lilicatj 0 Denunciar post Postado Novembro 10, 2009 Oi DigRam, não tem o arquivo :( Olhei dentro das pastas do programa e também não encontrei... Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Novembro 10, 2009 Oi DigRam, não tem o arquivo :( Olhei dentro das pastas do programa e também não encontrei... <><><><><><><><><> Opa! lilicatj <!> Não se preocupe,pois editei o script para lhe permitir a remoção de BitComet. <><><><><><><><><> <@> Abra o HijackThis,e dê Fix nestas entradas: O2 - BHO: BitComet Helper - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - F:\programas\BitComet\tools\BitCometBHO_1.1.8.30.dll O8 - Extra context menu item: Baixar link usando &BitComet - res://F:\programas\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: Baixar todos os links usando BitComet - res://F:\programas\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Baixar todos os vídeos usando BitComet - res://F:\programas\BitComet\BitComet.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) <@> Reinicie o computador! <><><><><><><><><> <!> Poste: ComboFix.txt + HijackThis atualizado. Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
lilicatj 0 Denunciar post Postado Novembro 10, 2009 Bom dia, DigRam! Aqui estão os Logs. Do ComboFix: ComboFix 09-11-08.03 - Lívia 2009-11-10 12:05.6.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1046.18.1023.641 [GMT -2:00] Executando de: c:\documents and settings\Lívia\Desktop\ComboFix.exe Comandos utilizados :: c:\documents and settings\Lívia\Desktop\CFScript.txt AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} FILE :: "c:\windows\system32\42325A4885.sys" . ((((((((((((((((((((((((((((((((((((( Outras Exclusões ))))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\42325A4885.sys . ((((((((((((((((((((((((((((((((((((((( Drivers/Serviços ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_Agendador do LiveUpdate automático (((((((((((((((( Arquivos/Ficheiros criados de 2009-10-10 to 2009-11-10 )))))))))))))))))))))))))))) . 2009-11-08 02:28 . 2009-11-08 02:28 -------- d-----w- c:\arquivos de programas\CCleaner 2009-11-05 17:47 . 2009-11-05 17:50 -------- d-----w- C:\Downloads 2009-11-05 17:46 . 2009-11-05 17:46 -------- d-----w- c:\arquivos de programas\vSoft 2009-11-05 14:50 . 2009-11-05 14:50 -------- d-----w- C:\javaRa 2009-11-05 01:38 . 2009-11-09 23:46 -------- d-s---w- c:\documents and settings\L\My Pando Packages 2009-11-05 01:38 . 2009-11-05 01:38 -------- d-----w- c:\documents and settings\L 2009-11-02 21:20 . 2008-05-09 10:55 180224 -c----w- c:\windows\system32\dllcache\scrobj.dll 2009-11-02 21:20 . 2008-05-09 10:55 172032 -c----w- c:\windows\system32\dllcache\scrrun.dll 2009-11-02 21:20 . 2008-05-09 10:55 90112 -c----w- c:\windows\system32\dllcache\wshext.dll 2009-11-02 21:20 . 2008-05-09 08:45 135168 -c----w- c:\windows\system32\dllcache\cscript.exe 2009-11-02 21:20 . 2008-05-08 11:24 155648 -c----w- c:\windows\system32\dllcache\wscript.exe 2009-11-02 19:49 . 2009-11-02 19:49 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\SlySoft 2009-11-02 19:49 . 2009-11-02 19:49 -------- d-----w- c:\arquivos de programas\SlySoft 2009-11-02 17:27 . 2008-06-14 17:34 272384 -c----w- c:\windows\system32\dllcache\bthport.sys 2009-11-02 17:22 . 2009-02-06 10:10 227840 -c----w- c:\windows\system32\dllcache\wmiprvse.exe 2009-11-02 17:22 . 2009-03-06 14:20 286208 -c----w- c:\windows\system32\dllcache\pdh.dll 2009-11-02 17:22 . 2009-02-09 11:25 111104 -c----w- c:\windows\system32\dllcache\services.exe 2009-11-02 17:22 . 2009-02-09 10:53 401408 -c----w- c:\windows\system32\dllcache\rpcss.dll 2009-11-02 17:22 . 2009-02-09 10:53 473600 -c----w- c:\windows\system32\dllcache\fastprox.dll 2009-11-02 17:22 . 2009-02-09 10:53 683520 -c----w- c:\windows\system32\dllcache\advapi32.dll 2009-11-02 17:22 . 2009-06-25 08:27 732672 -c----w- c:\windows\system32\dllcache\lsasrv.dll 2009-11-02 17:22 . 2009-02-09 10:53 453120 -c----w- c:\windows\system32\dllcache\wmiprvsd.dll 2009-11-02 17:22 . 2009-02-09 10:53 730624 -c----w- c:\windows\system32\dllcache\ntdll.dll 2009-11-02 17:17 . 2008-05-08 14:02 203136 -c----w- c:\windows\system32\dllcache\rmcast.sys 2009-11-02 17:16 . 2008-10-24 11:21 455296 -c----w- c:\windows\system32\dllcache\mrxsmb.sys 2009-11-02 17:15 . 2008-12-11 10:57 333952 -c----w- c:\windows\system32\dllcache\srv.sys 2009-11-02 17:14 . 2009-07-10 13:27 1315328 -c----w- c:\windows\system32\dllcache\msoe.dll 2009-11-02 17:12 . 2008-04-11 19:05 691712 -c----w- c:\windows\system32\dllcache\inetcomm.dll 2009-11-02 17:11 . 2009-08-04 17:27 2149376 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-11-02 17:11 . 2009-08-04 17:27 2070272 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe 2009-11-02 17:11 . 2009-08-04 17:27 2028032 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe 2009-11-02 17:07 . 2008-10-15 16:36 337408 -c----w- c:\windows\system32\dllcache\netapi32.dll 2009-11-02 16:44 . 2009-11-02 16:44 -------- d-----w- c:\windows\l2schemas 2009-11-02 11:50 . 2009-11-02 11:50 -------- d-----w- C:\_OTM 2009-11-02 11:47 . 2009-11-10 05:21 -------- d-----w- C:\backups 2009-11-02 02:28 . 2009-11-02 02:30 -------- d-----w- c:\arquivos de programas\royaltheme 2009-11-02 01:12 . 2008-04-14 02:20 69120 ------w- c:\windows\system32\wlanapi.dll 2009-11-02 01:12 . 2008-04-14 02:20 53248 ------w- c:\windows\system32\tsgqec.dll 2009-11-02 01:12 . 2008-04-14 02:20 50688 ------w- c:\windows\system32\tspkg.dll 2009-11-02 01:11 . 2008-04-13 18:40 10240 ------w- c:\windows\system32\drivers\sffp_mmc.sys 2009-11-02 01:11 . 2008-04-14 02:21 32768 ------w- c:\windows\system32\setupn.exe 2009-11-02 01:11 . 2008-04-14 02:20 290304 ------w- c:\windows\system32\rhttpaa.dll 2009-11-02 01:11 . 2008-04-14 02:20 61952 ------w- c:\windows\system32\rasqec.dll 2009-11-02 01:11 . 2008-04-14 02:20 76800 ------w- c:\windows\system32\qutil.dll 2009-11-02 01:11 . 2008-04-14 02:20 62464 ------w- c:\windows\system32\qcliprov.dll 2009-11-02 01:11 . 