

127.0.0.1 kona18.kontera.com

127.0.0.1 kona19.kontera.com

127.0.0.1 konax.kontera.com

127.0.0.1 l.yimg.com

127.0.0.1 lh3.ggpht.com

127.0.0.1 logv27.xiti.com

127.0.0.1 mm.chitika.net

127.0.0.1 mercadolivre.com.br

127.0.0.1 musclepartners.com

127.0.0.1 my3.statcounter.com

127.0.0.1 my5.statcounter.com

127.0.0.1 my7.statcounter.com

127.0.0.1 my8.statcounter.com

127.0.0.1 my9.statcounter.com

127.0.0.1 n.tt.uol.com.br

127.0.0.1 needhits.net

127.0.0.1 network.adsmarket.com

127.0.0.1 nossotop.com.br

127.0.0.1 obyjag.bay.livefilestore.com

127.0.0.1 open.thumbshots.org

127.0.0.1 optimizedby.rmxads.com

127.0.0.1 pt.anuncioo.com

127.0.0.1 pub.mybloglog.com

127.0.0.1 pub.oxado.com

127.0.0.1 s1.hit.stat24.com

127.0.0.1 s10.histats.com

127.0.0.1 s34.sitemeter.com

127.0.0.1 s4.histats.com

127.0.0.1 s44.sitemeter.com

127.0.0.1 scripts.chitika.net

127.0.0.1 sm1.sitemeter.com

127.0.0.1 smartad.mercadolivre.com.br

127.0.0.1 st.hit.gemius.pl

127.0.0.1 stats.frDB38

127.0.0.1 stats.indextools.com

127.0.0.1 stats.topofblogs.com

127.0.0.1 statse.webtrendslive.com

127.0.0.1 t1.extreme-dm.com

127.0.0.1 tags.expo9.exponential.com

127.0.0.1 text-link-ads.com

127.0.0.1 thumbnails.buscape.com.br

127.0.0.1 thumbnails.nameintel.com

127.0.0.1 track.mybloglog.com

127.0.0.1 track.webtrekk.de

127.0.0.1 track2.mybloglog.com

127.0.0.1 track3.mybloglog.com

127.0.0.1 us.a2.yimg.com

127.0.0.1 us.i1.yimg.com

127.0.0.1 us.js2.yimg.com

127.0.0.1 us.lrd.yahoo.com

127.0.0.1 zde-affinity.edgecaching.net

127.0.0.1 zde.am.affinity.com

127.0.0.1 zeus.developershed.com

127.0.0.1 14625.hittail.com

127.0.0.1 1936.stats.stats.fr

127.0.0.1 r1.beta.ace.advertising.com

127.0.0.1 www.googleadservices.com

127.0.0.1 pixel.quantserve.com

127.0.0.1 media.adrevolver.com

127.0.0.1 bannerfarm.ace.advertising.com

127.0.0.1 cdn2.adsdk.com

127.0.0.1 servedby.advertising.com

127.0.0.1 uac.advertising.com

127.0.0.1 ad.doubleclick.net

127.0.0.1 click.adbrite.com

127.0.0.1 s.megaclick.com

127.0.0.1 www.ademails.com

127.0.0.1 ads.sapo.pt

127.0.0.1 h.s.sl.pt

127.0.0.1 adimgs.sapo.pt

127.0.0.1 imgs.sapo.pt

<@> Edite o hosts com esses domínios,e voçê estará livre de redirecionamentos desagradáveis.

 

Abraços!

[mmnunes 0]

Prezado DigRam,

 

Gostaria de agradece-lo pela ajuda, pois conseguyi tirar o mirartoolbar do meu pc.

Porem agora, como ja informado a voce fica abrindo a pagina do "ad.globe7.com" e "http://wixawin.funclub-brasil.com/br/ads/macair.aspx?clickid=001wtd2iVgYZ3GvAhC2.GksLIW000000&ce_cid=001wtd2iVgYZ3GvAhC2.GksLIW000000".

Passei o scan do eset como me pediu e nao apareceu nenhuma ameaça no meu pc, porem nao consigo seguir suas instruçoes e bloquear tais paginas pelo bloco de notas como me orientou.

POr favor me forneça maiores esclarecimentos, de forma mais simples, para que eu possa bloquear tais paginas.

Desculpe a demora na resposta, mas fiquei em viagem em julho a trabalho.

Agradeço antecipadamente a atençao prestada.

aguardo resposta.

Att,

 

Marcelo.

[DigRam 144]

Boa Noite! mmnunes

 

<@> Baixe: < OTListIt2 > ( ...by OldTimer Tools )

<@> Salve-o no desktop!

<@> Duplo clique em OTListIt2.exe --> Marque a opção "Scan All Users".

 

<@> Clique em: < > --> Aguarde!

 

<@> Dois logs serão gerados no Bloco de Notas:

<@> Poste:

 

<1> OTListIt.txt <--

<2> Extra.txt <-- Estará minimizado!

 

Abraços!

[mmnunes 0]

Prezado DigRam,

 

Segue os dois logs como me foi pedido.

agradeço antecipadamente a atençao prestada.

 

OTL logfile created on: 11/08/2009 00:05:20 - Run 1

OTL by OldTimer - Version 3.0.10.5 Folder = C:\Users\sipolatti\Desktop

Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

 

1,99 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 47,06% Memory free

4,00 Gb Paging File | 2,98 Gb Available in Paging File | 74,47% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 141,17 Gb Total Space | 92,33 Gb Free Space | 65,41% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: MMVN

Current User Name: sipolatti

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

========== Processes (SafeList) ==========

 

PRC - [2007/09/11 00:45:04 | 00,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

PRC - [2008/11/07 13:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

PRC - [2008/11/26 01:02:33 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de Programas\AVG\AVG8\avgwdsvc.exe

PRC - [2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe

PRC - [2007/01/04 19:48:52 | 00,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe

PRC - [2008/10/20 21:18:26 | 00,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe

PRC - [2007/08/14 20:05:18 | 00,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

PRC - [2008/03/03 14:45:48 | 00,333,088 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe

PRC - [2008/04/02 11:07:38 | 00,279,848 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

PRC - [2008/02/05 21:06:19 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe

PRC - [2008/04/02 11:07:54 | 00,184,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

PRC - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

PRC - [2008/04/02 11:07:56 | 00,147,456 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

PRC - [2007/08/14 20:05:18 | 00,100,472 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe

PRC - [2008/01/20 23:24:59 | 00,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WUDFHost.exe