2008-04-14 02:20 292864 ------w- c:\windows\system32\qagentrt.dll 2009-11-02 01:11 . 2008-04-14 02:20 150528 ------w- c:\windows\system32\qagent.dll 2009-11-02 01:11 . 2008-04-14 02:20 144896 ------w- c:\windows\system32\onex.dll 2009-11-02 01:10 . 2008-04-14 02:21 176640 ------w- c:\windows\system32\napstat.exe 2009-11-02 01:10 . 2008-04-14 02:20 30208 ------w- c:\windows\system32\napipsec.dll 2009-11-02 01:10 . 2008-04-14 02:20 198656 ------w- c:\windows\system32\napmontr.dll 2009-11-02 01:10 . 2008-09-10 01:15 1307648 -c----w- c:\windows\system32\dllcache\msxml6.dll 2009-11-02 01:10 . 2008-04-14 01:58 86016 -c----w- c:\windows\system32\dllcache\msxml6r.dll 2009-11-02 01:10 . 2008-04-14 02:20 155136 ------w- c:\windows\system32\mssha.dll 2009-11-02 01:10 . 2008-04-14 01:57 80896 ------w- c:\windows\system32\msshavmsg.dll 2009-11-02 01:08 . 2008-04-14 02:20 94720 ------w- c:\windows\system32\eappgnui.dll 2009-11-02 00:41 . 2009-11-01 12:54 35416 ----a-w- c:\arquivos de programas\TurnOffBonjour.exe 2009-10-31 14:26 . 2009-10-31 14:26 -------- d-----w- c:\arquivos de programas\ivdf 2009-10-31 13:21 . 2009-03-30 12:33 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2009-10-31 13:21 . 2009-02-13 14:29 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2009-10-31 13:21 . 2009-02-13 14:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2009-10-31 13:21 . 2009-10-31 13:21 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Avira 2009-10-31 13:21 . 2009-10-31 13:21 -------- d-----w- c:\arquivos de programas\Avira 2009-10-29 19:35 . 2009-07-28 18:33 55656 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2009-10-29 19:13 . 2009-10-29 19:13 -------- d-----w- c:\arquivos de programas\regcleaner 2009-10-29 02:01 . 2009-10-29 17:10 -------- d-----w- c:\arquivos de programas\avz4 2009-10-23 16:58 . 2009-10-23 16:57 411368 ----a-w- c:\windows\system32\deploytk.dll 2009-10-21 22:41 . 2009-10-21 22:41 -------- d-----w- c:\arquivos de programas\Seesmic Desktop 2009-10-17 04:27 . 2009-10-17 04:27 -------- d-----w- c:\arquivos de programas\Braunweb Solutions 2009-10-17 00:29 . 2009-10-17 00:29 -------- d-----w- c:\arquivos de programas\Microsoft Office Outlook Connector 2009-10-17 00:28 . 2009-10-17 00:28 -------- d-----w- c:\arquivos de programas\Microsoft Sync Framework 2009-10-17 00:28 . 2009-10-17 00:28 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2009-10-17 00:24 . 2009-10-17 00:29 -------- d-----w- c:\arquivos de programas\Microsoft . ((((((((((((((((((((((((((((((((((((( Relatório Find3M )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-05 19:02 . 2008-10-02 15:58 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Microsoft Help 2009-11-05 19:02 . 2008-10-02 16:06 -------- d-----w- c:\arquivos de programas\Microsoft Works 2009-11-05 14:51 . 2007-10-23 04:56 -------- d-----w- c:\arquivos de programas\Java 2009-11-04 08:19 . 2002-09-11 12:00 80418 ----a-w- c:\windows\system32\perfc016.dat 2009-11-04 08:19 . 2002-09-11 12:00 472064 ----a-w- c:\windows\system32\perfh016.dat 2009-11-03 12:15 . 2007-12-20 00:07 -------- d-----w- c:\arquivos de programas\Messenger Plus! Live 2009-10-31 13:01 . 2007-10-01 01:14 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Symantec Shared 2009-10-29 18:40 . 2009-07-15 13:34 -------- d-----w- c:\documents and settings\All Users\Dados de aplicativos\Kaspersky Lab 2009-10-29 18:40 . 2009-07-15 13:34 -------- d-----w- c:\arquivos de programas\Kaspersky Lab 2009-10-27 10:07 . 2008-01-07 00:05 -------- d-----w- c:\arquivos de programas\lx_cats 2009-10-22 14:49 . 2009-02-07 01:37 -------- d-----w- c:\arquivos de programas\Arquivos comuns\Adobe AIR 2009-10-22 14:48 . 2009-08-05 13:25 38208 ----a-w- c:\documents and settings\Default User\Dados de aplicativos\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2009-10-17 00:29 . 2007-12-20 00:07 -------- d-----w- c:\arquivos de programas\Windows Live 2009-10-14 19:21 . 2009-08-25 23:36 -------- d-----w- c:\arquivos de programas\BancoCalorias 2009-10-08 02:16 . 2009-10-08 02:14 -------- d-----w- c:\arquivos de programas\REALTEK USB Wireless LAN Driver and Utility 2009-10-08 02:15 . 2009-10-08 02:15 21035 ----a-w- c:\windows\system32\drivers\AegisP.sys 2009-10-08 02:15 . 2007-10-07 23:06 -------- d--h--w- c:\arquivos de programas\InstallShield Installation Information 2009-09-11 14:19 . 2002-09-11 12:00 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-04 21:04 . 2002-09-11 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-29 07:57 . 2006-06-23 16:27 916480 ------w- c:\windows\system32\wininet.dll 2009-08-26 08:15 . 2002-09-11 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-18 02:33 . 2009-08-18 02:33 1193832 ----a-w- c:\windows\system32\FM20.DLL 2008-03-10 02:05 . 2007-10-04 22:24 3818 -csha-w- c:\windows\system32\KGyGaAvL.sys . ------- Sigcheck ------- [-] 2006-10-19 00:47 . C51B4A5C05A5475708E3C81C7765B71D . 27136 . . [11.0.5721.5145] . . c:\windows\system32\mspmsnsv.dll [7] 2004-08-04 07:45 . 2E693831AF9D63784F96018CE4E41897 . 52736 . . [9.0.1.56] . . c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll [7] 2004-08-04 07:45 . 2E693831AF9D63784F96018CE4E41897 . 52736 . . [9.0.1.56] . . c:\windows\ServicePackFiles\i386\mspmsnsv.dll . ((((((((((((((((((((((((((((( SnapShot@2009-11-10_01.15.59 ))))))))))))))))))))))))))))))))))))))))) . + 2009-11-10 14:17 . 