PRC - [2008/02/04 21:08:48 | 00,166,424 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxext.exe

PRC - [2008/02/04 21:09:00 | 00,252,440 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe

PRC - [2008/01/20 23:24:24 | 02,927,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\Explorer.EXE

PRC - [2008/01/20 23:23:32 | 01,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe

PRC - [2008/02/04 21:08:30 | 00,154,136 | ---- | M] (Intel Corporation) -- C:\Windows\System32\hkcmd.exe

PRC - [2008/02/04 21:08:48 | 00,137,752 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxpers.exe

PRC - [2008/02/22 21:38:50 | 00,122,880 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apoint.exe

PRC - [2007/11/21 12:38:28 | 00,311,296 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\ISB Utility\ISBMgr.exe

PRC - [2008/11/27 23:10:00 | 01,261,336 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG8\avgtray.exe

PRC - [2008/05/12 11:16:16 | 00,077,824 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre1.6.0\bin\jusched.exe

PRC - [2008/11/20 12:20:54 | 00,290,088 | ---- | M] (Apple Inc.) -- C:\Program Files\iTunes\iTunesHelper.exe

PRC - [2006/10/26 23:47:42 | 00,031,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

PRC - [2008/01/20 23:25:11 | 00,125,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehtray.exe

PRC - [2008/01/20 23:23:29 | 01,233,920 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Sidebar\sidebar.exe

PRC - [2009/03/02 18:28:17 | 00,039,408 | ---- | M] (Google Inc.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2009/06/23 17:41:06 | 00,587,577 | ---- | M] () -- C:\Program Files\Beautyscreens\Beautyscreens.exe

PRC - [2008/03/07 11:48:38 | 00,921,600 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

PRC - [2008/01/22 18:16:14 | 00,550,752 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe

PRC - [2008/02/04 21:09:00 | 00,252,440 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.exe

PRC - [2008/01/20 23:23:32 | 00,095,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mobsync.exe

PRC - [2008/11/26 01:02:34 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de Programas\AVG\AVG8\avgemc.exe

PRC - [2008/01/20 23:25:11 | 00,037,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehmsas.exe

PRC - [2008/11/20 12:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe

PRC - [2008/02/22 21:38:49 | 00,050,472 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\ApMsgFwd.exe

PRC - [2008/02/22 21:38:50 | 00,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\Apoint\Apntex.exe

PRC - [2007/10/18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe

PRC - [2009/06/12 04:18:52 | 00,280,176 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe

PRC - [2008/01/20 23:25:20 | 00,864,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

PRC - [2008/01/20 23:24:49 | 00,299,520 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEUser.exe

PRC - [2007/09/20 09:35:36 | 00,118,336 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe

PRC - [2008/01/20 23:23:50 | 00,625,664 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\iexplore.exe

PRC - [2009/02/02 23:07:18 | 00,240,544 | R--- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashUtil10b.exe

PRC - [2009/08/11 00:04:25 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\sipolatti\Desktop\OTL.exe

PRC - [2008/01/20 23:24:52 | 00,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe

 

========== Win32 Services (SafeList) ==========

 

SRV - [2007/09/11 00:45:04 | 00,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0 [Auto | Running])

SRV - [2008/11/07 13:28:16 | 00,132,424 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe -- (Apple Mobile Device [Auto | Running])

SRV - [2008/11/26 01:02:34 | 00,875,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de Programas\AVG\AVG8\avgemc.exe -- (avg8emc [Auto | Running])

SRV - [2008/11/26 01:02:33 | 00,231,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Arquivos de Programas\AVG\AVG8\avgwdsvc.exe -- (avg8wd [Auto | Running])

SRV - [2008/08/29 09:18:44 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])

SRV - [2008/01/20 23:24:55 | 00,070,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])

SRV - [2008/01/20 23:25:09 | 00,292,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehRecvr.exe -- (ehRecvr [On_Demand | Stopped])

SRV - [2006/11/02 09:35:29 | 00,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehsched.exe -- (ehSched [On_Demand | Stopped])

SRV - [2006/11/02 09:35:29 | 00,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\ehome\ehstart.dll -- (ehstart [Auto | Stopped])

SRV - [2008/01/20 23:23:49 | 01,013,760 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wevtsvc.dll -- (Eventlog [Auto | Running])

SRV - [2008/06/13 16:06:46 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])

SRV - [2008/01/20 23:25:20 | 00,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])

SRV - [2009/04/09 19:12:05 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9b960445bafe1 [Auto | Stopped])

SRV - [2009/04/28 15:11:45 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])

SRV - [2008/01/20 23:25:20 | 00,864,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Running])

SRV - [2008/11/20 12:20:44 | 00,536,872 | ---- | M] (Apple Inc.) -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service [On_Demand | Running])

SRV - [2007/01/04 19:48:52 | 00,112,152 | R--- | M] (InterVideo) -- C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr [Auto | Running])

SRV - [2006/10/26 23:47:54 | 00,065,824 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe -- (Microsoft Office Groove Audit Service [On_Demand | Stopped])

SRV - [2007/11/28 02:02:20 | 00,053,248 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe -- (MSCSPTISRV [On_Demand | Stopped])

SRV - [2008/01/20 23:25:21 | 00,122,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])

SRV - [2008/10/20 21:18:26 | 00,071,096 | ---- | M] () -- C:\Program Files\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU [Auto | Running])

SRV - [2007/08/24 02:19:12 | 00,443,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])

SRV - [2006/10/26 13:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])

SRV - [2007/11/28 01:43:44 | 00,053,248 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe -- (PACSPTISVR [On_Demand | Stopped])

SRV - [2009/01/26 15:31:10 | 01,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService [Auto | Running])

SRV - [2008/03/04 20:54:50 | 00,104,288 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media plus\SOHCImp.exe -- (SOHCImp [On_Demand | Stopped])

SRV - [2008/03/04 20:56:42 | 00,350,048 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media plus\SOHDms.exe -- (SOHDms [On_Demand | Stopped])

SRV - [2008/03/04 20:58:30 | 00,063,328 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Media plus\SOHDs.exe -- (SOHDs [On_Demand | Stopped])

SRV - [2007/11/28 02:08:02 | 00,077,824 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe -- (SPTISRV [On_Demand | Stopped])

SRV - [2007/10/18 10:31:54 | 00,098,328 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\usnsvc.exe -- (usnjsvc [On_Demand | Running])