2009-11-10 14:17 16384 c:\windows\temp\Perflib_Perfdata_56c.dat . (((((((((((((((((((((((((( Pontos de Carregamento do Registro ))))))))))))))))))))))))))))))))))))))) . . *Nota* entradas vazias e legítimas por defeito não são mostradas. REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Pando"="c:\arquivos de programas\Pando Networks\Pando\Pando.exe" [2009-11-05 4055224] "VoipRaider"="c:\arquivos de programas\VoipRaider.com\VoipRaider\VoipRaider.exe" [2009-08-23 9065264] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="c:\arquivos de programas\Java\jre6\bin\jusched.exe" [2009-10-23 149280] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-17 8491008] "avgnt"="c:\arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-04 44544] c:\documents and settings\All Users\Menu Iniciar\Programas\Inicializar\ REALTEK USB Wireless LAN Utility.lnk - c:\arquivos de programas\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe [2009-10-8 790528] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Arquivos de programas\\VoipDiscount.com\\VoipDiscount\\VoipDiscount.exe"= "c:\\Arquivos de programas\\VoipRaider.com\\VoipRaider\\VoipRaider.exe"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Arquivos de programas\\Microsoft Office\\Office12\\ONENOTE.EXE"= "f:\\programas\\FrostWire\\FrostWire.exe"= "c:\\Arquivos de programas\\iTunes\\iTunes.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Arquivos de programas\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Arquivos de programas\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Documents and Settings\\Lívia\\Configurações locais\\temp\\7zS30.tmp\\SymNRT.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Arquivos de programas\\Pando Networks\\Pando\\Pando.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "17188:TCP"= 17188:TCP:BitComet 17188 TCP "17188:UDP"= 17188:UDP:BitComet 17188 UDP "58391:TCP"= 58391:TCP:Pando P2P TCP Listening Port "58391:UDP"= 58391:UDP:Pando P2P UDP Listening Port "58863:TCP"= 58863:TCP:Pando P2P TCP Listening Port "58863:UDP"= 58863:UDP:Pando P2P UDP Listening Port "57569:TCP"= 57569:TCP:Pando P2P TCP Listening Port "57569:UDP"= 57569:UDP:Pando P2P UDP Listening Port "58289:TCP"= 58289:TCP:Pando "58289:UDP"= 58289:UDP:Pando R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\arquivos de programas\Avira\AntiVir Desktop\sched.exe [2009-10-31 108289] R2 BT878;BtCap, WDM Video Capture;c:\windows\system32\drivers\BT878.SYS [2007-10-07 99334] R2 BTTUNER;BtTuner, WDM TV Tuner;c:\windows\system32\drivers\BTTUNER.SYS [2007-10-07 21824] R2 BTXBAR;BtXBar, WDM Crossbar;c:\windows\system32\drivers\BTXBAR.SYS [2007-10-07 12796] R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [2009-10-08 38144] R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [2002-06-10 31232] S2 cmpe;Context Manager Process Extension;c:\windows\System32\cmpe.exe --> c:\windows\System32\cmpe.exe [?] S3 lxcy_device;lxcy_device;c:\windows\system32\lxcycoms.exe -service --> c:\windows\system32\lxcycoms.exe -service [?] S3 RTL8187B;Realtek RTL8187B Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187B.sys [2009-10-02 223616] S3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\DRIVERS\snp325.sys --> c:\windows\system32\DRIVERS\snp325.sys [?] --- =Outros Serviços/Drivers Na Memória --- *Deregistered* - mbr . Conteúdo da pasta 'Tarefas Agendadas' 2009-10-24 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\arquivos de programas\Apple Software Update\SoftwareUpdate.exe [2008-07-30 14:34] 2009-11-10 c:\windows\Tasks\User_Feed_Synchronization-{85B8E9AE-A5B1-4B97-866E-8481165590FD}.job - c:\windows\system32\msfeedssync.exe [2006-10-17 07:31] . . ------- Scan Suplementar ------- . uStart Page = hxxp://miguelmeuanjinho.blogspot.com/ uInternet Settings,ProxyOverride = *.local IE: E&xport to Microsoft Excel - c:\arquiv~1\MICROS~2\Office12\EXCEL.EXE/3000 DPF: CabBuilder - hxxp://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab FF - ProfilePath - c:\documents and settings\Lívia\Dados de aplicativos\Mozilla\Firefox\Profiles\zu89hb85.default\ FF - prefs.js: browser.startup.homepage - hxxp://miguelmeuanjinho.blogspot.com FF - prefs.js: network.proxy.type - 4 FF - component: c:\documents and settings\Lívia\Dados de aplicativos\Mozilla\Firefox\Profiles\zu89hb85.default\extensions\bkmrksync@nokia.com\components\BkMrkExt.dll FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\arquivos de programas\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\arquivos de programas\Microsoft\Office Live\npOLW.dll FF - plugin: c:\arquivos de programas\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: f:\programas\firefox\plugins\np-mswmp.dll FF - plugin: f:\programas\firefox\plugins\npPandoWebInst.dll FF - plugin: f:\programas\QuickTime\Plugins\npqtplugin.dll FF - plugin: f:\programas\QuickTime\Plugins\npqtplugin2.dll FF - plugin: f:\programas\QuickTime\Plugins\npqtplugin3.dll FF - plugin: f:\programas\QuickTime\Plugins\npqtplugin4.dll FF - plugin: f:\programas\QuickTime\Plugins\npqtplugin5.dll FF - plugin: f:\programas\QuickTime\Plugins\npqtplugin6.dll FF - plugin: f:\programas\QuickTime\Plugins\npqtplugin7.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- . - - - - ORFÃOS REMOVIDOS - - - - HKCU-Run-Google Update - c:\documents and settings\Li´via\Configurac¸o~es locais\Dados de aplicativos\Google\Update\GoogleUpdate.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-11-10 12:18 Windows 5.1.2600 Service Pack 3 NTFS Procurando processos ocultos ... Procurando entradas auto inicializáveis ocultas ... Procurando ficheiros/arquivos ocultos ... Varredura completada com sucesso arquivos/ficheiros ocultos: 0 ************************************************************************** . --------------------- DLLs Carregadas Sob os Processos em Execução --------------------- - - - - - - - > 'explorer.exe'(3424) c:\windows\system32\WININET.dll c:\windows\system32\mshtml.dll c:\windows\system32\msls31.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll f:\programas\Nokia\Nokia PC Suite 7\phonebrowser.dll f:\programas\Nokia\Nokia PC Suite 7\NGSCM.DLL f:\programas\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_por-br.nlr f:\programas\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Outros Processos em Execução ------------------------ . f:\programas\adaw\aawservice.exe c:\arquivos de programas\Avira\AntiVir Desktop\avguard.exe c:\arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\arquivos de programas\Java\jre6\bin\jqs.