SRV - [2008/04/02 11:07:58 | 00,073,728 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped])

SRV - [2007/08/14 20:05:18 | 00,182,392 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service [Auto | Running])

SRV - [2008/03/03 14:45:48 | 00,333,088 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr [Auto | Running])

SRV - [2008/03/03 13:27:14 | 00,087,328 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper.exe -- (VcmXmlIfHelper [On_Demand | Stopped])

SRV - [2008/04/02 11:07:38 | 00,279,848 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe -- (Vcsw [On_Demand | Running])

SRV - [2008/04/02 11:07:54 | 00,184,320 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe -- (VzCdbSvc [Auto | Running])

SRV - [2008/04/02 11:07:56 | 00,147,456 | ---- | M] (Sony Corporation) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe -- (VzFw [Auto | Running])

SRV - [2008/01/20 23:23:32 | 00,272,952 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend [Auto | Running])

SRV - [2007/10/25 14:27:54 | 00,266,240 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\installer\WLSetupSvc.exe -- (WLSetupSvc [On_Demand | Stopped])

SRV - [2008/01/20 23:25:33 | 00,896,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])

SRV - [2008/02/05 21:06:19 | 00,386,560 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.exe -- (XAudioService [Auto | Running])

 

========== Driver Services (SafeList) ==========

 

DRV - [2008/01/20 23:23:21 | 00,422,968 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx [Disabled | Stopped])

DRV - [2008/01/20 23:23:25 | 00,300,600 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci [Disabled | Stopped])

DRV - [2008/01/20 23:23:26 | 00,101,432 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m [Disabled | Stopped])

DRV - [2008/01/20 23:23:27 | 00,149,560 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320 [Disabled | Stopped])

DRV - [2006/11/02 06:50:11 | 00,071,272 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx [Disabled | Stopped])

DRV - [2008/01/20 23:23:00 | 00,017,464 | ---- | M] (Acer Laboratories Inc.) -- C:\Windows\system32\drivers\aliide.sys -- (aliide [Disabled | Stopped])

DRV - [2008/02/22 21:38:50 | 00,164,400 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Windows\System32\DRIVERS\Apfiltr.sys -- (ApfiltrService [On_Demand | Running])

DRV - [2008/01/20 23:23:23 | 00,079,416 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arc.sys -- (arc [Disabled | Stopped])

DRV - [2008/01/20 23:23:24 | 00,079,928 | ---- | M] (Adaptec, Inc.) -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas [Disabled | Stopped])

DRV - [2007/12/14 01:03:35 | 00,758,784 | ---- | M] (Atheros Communications, Inc.) -- C:\Windows\System32\DRIVERS\athr.sys -- (athr [On_Demand | Running])

DRV - [2008/11/26 01:02:40 | 00,097,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgldx86.sys -- (AvgLdx86 [system | Running])

DRV - [2008/11/26 01:02:39 | 00,026,824 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgmfx86.sys -- (AvgMfx86 [system | Running])

DRV - [2009/02/01 18:39:43 | 00,076,040 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\Drivers\avgtdix.sys -- (AvgTdiX [system | Running])

DRV - [2006/11/02 05:24:45 | 00,013,568 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo [On_Demand | Stopped])

DRV - [2006/11/02 05:24:46 | 00,005,248 | ---- | M] (Brother Industries, Ltd.) -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp [On_Demand | Stopped])

DRV - [2006/11/02 05:25:24 | 00,071,808 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserid.sys -- (Brserid [Disabled | Stopped])

DRV - [2006/11/02 05:24:44 | 00,062,336 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm [Disabled | Stopped])

DRV - [2006/11/02 05:24:44 | 00,012,160 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm [Disabled | Stopped])

DRV - [2006/11/02 05:24:47 | 00,011,904 | ---- | M] (Brother Industries Ltd.) -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer [On_Demand | Stopped])

DRV - [2006/10/06 17:49:00 | 00,044,224 | R--- | M] (BVRP Software) -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5 [On_Demand | Stopped])

DRV - [2008/01/20 23:23:00 | 00,019,000 | ---- | M] (CMD Technology, Inc.) -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide [Disabled | Stopped])

DRV - [2007/12/13 17:40:06 | 00,010,216 | ---- | M] (Sony Corporation) -- C:\Windows\System32\DRIVERS\DMICall.sys -- (DMICall [system | Running])

DRV - [2008/01/20 23:23:24 | 00,118,784 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\E1G60I32.sys -- (E1G60 [On_Demand | Stopped])

DRV - [2008/01/20 23:23:22 | 00,342,584 | ---- | M] (Emulex) -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor [Disabled | Stopped])

DRV - [2008/04/17 12:12:54 | 00,015,464 | ---- | M] (GEAR Software Inc.) -- C:\Windows\System32\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM [On_Demand | Running])

DRV - [2008/01/20 23:23:26 | 00,040,504 | ---- | M] (Hewlett-Packard Company) -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs [Disabled | Stopped])

DRV - [2008/01/20 23:23:22 | 00,200,704 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\VSTAZL3.SYS -- (HSFHWAZL [On_Demand | Stopped])

DRV - [2008/02/05 21:06:17 | 00,985,600 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_DPV.sys -- (HSF_DPV [On_Demand | Running])

DRV - [2008/02/05 21:06:16 | 00,207,360 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSXHWAZL.sys -- (HSXHWAZL [On_Demand | Running])

DRV - [2007/02/28 21:03:07 | 00,277,784 | ---- | M] (Intel Corporation) -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor [boot | Running])

DRV - [2008/01/20 23:23:23 | 00,235,064 | ---- | M] (Intel Corporation) -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV [Disabled | Stopped])

DRV - [2008/02/04 21:08:42 | 01,776,128 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (igfx [On_Demand | Running])

DRV - [2006/11/02 06:50:17 | 00,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp [Disabled | Stopped])

DRV - [2008/01/22 21:11:14 | 02,032,280 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService [On_Demand | Running])

DRV - [2006/11/02 06:50:07 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi [Disabled | Stopped])

DRV - [2006/11/02 06:50:09 | 00,035,944 | ---- | M] (Integrated Technology Express, Inc.) -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid [Disabled | Stopped])

DRV - [2008/01/20 23:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC [Disabled | Stopped])

DRV - [2008/01/20 23:23:25 | 00,089,656 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS [Disabled | Stopped])

DRV - [2008/01/20 23:23:23 | 00,096,312 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI [Disabled | Stopped])

DRV - [2008/02/05 21:06:17 | 00,012,672 | ---- | M] (Conexant) -- C:\Windows\System32\DRIVERS\mdmxsdk.sys -- (mdmxsdk [Auto | Running])

DRV - [2008/01/20 23:23:27 | 00,031,288 | ---- | M] (LSI Corporation) -- C:\Windows\system32\drivers\megasas.sys -- (megasas [Disabled | Stopped])

DRV - [2008/01/20 23:23:27 | 00,386,616 | ---- | M] (LSI Corporation, Inc.) -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR [Disabled | Stopped])

DRV - [2006/11/02 06:49:59 | 00,033,384 | ---- | M] (LSI Logic Corporation) -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x [Disabled | Stopped])

DRV - [2008/01/20 23:23:20 | 02,225,664 | ---- | M] (Intel Corporation) -- C:\Windows\System32\DRIVERS\NETw3v32.sys -- (NETw3v32 [On_Demand | Stopped])

DRV - [2006/11/02 06:50:19 | 00,045,160 | ---- | M] (IBM Corporation) -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960 [Disabled | Stopped])

DRV - [2006/11/02 04:36:50 | 00,020,608 | ---- | M] (N-trig Innovative Technologies) -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi [Disabled | Stopped])

DRV - [2008/01/20 23:23:21 | 00,102,968 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid [Disabled | Stopped])

DRV - [2008/01/20 23:23:21 | 00,045,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor [Disabled | Stopped])

DRV - [2007/07/26 07:00:00 | 00,043,872 | ---- | M] (Sonic Solutions) -- C:\Windows\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running])

DRV - [2008/01/20 23:23:24 | 01,122,360 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300 [Disabled | Stopped])

DRV - [2006/11/02 06:50:35 | 00,106,088 | ---- | M] (QLogic Corporation) -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx [Disabled | Stopped])

DRV - [2007/04/17 20:09:28 | 00,011,032 | ---- | M] (InterVideo) -- C:\Windows\System32\drivers\regi.sys -- (regi [Auto | Running])

DRV - [2006/11/02 03:37:21 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Windows\System32\drivers\secdrv.sys -- (secdrv [Auto | Running])

DRV - [2007/12/16 22:57:23 | 00,009,344 | ---- | M] (Sony Corporation) -- C:\Windows\System32\DRIVERS\SFEP.sys -- (SFEP [On_Demand | Running])

DRV - [2008/01/20 23:23:26 | 00,074,808 | ---- | M] (Silicon Integrated Systems) -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4 [Disabled | Stopped])

DRV - [2006/11/02 06:50:05 | 00,035,944 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx [Disabled | Stopped])

DRV - [2006/11/02 06:49:56 | 00,031,848 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi [Disabled | Stopped])

DRV - [2006/11/02 06:50:03 | 00,034,920 | ---- | M] (LSI Logic) -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3 [Disabled | Stopped])

DRV - [2007/06/05 21:00:39 | 00,812,544 | ---- | M] (Texas Instruments) -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony [On_Demand | Running])

DRV - [2008/01/20 23:23:20 | 00,238,648 | ---- | M] (ULi Electronics Inc.) -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci [Disabled | Stopped])

DRV - [2006/11/02 06:50:35 | 00,098,408 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata [Disabled | Stopped])

DRV - [2008/01/20 23:23:23 | 00,115,816 | ---- | M] (Promise Technology, Inc.) -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2 [Disabled | Stopped])

DRV - [2008/01/20 23:23:00 | 00,020,024 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\system32\drivers\viaide.sys -- (viaide [Disabled | Stopped])

DRV - [2008/01/20 23:23:23 | 00,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid [Disabled | Stopped])

DRV - [2007/05/26 05:03:06 | 00,128,104 | R--- | M] (Microsoft Corporation) -- C:\Windows\System32\DRIVERS\wimfltr.sys -- (WimFltr [On_Demand | Stopped])

DRV - [2008/02/05 21:06:16 | 00,659,968 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\HSX_CNXT.sys -- (winachsf [On_Demand | Running])

DRV - [2008/02/05 21:06:19 | 00,008,192 | ---- | M] (Conexant Systems, Inc.) -- C:\Windows\System32\DRIVERS\xaudio.sys -- (XAudio [Auto | Running])

DRV - [2008/02/05 21:05:55 | 00,246,784 | ---- | M] (Marvell) -- C:\Windows\System32\DRIVERS\yk60x86.sys -- (yukonwlh [On_Demand | Running])

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaio.sony-latin.com/

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

 

 

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-94811920-443078115-4158635329-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaio.sony-latin.com/

IE - HKU\S-1-5-21-94811920-443078115-4158635329-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data over 100 bytes]

IE - HKU\S-1-5-21-94811920-443078115-4158635329-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm

IE - HKU\S-1-5-21-94811920-443078115-4158635329-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

IE - HKU\S-1-5-21-94811920-443078115-4158635329-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKU\S-1-5-21-94811920-443078115-4158635329-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.terra.com.br/

IE - HKU\S-1-5-21-94811920-443078115-4158635329-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1

IE - HKU\S-1-5-21-94811920-443078115-4158635329-1000\SOFTWARE\Microsoft\Internet Explorer\Search,AutoSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/saautosearch.aspx

IE - HKU\S-1-5-21-94811920-443078115-4158635329-1000\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

IE - HKU\S-1-5-21-94811920-443078115-4158635329-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

IE - HKU\S-1-5-21-94811920-443078115-4158635329-1000\S-1-5-21-94811920-443078115-4158635329-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-94811920-443078115-4158635329-1000\S-1-5-21-94811920-443078115-4158635329-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

 

 

O1 HOSTS File: (307199 bytes) - C:\Windows\System32\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1 localhost

O1 - Hosts: ::1 localhost

O1 - Hosts: 127.0.0.1 www.007guard.com

O1 - Hosts: 127.0.0.1 007guard.com

O1 - Hosts: 127.0.0.1 008i.com

O1 - Hosts: 127.0.0.1 www.008k.com

O1 - Hosts: 127.0.0.1 008k.com

O1 - Hosts: 127.0.0.1 www.00hq.com

O1 - Hosts: 127.0.0.1 00hq.com

O1 - Hosts: 127.0.0.1 010402.com

O1 - Hosts: 127.0.0.1 www.032439.com

O1 - Hosts: 127.0.0.1 032439.com

O1 - Hosts: 127.0.0.1 www.0scan.com

O1 - Hosts: 127.0.0.1 0scan.com

O1 - Hosts: 127.0.0.1 www.1000gratisproben.com

O1 - Hosts: 127.0.0.1 1000gratisproben.com

O1 - Hosts: 127.0.0.1 www.1001namen.com

O1 - Hosts: 127.0.0.1 1001namen.com

O1 - Hosts: 127.0.0.1 100888290cs.com

O1 - Hosts: 127.0.0.1 www.100888290cs.com

O1 - Hosts: 127.0.0.1 100sexlinks.com

O1 - Hosts: 127.0.0.1 www.100sexlinks.com

O1 - Hosts: 127.0.0.1 10sek.com

O1 - Hosts: 127.0.0.1 www.10sek.com

O1 - Hosts: 127.0.0.1 www.1-2005-search.com

O1 - Hosts: 10575 more lines...