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\HPZipm12.exe c:\arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe c:\windows\System32\wbem\wmiapsrv.exe . ************************************************************************** . Tempo para conclusão: 2009-11-10 12:26 - Máquina reiniciou ComboFix-quarantined-files.txt 2009-11-10 14:26 ComboFix2.txt 2009-11-10 01:20 Pré-execução: 1,299,320,832 bytes disponíveis Pós execução: 1,155,989,504 bytes disponíveis - - End Of File - - 0AE0D5D13D326D86FE0AD0B956F68D5C Do HJT: Logfile of HijackThis v1.99.1 Scan saved at 12:37, on 2009-11-10 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe F:\programas\adaw\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Arquivos de programas\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\HPZipm12.exe C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wbem\wmiapsrv.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\Arquivos de programas\Java\jre6\bin\jusched.exe C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe C:\Arquivos de programas\Pando Networks\Pando\Pando.exe C:\Arquivos de programas\VoipRaider.com\VoipRaider\VoipRaider.exe C:\Arquivos de programas\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe C:\WINDOWS\explorer.exe F:\programas\firefox\firefox.exe C:\WINDOWS\explorer.exe C:\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://miguelmeuanjinho.blogspot.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Lexmark Barra de ferramentas - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Arquivos de programas\Lexmark Toolbar\toolband.dll O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Arquivos de programas\Windows Live\Messenger\wlchtc.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Lexmark Barra de ferramentas - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Arquivos de programas\Lexmark Toolbar\toolband.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Arquivos de programas\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [avgnt] "C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [Pando] C:\Arquivos de programas\Pando Networks\Pando\Pando.exe /Minimized O4 - HKCU\..\Run: [VoipRaider] "C:\Arquivos de programas\VoipRaider.com\VoipRaider\VoipRaider.exe" -nosplash -minimized O4 - Global Startup: REALTEK USB Wireless LAN Utility.lnk = ? O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\ARQUIV~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\ARQUIV~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International O14 - IERESET.INF: SEARCH_PAGE_URL=&http://home.microsoft.com/intl/br/access/allinone.asp O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} - http://img2.orkut.com/activex/10035/photouploader.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - http://www.oifotos.com/custom/send3/ImageUploader5.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1191260282687 O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} - http://www.oifotos.com/lib/ImageUploader3.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\ARQUIV~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\ARQUIV~1\ARQUIV~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - F:\programas\adaw\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe O23 - Service: Dispositivo Celular da Apple (Apple Mobile Device) - Apple Inc. - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Context Manager Process Extension (cmpe) - Unknown owner - C:\WINDOWS\System32\cmpe.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: iPod Service - Apple Inc. - C:\Arquivos de programas\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Arquivos de programas\Java\jre6\bin\jqs.exe" -service -config "C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe O23 - Service: NBService - Nero AG - F:\programas\nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: ServiceLayer - Nokia. - C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe Abraços!!! Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Novembro 11, 2009 Bom Dia! lilicatj <!> Como está a máquina? Ainda temos travamentos? <><><><><><><><><><> <@> Baixe: < mbr.exe v.0.3.7 > ( by Gmer ) <@> Salve-o em C:\ ou C:\Documents and Settings\[UserName]\,dando preferência ao diretório em que abre o prompt. <-- Importante! <@> Vá em Iniciar --> Executar --> Digite: cmd --> OK. <@> No prompt,digite: C:\>mbr.exe -f ou C:\Documents and Settings\Lívia\>mbr.exe -f <@> Aperte Enter. <><><><><><><><><><> <@> Baixe: < Win32kDiag.exe > <@> Salve-o no desktop! <@> Execute-o e poste o relatório: Win32kDiag.txt <-- Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
lilicatj 0 Denunciar post Postado Novembro 15, 2009 Olá DigRam, boa noite! O PC as vezes trava ainda. Hoje ele ficou com a tela preta algumas vezes (parecia luz de boate em câmera lenta) e no final a tela ficou preta de vez. Aqui está o relatório... mas o relatorio é só isso mesmo? Running from: C:\Documents and Settings\Lívia\Desktop\Win32kDiag.exe Log file at : C:\Documents and Settings\Lívia\Desktop\Win32kDiag.txt WARNING: Could not get backup privileges! Searching 'C:\WINDOWS'... Finished! Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Novembro 15, 2009 Bom Dia! lilicatj <!> Pelo visto,seus problemas não estão associados à vírus. O PC as vezes trava ainda. Hoje ele ficou com a tela preta algumas vezes (parecia luz de boate em câmera lenta) e no final a tela ficou preta de vez. <!> Verificou seus componentes hardwares? ( Placa de vídeo,Memória RAM ) Aqui está o relatório... mas o relatorio é só isso mesmo? <!> Sim! Quando está limpo. <@> Baixe: < > (...par A.Rothstein & dj Quiou ) <@> Salve-o no desktop! <@> Feche programas que estejam abertos,e execute a ferramenta. <@> Clique no botão Recherche,para iniciar o scan. <-- Aguarde! <@> Terminando,teremos relacionados os itens que serão removidos. <@> Clique no botão Supression para remover os itens encontrados. <@> Clique,à seguir,em Quitter. <@> Poste o relatório: ( C:\TCleaner.txt ) <-- <><><><><><><><><><><><> <@> Faça um escaneamento de desinfecção,em: < BitDefender > <@> Ps: Utilize o navegador Internet Explorer! <@> Abrirá a página: BitDefender OnLine Scanner ( Free and effective malware cleanup directly from your browser ) <@> Clique em Start Scanner --> <@> Aguarde e aceite a instalação do ActiveX,para que possa ocorrer o scan. <@> Terminando,poste o relatório: C:\Windows\BDOSCAN8\bdoscan.log <-- Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
lilicatj 0 Denunciar post Postado Novembro 20, 2009 Olá, DigRam, boa tarde! Relatório do TollsCleaner: [ Rapport ToolsCleaner version 2.3.11 (par A.Rothstein & dj QUIOU) ] --> Recherche: C:\HijackThis.exe: trouvé ! C:\Combofix.txt: trouvé ! C:\hijackthis.log: trouvé ! C:\mbr.log: trouvé ! C:\mbr.exe: trouvé ! C:\Qoobox: trouvé ! C:\_OTM: trouvé ! C:\Documents and Settings\Lívia\mbr.exe: trouvé ! C:\Documents and Settings\Lívia\Desktop\ComboFix.exe: trouvé ! C:\Qoobox\Quarantine\catchme.log: trouvé ! C:\WINDOWS\mbr.exe: trouvé ! --------------------------------- --> Suppression: C:\HijackThis.exe: supprimé ! C:\Documents and Settings\Lívia\Desktop\ComboFix.exe: ERREUR DE SUPPRESSION !! C:\Combofix.txt: supprimé ! C:\hijackthis.log: supprimé ! C:\mbr.log: supprimé ! C:\mbr.exe: supprimé ! C:\Documents and Settings\Lívia\mbr.exe: supprimé ! C:\Qoobox\Quarantine\catchme.log: supprimé ! C:\WINDOWS\mbr.exe: supprimé ! C:\Qoobox: supprimé ! C:\_OTM: supprimé ! O bit defender eu não consegui passar. Ele trava em 6%. Tentei algumas vezes e foi no máximo até 12%. Vou sair agora e deixar rodando. Se for, na volta eu posto aqui o relatório, ok? Abraços Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Novembro 20, 2009 Boa Tarde! lilicatj O bit defender eu não consegui passar. Ele trava em 6%. Tentei algumas vezes e foi no máximo até 12%.Vou sair agora e deixar rodando. Se for, na volta eu posto aqui o relatório, ok? <!> Se não tiver êxito,faça o scan em EsetNod32. <><><><><><><><><><> <@> Faça um escaneamento,online,em: < Eset Nod32 > <@> Utilize o navegador Internet Explorer. <@> Marque a caixa: "SIM,aceito as condições de uso" --> Iniciar. <@> Marque a caixa: "YES, I accept the Terms of Use" --> Start. <@> Aceite a instalação do ActiveX e,ao terminar,salve e poste o relatório. ( C:\Arquivos de programas\EsetOnlineScanner\log ) Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
lilicatj 0 Denunciar post Postado Novembro 22, 2009 Olá DigRam, boa noite Consegui no Eset: Aqui vai o LOG: ESETSmartInstaller@High as CAB hook log: OnlineScanner.ocx - registred OK # version=7 # iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339) # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=80c0ba241828894bb36dc5fb072c88ae # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2009-11-22 12:19:24 # local_time=2009-11-21 10:19:24 (-0300, Horário brasileiro de verão) # country="Brazil" # lang=1046 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=1280 16777215 100 0 1080137 1080137 0 0 # compatibility_mode=1797 16775125 100 100 0 33846811 0 0 # compatibility_mode=8192 67108863 100 0 0 0 0 0 # scanned=159415 # found=0 # cleaned=0 # scan_time=5801 Abraços Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Novembro 22, 2009 Bom Dia! lilicatj <@> Baixe: < > ( ...by OldTimer Tools ) <@> Salve-o no desktop! <@> Segundo a imagem,mude a opção em "Output" para "Minimal Output". <@> Duplo-clique em OTL.exe --> Marque a opção "Scan All Users". <@> Clique em: < > --> Aguarde! <@> Poste: <1> OTL.txt <-- <2> Extra.txt <-- Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
lilicatj 0 Denunciar post Postado Novembro 22, 2009 Olá, DigRam, bom dia! Os logs: OTL: OTL logfile created on: 2009-11-22 11:05:56 - Run 1 OTL by OldTimer - Version 3.1.6.3 Folder = C:\Documents and Settings\Lívia\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: yyyy-MM-dd 1023.23 Mb Total Physical Memory | 581.57 Mb Available Physical Memory | 56.84% Memory free 2.40 Gb Paging File | 2.04 Gb Available in Paging File | 84.81% Paging File free Paging file location(s): c:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas Drive C: | 16.62 Gb Total Space | 1.13 Gb Free Space | 6.81% Space Free | Partition Type: NTFS Drive D: | 26.54 Gb Total Space | 18.88 Gb Free Space | 71.16% Space Free | Partition Type: FAT32 Drive E: | 4.89 Gb Total Space | 4.86 Gb Free Space | 99.45% Space Free | Partition Type: NTFS Drive F: | 15.76 Gb Total Space | 5.82 Gb Free Space | 36.94% Space Free | Partition Type: FAT32 Drive G: | 59.62 Gb Total Space | 55.20 Gb Free Space | 92.58% Space Free | Partition Type: NTFS Drive H: | 19.52 Gb Total Space | 11.38 Gb Free Space | 58.28% Space Free | Partition Type: FAT32 Drive I: | 19.52 Gb Total Space | 6.54 Gb Free Space | 33.49% Space Free | Partition Type: FAT32 Drive J: | 8.91 Gb Total Space | 2.08 Gb Free Space | 23.38% Space Free | Partition Type: NTFS Drive L: | 467.84 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive N: | 44.72 Gb Total Space | 6.74 Gb Free Space | 15.06% Space Free | Partition Type: NTFS Drive O: | 44.71 Gb Total Space | 4.06 Gb Free Space | 9.08% Space Free | Partition Type: NTFS Computer Name: BRCC01 Current User Name: Lívia Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Lívia\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Arquivos de programas\Pando Networks\Pando\pando.exe (Pando Networks) PRC - F:\programas\firefox\firefox.exe (Mozilla Corporation) PRC - C:\Arquivos de programas\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) PRC - C:\Arquivos de programas\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\update.exe (Avira GmbH) PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\WINDOWS\system32\wbem\wmiprvse.exe (Microsoft Corporation) PRC - C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - F:\programas\adaw\aawservice.exe (Lavasoft AB) PRC - C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation) PRC - C:\Arquivos de programas\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.) PRC - C:\WINDOWS\system32\HPZipm12.exe (HP) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Lívia\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\system32\wbem\framedyn.dll (Microsoft Corporation) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (cmpe) -- File not found SRV - (JavaQuickStarterService) -- C:\Arquivos de programas\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) SRV - (AntiVirService) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (SeaPort) -- C:\Arquivos de programas\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Arquivos de programas\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (iPod Service) -- C:\Arquivos de programas\iPod\bin\iPodService.exe (Apple Inc.) SRV - (Apple Mobile Device) -- C:\Arquivos de programas\Arquivos comuns\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (Apple Inc.) SRV - (odserv) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (Microsoft Office Groove Audit Service) -- C:\Arquivos de programas\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation) SRV - (ServiceLayer) -- C:\Arquivos de programas\PC Connectivity Solution\ServiceLayer.exe (Nokia.) SRV - (FontCache3.0.0.0) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (idsvc) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (NetTcpPortSharing) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (aspnet_state) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (Microsoft Corporation) SRV - (helpsvc) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll (Microsoft Corporation) SRV - (FLEXnet Licensing Service) -- C:\Arquivos de programas\Arquivos comuns\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (Adobe LM Service) -- C:\Arquivos de programas\Arquivos comuns\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems) SRV - (aawservice) -- F:\programas\adaw\aawservice.exe (Lavasoft AB) SRV - (NVSvc) -- C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation) SRV - (WMPNetworkSvc) -- C:\Arquivos de programas\Windows Media Player\WMPNetwk.exe (Microsoft Corporation) SRV - (ose) -- C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (NBService) -- F:\programas\nero\Nero 7\Nero BackItUp\NBService.exe (Nero AG) SRV - (lxcy_device) -- C:\WINDOWS\System32\lxcycoms.exe ( ) SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP) ========== Driver Services (SafeList) ========== DRV - (AegisP) AEGIS Protocol (IEEE 802.1x) -- C:\WINDOWS\system32\drivers\AegisP.sys (Meetinghouse Data Communications) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH) DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH) DRV - (GEARAspiWDM) -- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV - (avgio) -- C:\Arquivos de programas\Avira\AntiVir Desktop\avgio.sys (Avira GmbH) DRV - (AnyDVD) -- C:\WINDOWS\system32\drivers\AnyDVD.sys (SlySoft, Inc.) DRV - (ElbyCDIO) -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV - (PxHelp20) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys (Sonic Solutions) DRV - (RTL8187B) -- C:\WINDOWS\system32\drivers\rtl8187B.sys (Realtek Semiconductor Corporation ) DRV - (upperdev) -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys (Windows ® Codename Longhorn DDK provider) DRV - (UsbserFilt) -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys (Windows ® Codename Longhorn DDK provider) DRV - (nmwcdc) -- C:\WINDOWS\system32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\WINDOWS\system32\drivers\ccdcmb.sys (Nokia) DRV - (usbser) -- C:\WINDOWS\system32\drivers\usbser.sys (Microsoft Corporation) DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (usbaudio) Driver de áudio USB (WDM) -- C:\WINDOWS\system32\drivers\usbaudio.sys (Microsoft Corporation) DRV - (SCDEmu) -- C:\WINDOWS\system32\drivers\scdemu.sys (PowerISO Computing, Inc.) DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (pccsmcfd) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys (Nokia) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (EAPPkt) -- C:\WINDOWS\system32\drivers\EAPPkt.sys (Windows ® 2000 DDK provider) DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.) DRV - (HPZid412) -- C:\WINDOWS\system32\drivers\HPZid412.sys (HP) DRV - (HPZius12) -- C:\WINDOWS\system32\drivers\HPZius12.sys (HP) DRV - (HPZipr12) -- C:\WINDOWS\system32\drivers\HPZipr12.sys (HP) DRV - (d347prt) -- C:\WINDOWS\System32\Drivers\d347prt.sys ( ) DRV - (d347bus) -- C:\WINDOWS\System32\DRIVERS\d347bus.sys ( ) DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation) DRV - (PQNTDrv) -- C:\WINDOWS\system32\drivers\PQNTDRV.sys (PowerQuest Corporation) DRV - (SiSRaid) -- C:\WINDOWS\system32\DRIVERS\SiSRaid.sys (Silicon Integrated Systems) DRV - (SISAGP) -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys (Silicon Integrated Systems Corporation) DRV - (BT878) -- C:\WINDOWS\system32\drivers\BT878.SYS (Windows ® 2000 DDK provider) DRV - (SiSide) -- C:\WINDOWS\system32\DRIVERS\siside.sys (Silicon Integrated Systems Corp.) DRV - (sisidex) -- C:\WINDOWS\system32\drivers\sisidex.sys (Windows ® 2000 DDK provider) DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.) DRV - (sisperf) -- C:\WINDOWS\system32\drivers\sisperf.sys (Silicon Integrated Systems Corp.) DRV - (cmpci) C-Media PCI Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\cmaudio.sys (C-Media Inc) DRV - (RMSPPPOE) WAN Miniport (PPP over Ethernet Protocol) -- C:\WINDOWS\system32\drivers\RMSPPPOE.SYS (Robert Schlabbach) DRV - (BTTUNER) -- C:\WINDOWS\system32\drivers\BTTUNER.SYS (TelSignal Co., Ltd.) DRV - (BTXBAR) -- C:\WINDOWS\system32\drivers\BTXBAR.SYS (TelSignal Co., Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-19\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://securityresponse.symantec.com/avcenter/fix_homepage IE - HKU\S-1-5-20\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-117609710-616249376-725345543-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-117609710-616249376-725345543-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch IE - HKU\S-1-5-21-117609710-616249376-725345543-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://miguelmeuanjinho.blogspot.com/ IE - HKU\S-1-5-21-117609710-616249376-725345543-1002\S-1-5-21-117609710-616249376-725345543-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-117609710-616249376-725345543-1002\S-1-5-21-117609710-616249376-725345543-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://miguelmeuanjinho.blogspot.com" FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:3.9.7 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}:6.0.03 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16 FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1 FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.658 FF - prefs.js..extensions.enabledItems: pt-BR@dictionaries.addons.mozilla.org:1.0.0.1 FF - prefs.js..extensions.enabledItems: {1DEAE5AA-E19E-458b-9C8C-73CB651B9A58}:3.4 FF - prefs.js..extensions.enabledItems: {9f94fab0-58a2-11dd-ae16-0800200c9a66}:3.0.26 FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.15 FF - prefs.js..network.proxy.type: 4 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009-08-08 04:02:12 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ff [2009-10-23 14:57:41 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Components: F:\programas\firefox\components [2007-10-03 21:51:14 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.0.15\extensions\\Plugins: F:\programas\firefox\plugins [2007-10-03 21:51:14 | 00,000,000 | ---D | M] [2008-08-27 18:06:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lívia\Dados de aplicativos\Mozilla\Extensions [2008-08-27 18:06:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lívia\Dados de aplicativos\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384} [2009-11-21 20:04:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lívia\Dados de aplicativos\Mozilla\Firefox\Profiles\zu89hb85.default\extensions [2009-11-11 15:37:30 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lívia\Dados de aplicativos\Mozilla\Firefox\Profiles\zu89hb85.default\extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2009-07-24 23:28:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lívia\Dados de aplicativos\Mozilla\Firefox\Profiles\zu89hb85.default\extensions\{1DEAE5AA-E19E-458b-9C8C-73CB651B9A58} [2009-08-09 01:58:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lívia\Dados de aplicativos\Mozilla\Firefox\Profiles\zu89hb85.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2009-08-24 01:14:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lívia\Dados de aplicativos\Mozilla\Firefox\Profiles\zu89hb85.default\extensions\{9f94fab0-58a2-11dd-ae16-0800200c9a66} [2008-11-02 15:13:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lívia\Dados de aplicativos\Mozilla\Firefox\Profiles\zu89hb85.default\extensions\bkmrksync@nokia.com [2008-12-14 15:57:04 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lívia\Dados de aplicativos\Mozilla\Firefox\Profiles\zu89hb85.default\extensions\pt-BR@dictionaries.addons.mozilla.org [2009-07-24 23:28:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Lívia\Dados de aplicativos\Mozilla\Firefox\Profiles\zu89hb85.default\extensions\{1DEAE5AA-E19E-458b-9C8C-73CB651B9A58}\chrome\mozapps\extensions [2009-02-11 21:40:46 | 00,000,682 | ---- | M] () -- C:\Documents and Settings\Lívia\Dados de aplicativos\Mozilla\Firefox\Profiles\zu89hb85.default\searchplugins\ask.xml O1 HOSTS File: (27 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Facilitador de Leitor de Link Adobe PDF) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Arquivos de programas\Arquivos comuns\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Lexmark Barra de ferramentas) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Arquivos de programas\Lexmark Toolbar\toolband.dll () O2 - BHO: (Click-to-Call BHO) - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Arquivos de programas\Windows Live\Messenger\wlchtc.dll (Microsoft Corporation) O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Arquivos de programas\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (Auxiliar de Conexão do Windows Live) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Arquivos de programas\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Arquivos de programas\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Lexmark Barra de ferramentas) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Arquivos de programas\Lexmark Toolbar\toolband.dll () O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Arquivos de programas\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation) O3 - HKU\S-1-5-21-117609710-616249376-725345543-1002\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found. O3 - HKU\S-1-5-21-117609710-616249376-725345543-1002\..\Toolbar\WebBrowser: (Lexmark Barra de ferramentas) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Arquivos de programas\Lexmark Toolbar\toolband.dll () O4 - HKLM..\Run: [avgnt] C:\Arquivos de programas\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [GrooveMonitor] C:\Arquivos de programas\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Arquivos de programas\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKU\S-1-5-21-117609710-616249376-725345543-1002..\Run: [msnmsgr] C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-117609710-616249376-725345543-1002..\Run: [Pando] C:\Arquivos de programas\Pando Networks\Pando\Pando.exe (Pando Networks) O4 - HKU\S-1-5-21-117609710-616249376-725345543-1002..\Run: [VoipRaider] C:\Arquivos de programas\VoipRaider.com\VoipRaider\VoipRaider.exe (VoipRaider) O4 - HKU\.DEFAULT..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation) O4 - HKU\S-1-5-18..