O2 - BHO: (Facilitador de Leitor de Link Adobe PDF) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Arquivos de Programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.

O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Arquivos de Programas\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o )

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll (Google Inc.)

O2 - BHO: (Windows Live Toolbar Helper) - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)

O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Arquivos de Programas\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o )

O3 - HKLM\..\Toolbar: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

O3 - HKU\S-1-5-21-94811920-443078115-4158635329-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)

O3 - HKU\S-1-5-21-94811920-443078115-4158635329-1000\..\Toolbar\WebBrowser: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Arquivos de Programas\AVG\AVG8\avgtoolbar.dll (AVG, Technologies CZ, s.r.o )

O3 - HKU\S-1-5-21-94811920-443078115-4158635329-1000\..\Toolbar\WebBrowser: (Windows Live Toolbar) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)

O4 - HKLM..\Run: [AVG8_TRAY] C:\Arquivos de Programas\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)

O4 - HKLM..\Run: [GrooveMonitor] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)

O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe (Intel Corporation)

O4 - HKLM..\Run: [igfxTray] C:\Windows\System32\igfxtray.exe (Intel Corporation)

O4 - HKLM..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)

O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)

O4 - HKLM..\Run: [Persistence] C:\Windows\System32\igfxpers.exe (Intel Corporation)

O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)

O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [unattend0000000001{F1D87F65-04D9-4366-84AB-E1360924BD02}] C:\Program Files\Sony\First Experience\VAIOWelcome.exe File not found

O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKU\.DEFAULT..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

O4 - HKU\S-1-5-18..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.DLL (Microsoft Corporation)

O4 - HKU\S-1-5-21-94811920-443078115-4158635329-1000..\Run: [ares] C:\Program Files\Ares\Ares.exe File not found

O4 - HKU\S-1-5-21-94811920-443078115-4158635329-1000..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-94811920-443078115-4158635329-1000..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-94811920-443078115-4158635329-1000..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-94811920-443078115-4158635329-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - Startup: C:\Users\sipolatti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Beautyscreens1934258099.lnk = C:\Program Files\Beautyscreens\Beautyscreens.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17

O8 - Extra context menu item: &Windows Live Search - C:\Program Files\Windows Live Toolbar\msntb.dll (Microsoft Corporation)

O8 - Extra context menu item: Add to Windows &Live Favorites - File not found

O8 - Extra context menu item: E&xportar para o Microsoft Excel - C:\Arquivos de Programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll (Sun Microsystems, Inc.)

O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de Programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de Programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Arquivos de Programas\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O15 - HKLM\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKU\.DEFAULT\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKU\S-1-5-18\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.

O15 - HKU\S-1-5-21-94811920-443078115-4158635329-1000\..Trusted Domains: 49 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)

O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 201.30.255.6 200.255.125.211

O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de Programas\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Arquivos de Programas\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Filter: - text/xml - C:\Arquivos de Programas\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O18 - Protocol\Filter: - x-sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll (Google Inc.)

O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)

O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\System32\VESWinlogon.dll (Sony Corporation)

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de Programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

O31 - SafeBoot: AlternateShell - cmd.exe

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2006/09/18 18:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{06d909ba-2943-11de-9ce9-001a80f26090}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\winse32.exe -- File not found

O33 - MountPoints2\{06d909ba-2943-11de-9ce9-001a80f26090}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\winse32.exe -- File not found

O33 - MountPoints2\{2dde71b8-0dc0-11de-9169-001a80f26090}\Shell\AutoRun\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\exe32.exe -- File not found

O33 - MountPoints2\{2dde71b8-0dc0-11de-9169-001a80f26090}\Shell\open\command - "" = G:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\exe32.exe -- File not found

O33 - MountPoints2\{8ebb0428-246f-11de-8d5b-001a80f26090}\Shell\AutoRun\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\avi32.exe

O33 - MountPoints2\{8ebb0428-246f-11de-8d5b-001a80f26090}\Shell\open\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\avi32.exe

O33 - MountPoints2\{959c9f58-6506-11de-9d6e-001a80f26090}\Shell\AutoRun\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sys32.exe

O33 - MountPoints2\{959c9f58-6506-11de-9d6e-001a80f26090}\Shell\open\command - "" = RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\sys32.exe

O33 - MountPoints2\{b1ee9870-b57f-11dd-9dd4-001a80f26090}\Shell\AutoRun\command - "" = fooool.exe

O33 - MountPoints2\{b1ee9870-b57f-11dd-9dd4-001a80f26090}\Shell\explore\Command - "" = fooool.exe

O33 - MountPoints2\{b1ee9870-b57f-11dd-9dd4-001a80f26090}\Shell\open\Command - "" = fooool.exe

O34 - HKLM BootExecute: (autocheck) - File not found

O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation)

O34 - HKLM BootExecute: (*) - File not found

 

========== Files/Folders - Created Within 30 Days ==========

 

[2009/08/11 00:04:09 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Users\sipolatti\Desktop\OTL.exe

[2009/08/07 17:47:45 | 00,000,000 | ---D | C] -- C:\Program Files\ESET

[2009/07/31 15:50:22 | 00,000,890 | ---- | C] () -- C:\Users\Public\Desktop\PokerStars.net.lnk

[2009/07/17 15:35:36 | 00,000,000 | ---D | C] -- C:\winnt_

[2009/07/14 00:03:43 | 00,000,733 | ---- | C] () -- C:\Users\Public\Desktop\Click 21.lnk

[2009/07/14 00:03:41 | 00,000,000 | ---D | C] -- C:\Program Files\Click21

[2008/06/13 16:19:50 | 00,344,064 | ---- | C] () -- C:\Windows\System32\SSMSIppCustom.dll

[2008/05/12 11:23:02 | 00,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI

[2008/05/12 09:56:12 | 00,910,464 | ---- | C] () -- C:\Windows\System32\igmedkrn.dll

[2008/05/12 09:56:12 | 00,249,856 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll

[2008/05/12 09:56:12 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1295.dll

[2006/11/02 09:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll

[2006/11/02 07:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\win.ini

[2006/11/02 07:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\system.ini

[2006/11/02 04:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini

 

========== Files - Modified Within 30 Days ==========

 

[2009/08/11 00:05:31 | 00,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{D79BF093-EE1B-450F-A4CC-9D18F8538861}.job

[2009/08/11 00:04:25 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Users\sipolatti\Desktop\OTL.exe

[2009/08/10 23:55:00 | 00,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2009/08/10 22:45:47 | 00,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2009/08/10 22:45:47 | 00,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2009/08/10 21:59:14 | 00,000,525 | ---- | M] () -- C:\Users\sipolatti\Documents\Minhas Pastas de Compartilhamento.lnk

[2009/08/10 20:45:48 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2009/08/10 12:10:53 | 00,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2009/08/10 12:10:25 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2009/08/10 12:10:18 | 21,374,48448 | -HS- | M] () -- C:\hiberfil.sys

[2009/08/08 03:01:40 | 03,425,717 | -H-- | M] () -- C:\Users\sipolatti\AppData\Local\IconCache.db

[2009/08/03 16:57:57 | 00,001,971 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2009/07/31 15:50:22 | 00,000,890 | ---- | M] () -- C:\Users\Public\Desktop\PokerStars.net.lnk

[2009/07/29 20:52:01 | 01,444,766 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2009/07/29 20:52:01 | 00,634,222 | ---- | M] () -- C:\Windows\System32\prfh0416.dat

[2009/07/29 20:52:01 | 00,587,178 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2009/07/29 20:52:01 | 00,121,888 | ---- | M] () -- C:\Windows\System32\prfc0416.dat

[2009/07/29 20:52:01 | 00,101,250 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2009/07/29 16:20:28 | 00,045,568 | ---- | M] () -- C:\Users\sipolatti\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009/07/14 00:03:43 | 00,000,733 | ---- | M] () -- C:\Users\Public\Desktop\Click 21.lnk

< End of report >

 

 

SEGUNDO LOG: extras.txt

____________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________

 

 

OTL Extras logfile created on: 11/08/2009 00:05:20 - Run 1

OTL by OldTimer - Version 3.0.10.5 Folder = C:\Users\sipolatti\Desktop

Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation

Internet Explorer (Version = 7.0.6001.18000)

Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: dd/MM/yyyy

 

1,99 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 47,06% Memory free

4,00 Gb Paging File | 2,98 Gb Available in Paging File | 74,47% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 141,17 Gb Total Space | 92,33 Gb Free Space | 65,41% Space Free | Partition Type: NTFS

D: Drive not present or media not loaded

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: MMVN

Current User Name: sipolatti

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Standard

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{466F882D-0975-4874-B7C9-F875AA237980}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |

"{C5994409-D694-45BC-BDEA-2A32A962FCA4}" = lport=2869 | protocol=6 | dir=in | app=system |

"{E19BD640-5F30-43BB-9F60-9E2C66C5DDE5}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{070646D2-F1EE-4C2F-B8BA-6E303650271C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{0863A7FB-A492-445E-8893-572E1F58B2DE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{141D717E-31CF-4726-920A-F8FCF28AB819}" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |

"{17F0783E-1F70-460B-9C09-FFABAF9A88D5}" = dir=in | app=c:\program files\avg\avg8\avgemc.exe |

"{50BAE414-B2FE-47C6-B9C9-CC1DF1D24819}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{5495EE9E-1256-4326-83DB-70E67A9475AF}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |

"{6597378A-D20C-4818-96C6-BD8BFDCFADA8}" = dir=in | app=c:\program files\skype\phone\skype.exe |

"{6F46D3FF-1ACF-492C-9CE0-A539B9172FF6}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |

"{97FB3E97-B7AE-448F-A7A9-BC51EE05B75D}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |

"{9832AE48-4C9F-4ED2-AFC4-DC75A907B594}" = protocol=6 | dir=in | app=c:\program files\itunes\itunes.exe |

"{A90AA629-3627-4B84-8688-F7DC02FCE601}" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |

"{D4D27193-67E3-4F7D-B227-7AD435DFCCC0}" = dir=in | app=c:\program files\avg\avg8\avgupd.exe |

"{DB762C23-1FEE-4E2E-AD47-0914439FF528}" = dir=in | app=c:\program files\windows live\messenger\livecall.exe |

"{E1B71835-DB11-4E6B-9F75-99D28DAEFD16}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |

"{EFF1EB88-79D3-4AE0-BD0F-9CADAE54B6E8}" = protocol=17 | dir=in | app=c:\program files\itunes\itunes.exe |

"TCP Query User{1A719608-630D-424B-9166-BF644A729F37}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |

"TCP Query User{484642EB-1625-4220-87DE-97B717123BDC}C:\program files\ares\ares.exe" = protocol=6 | dir=in | app=c:\program files\ares\ares.exe |

"TCP Query User{A8E5C411-0358-4E82-BF34-3998701BCA98}C:\program files\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files\limewire\limewire.exe |

"TCP Query User{E73DDF67-3FA4-4542-887E-9D6E402E50F2}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

"TCP Query User{FDF76EDB-6756-4BCD-ADF1-F2624D844400}C:\program files\click21\dialup.exe" = protocol=6 | dir=in | app=c:\program files\click21\dialup.exe |

"UDP Query User{63527D1B-09A3-4F27-A3BB-D01199D36C44}C:\program files\ares\ares.exe" = protocol=17 | dir=in | app=c:\program files\ares\ares.exe |

"UDP Query User{7CF97D94-1D3E-41FA-8308-25D1B3B519D7}C:\program files\click21\dialup.exe" = protocol=17 | dir=in | app=c:\program files\click21\dialup.exe |

"UDP Query User{967FEA34-1523-4B84-925B-91A996411D8E}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |

"UDP Query User{97CDF11D-065E-4FFC-A213-95C86644F684}C:\program files\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files\limewire\limewire.exe |

"UDP Query User{D9C72469-965F-4696-852C-D9A84C27F2F6}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}" = Sony Video Shared Library

"{1316AEF2-E086-46C7-B1FB-8C9A39A2ABF9}" = VAIO Media plus

"{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}" = VAIO Launcher

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{23825B69-36DF-4DAD-9CFD-118D11D80F16}" = VAIO Content Folder Setting

"{27A2ABE9-E4C4-45DD-B9A8-CEEEE380E7E1}" = VAIO Content Metadata Intelligent Analyzing Manager

"{318AB667-3230-41B5-A617-CB3BF748D371}" = iTunes

"{3248F0A8-6813-11D6-A77B-00B0D0160000}" = Java SE Runtime Environment 6

"{3A417047-2E30-4D05-8977-F706D40BFF39}" = Windows Live installer

"{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}" = Adobe Premiere Elements 4.0

"{48820099-ED7D-424B-890C-9A82EF00656D}" = VAIO Update 3

"{49179378-CA9E-4B35-A055-0A7F255F7F25}" = Click21

"{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor

"{4EA55D20-27FB-45D7-8726-147E8A5F6C62}" = VAIO MusicBox

"{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}" = VAIO DVD Menu Data Basic

"{5C5EE8F2-0B38-4C13-AE4E-A87A237FE718}" =

"{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8

"{62682265-C7EB-4EC7-986B-666FE2785900}" = SA25x5 & SA26x5 Device Manager

"{6332AFF1-9D9A-429C-AA03-F82749FA4F49}" = SonicStage Mastering Studio

"{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}" = Click to Disc

"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update

"{6B1F20F2-6321-4669-A58C-33DF8E7517FF}" = VAIO Entertainment Platform

"{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}" = VAIO Movie Story Template Data

"{6FEE62BC-67E3-4083-BEE2-3C33A487F85C}" = Windows Live Toolbar

"{72042FA6-5609-489F-A8EA-3C2DD650F667}" = VAIO Control Center

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{757CC5BA-BF08-46A5-8D10-64C6FDF659C6}" = VAIO Content Metadata Manager Setting

"{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}" = Windows Live Favorites para Windows Live Toolbar

"{7C6999B2-1A35-4F2C-8DB7-3CB46B640CC9}" = ConsumerUpdate

"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP

"{802889F8-6AF5-45A5-9764-CA5B999E50FC}" = VAIO Power Management

"{88902514-B65F-4093-AF94-8DA7B41DCCD8}" = Extensão do Windows Live Toolbar (Windows Live Toolbar)

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}" = Bonjour

"{8EADB73B-026D-4978-A8F0-1EEF5E1ECEC7}" = Windows Live Messenger

"{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00

"{8EDBA74D-0686-4C99-BFDD-F894678E5102}" = Adobe Common File Installer

"{90120000-0015-0416-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Brazil)) 2007

"{90120000-0016-0416-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Brazil)) 2007

"{90120000-0016-0416-0000-0000000FF1CE}_HOMESTUDENTR_{B818F15C-FA76-4262-AB26-C04D0772EED8}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0018-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Brazil)) 2007

"{90120000-0018-0416-0000-0000000FF1CE}_HOMESTUDENTR_{B818F15C-FA76-4262-AB26-C04D0772EED8}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0019-0416-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Brazil)) 2007

"{90120000-001A-0416-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Brazil)) 2007

"{90120000-001B-0416-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Brazil)) 2007

"{90120000-001B-0416-0000-0000000FF1CE}_HOMESTUDENTR_{B818F15C-FA76-4262-AB26-C04D0772EED8}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007

"{90120000-001F-0416-0000-0000000FF1CE}_HOMESTUDENTR_{669EB263-0AFE-4FCB-A068-DB082CA6273C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-0020-0416-0000-0000000FF1CE}" = Pacote de Compatibilidade para o sistema Office 2007

"{90120000-002C-0416-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Brazil)) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0044-0416-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Brazil)) 2007

"{90120000-006E-0416-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Brazil)) 2007

"{90120000-006E-0416-0000-0000000FF1CE}_HOMESTUDENTR_{98003BDC-1B68-4970-B28E-ACC8000D2F3E}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-00A1-0416-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Brazil)) 2007

"{90120000-00A1-0416-0000-0000000FF1CE}_HOMESTUDENTR_{B818F15C-FA76-4262-AB26-C04D0772EED8}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{90120000-00BA-0416-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Brazil)) 2007

"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007

"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)

"{95120000-00AF-0416-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (Portuguese (Brazil))

"{963B65F9-89C7-48BB-8E40-E7583DEC7C8D}" = SonicStage Mastering Studio

"{96D0B6C6-5A72-4B47-8583-A87E55F5FE81}" =

"{98FC7A64-774B-49B5-B046-4B4EBC053FA9}" = VAIO MusicBox Sample Music

"{9C1C8A04-F8CA-4472-A92D-4288CE32DE86}" = SonicStage Mastering Studio Plugins

"{9C71059E-6DDD-4958-9251-7A5F865B6BA0}" = VAIO Content Metadata Intelligent Analyzing Manager

"{9D57C4FB-39C1-4EC3-9386-845FD08453D5}" = Menus Inteligentes (Windows Live Toolbar)

"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Alps Pointing-device for VAIO

"{A4399CF4-7A3F-4E84-B763-AD352640203D}" = VAIO Content Metadata XML Interface Library

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{A63E7492-A0BC-4BB9-89A7-352965222380}" = VAIO Original Function Setting

"{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}" = Setting Utility Series

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1046-7B44-A81200000003}" = Adobe Reader 8.1.2 - Português

"{AF2F1CD9-9842-4F03-B06B-7396561468FF}" = VAIO Help and Support

"{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}" = Assistente de Conexão do Windows Live

"{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}" = VAIO Movie Story

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B7C03E84-AF46-42F4-809D-D4127D9086D0}" = VAIO Edit Components 6.4

"{C7477742-DDB4-43E5-AC8D-0259E1E661B1}" = VAIO Event Service

"{CC016F21-3970-11DE-B878-005056806466}" = Google Earth

"{CC56A2CB-EC09-4175-B8BD-93E2440D410B}" = VAIO Content Metadata Manager Setting

"{D06F5884-B439-440B-A58D-6C057C2FF8EB}" = Click to Disc

"{D0AE373E-C276-432B-9A95-F8DD356A8242}" = VAIO Movie Story

"{D2CE03FF-F1EB-4C78-907E-5F034DAC4F1E}" = VAIO OOBE and Welcome Center

"{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}" = VAIO Wallpaper Contents

"{D90507A2-6183-497D-9075-951DC80362DA}" = VAIO Media plus

"{DEBA60A3-7CDE-48D7-993D-7C68663AEE68}" = VAIO Content Metadata Intelligent Analyzing Manager

"{DF7DB916-90E5-40F2-9010-B8125EB5FD6F}" = SonicStage Mastering Studio Audio Filter

"{E0A086ED-969F-469A-86B1-AE90BCC8F3BC}" = Visualizador do Marcador (Windows Live Toolbar)

"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant

"{EC37A846-53AC-4DA7-98FA-76A4E74AA900}" = SonicStage Mastering Studio Audio Filter Custom Preset

"{EC4455AB-F155-4CC1-A4C5-88F3777F9886}" = Apple Mobile Device Support

"{EE5B6291-45EF-4705-A20E-89A3C5D2F87E}" = Microsoft Works

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F54AC413-D2C6-4A24-B324-370C223C6250}" = Adobe Photoshop Elements 6.0

"{F570A6CC-53ED-4AA9-8B08-551CD3E38D8B}" =

"{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}" = Adobe Premiere Elements 4.0 Templates

"{F958CA02-BB40-4007-894B-258729456EE4}" = QuickTime

"{FACD3674-FC12-4B6C-A923-E1D687704E9B}" = VAIO Content Metadata XML Interface Library

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player Plugin

"Adobe Photoshop Elements 6" = Adobe Photoshop Elements 6.0

"AVG8Uninstall" = AVG Free 8.0

"CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200" = HDAUDIO SoftV92 Data Fax Modem with SmartCP

"ENTERPRISE" = Microsoft Office Enterprise 2007

"ESET Online Scanner" = ESET Online Scanner v3

"Google Chrome" = Google Chrome

"Google Updater" = Google Updater

"HDMI" = Intel® Graphics Media Accelerator Driver

"HOMESTUDENTR" = Microsoft Office Home and Student 2007

"InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}" = WinDVD for VAIO

"InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}" = Click to Disc Editor

"InstallShield_{8ED3A392-28F1-4375-97AC-BF275B5855F9}" = OpenMG Secure Module 5.0.00

"LimeWire" = LimeWire 4.18.8

"PokerStars.net" = PokerStars.net

"PremElem40" = Adobe Premiere Elements 4.0

"PremElem40Templates" = Adobe Premiere Elements 4.0 Templates

"Windows Live Toolbar" = Windows Live Toolbar

 

========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 02/08/2009 17:02:04 | Computer Name = mmvn | Source = VzCdbSvc | ID = 7

Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error

code = 0x80042019)

 

Error - 02/08/2009 17:02:06 | Computer Name = mmvn | Source = WinMgmt | ID = 10

Description =

 

Error - 02/08/2009 17:33:38 | Computer Name = mmvn | Source = WinMgmt | ID = 10

Description =

 

Error - 02/08/2009 17:33:39 | Computer Name = mmvn | Source = VzCdbSvc | ID = 7

Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error

code = 0x80042019)

 

Error - 02/08/2009 23:48:31 | Computer Name = mmvn | Source = WinMgmt | ID = 10

Description =

 

Error - 02/08/2009 23:48:32 | Computer Name = mmvn | Source = VzCdbSvc | ID = 7

Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error

code = 0x80042019)

 

Error - 04/08/2009 04:56:23 | Computer Name = mmvn | Source = VzCdbSvc | ID = 7

Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error

code = 0x80042019)

 

Error - 04/08/2009 04:56:25 | Computer Name = mmvn | Source = WinMgmt | ID = 10

Description =

 

Error - 04/08/2009 06:15:46 | Computer Name = mmvn | Source = VzCdbSvc | ID = 7

Description = Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error

code = 0x80042019)

 

Error - 04/08/2009 06:15:48 | Computer Name = mmvn | Source = WinMgmt | ID = 10

Description =

 

[ OSession Events ]

Error - 20/01/2009 14:37:06 | Computer Name = mmvn | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6308.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 26

seconds with 0 seconds of active time. This session ended with a crash.

 

Error - 09/03/2009 19:46:39 | Computer Name = mmvn | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 0, Application Name: Microsoft Office Word, Application Version:

12.0.6308.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 11

seconds with 0 seconds of active time. This session ended with a crash.

 

[ System Events ]

Error - 06/08/2009 23:41:05 | Computer Name = mmvn | Source = HTTP | ID = 15016

Description =

 

Error - 06/08/2009 23:41:15 | Computer Name = mmvn | Source = Service Control Manager | ID = 7000

Description =

 

Error - 07/08/2009 14:25:00 | Computer Name = mmvn | Source = HTTP | ID = 15016

Description =

 

Error - 07/08/2009 14:25:07 | Computer Name = mmvn | Source = Service Control Manager | ID = 7000

Description =

 

Error - 07/08/2009 16:12:50 | Computer Name = mmvn | Source = HTTP | ID = 15016

Description =

 

Error - 07/08/2009 16:12:57 | Computer Name = mmvn | Source = Service Control Manager | ID = 7000

Description =

 

Error - 08/08/2009 00:53:54 | Computer Name = mmvn | Source = HTTP | ID = 15016

Description =

 

Error - 08/08/2009 00:54:04 | Computer Name = mmvn | Source = Service Control Manager | ID = 7000

Description =

 

Error - 10/08/2009 11:10:25 | Computer Name = mmvn | Source = HTTP | ID = 15016

Description =

 

Error - 10/08/2009 11:10:34 | Computer Name = mmvn | Source = Service Control Manager | ID = 7000

Description =

 

 

< End of report >

[DigRam 144]

Boa Noite! mmnunes

 

<@> Faça um scan online em: < Kaspersky >

<@> Utilize para isso,o navegador Internet Explorer.

<@> Acesse o site,e clique em Kaspersky Online Scanner.

<@> Na próxima página,clique em: I Accept

<@> Isto,para que se instale o controle ActiveX e,em seguida,atualize o banco de dados.

<@> Na próxima página,clique em: My Computer e faça o scan.

<@> Tenha paciência!

<@> Aguarde a atualização da base de dados,e também do exame,que é demorado.

<@> Terminando,salve e poste o relatório.

<@> Clique em Save Report As... para salvar o log. ( Kaspersky_Online_Scanner_7_Report.txt )

<@> Salve o resultado como .txt,segundo a imagem abaixo:

 

 

<@> Poste,também,HijackThis atualizado.

 

Abraços!

[Mário Monteiro 179]

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.