\RunOnce: [tscuninstall] C:\WINDOWS\system32\tscupgrd.exe (Microsoft Corporation) O4 - Startup: C:\Documents and Settings\All Users\Menu Iniciar\Programas\Inicializar\REALTEK USB Wireless LAN Utility.lnk = C:\Arquivos de programas\REALTEK USB Wireless LAN Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-117609710-616249376-725345543-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-117609710-616249376-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-117609710-616249376-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-117609710-616249376-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-117609710-616249376-725345543-1002_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Arquivos de programas\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Incluir no Blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : &Incluir no Blog no Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Arquivos de programas\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Arquivos de programas\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Arquivos de programas\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Arquivos de programas\Messenger\msmsgs.exe (Microsoft Corporation) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Arquivos de programas\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support) O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} http://img2.orkut.com/activex/10035/photouploader.cab (Reg Error: Key error.) O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} http://www.oifotos.com/custom/send3/ImageUploader5.cab (Reg Error: Key error.) O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab (BDSCANONLINE Control) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1191260282687 (WUWebControl Class) O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab (Reg Error: Key error.) O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} http://www.oifotos.com/lib/ImageUploader3.cab (Reg Error: Key error.) O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O16 - DPF: CabBuilder http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab (Reg Error: Key error.) O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.15.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Arquivos de programas\Arquivos comuns\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Arquivos de programas\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Arquivos de programas\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Arquivos de programas\Arquivos comuns\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O22 - SharedTaskScheduler: {A3717295-941D-416F-9384-ED1736729F1C} - scpLIB - Reg Error: Key error. File not found O24 - Desktop Components:0 (Minha página inicial atual) - About:Home O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Arquivos de programas\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2007-03-02 21:08:10 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe () O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found ========== Files/Folders - Created Within 30 Days ========== [2009-11-22 11:04:36 | 00,528,896 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Lívia\Desktop\OTL.exe [2009-11-22 10:37:09 | 00,000,000 | RH-D | C] -- C:\Documents and Settings\Lívia\Recent [2009-11-21 20:28:25 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\ESET [2009-11-20 14:55:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Lívia\Dados de aplicativos\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1 [2009-11-20 14:55:33 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\TweetDeck [2009-11-11 20:23:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Lívia\Meus documentos\AdobeStockPhotos [2009-11-08 00:28:50 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\CCleaner [2009-11-05 15:47:30 | 00,000,000 | ---D | C] -- C:\Downloads [2009-11-05 15:46:45 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\vSoft [2009-11-05 12:50:00 | 00,000,000 | ---D | C] -- C:\javaRa [2009-11-02 19:20:15 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrobj.dll [2009-11-02 19:20:15 | 00,172,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\scrrun.dll [2009-11-02 19:20:14 | 00,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wscript.exe [2009-11-02 19:20:14 | 00,135,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cscript.exe [2009-11-02 19:20:14 | 00,090,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wshext.dll [2009-11-02 17:58:02 | 00,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\.zreglib [2009-11-02 17:49:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\SlySoft [2009-11-02 17:49:15 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\SlySoft [2009-11-02 15:27:06 | 00,272,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2009-11-02 15:22:19 | 00,227,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvse.exe [2009-11-02 15:22:12 | 00,401,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcss.dll [2009-11-02 15:22:12 | 00,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pdh.dll [2009-11-02 15:22:12 | 00,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\services.exe [2009-11-02 15:22:10 | 00,473,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fastprox.dll [2009-11-02 15:22:08 | 00,683,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\advapi32.dll [2009-11-02 15:22:06 | 00,732,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lsasrv.dll [2009-11-02 15:22:06 | 00,453,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wmiprvsd.dll [2009-11-02 15:22:05 | 00,730,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntdll.dll [2009-11-02 15:17:22 | 00,203,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rmcast.sys [2009-11-02 15:16:50 | 00,455,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2009-11-02 15:15:46 | 00,333,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys [2009-11-02 15:14:21 | 01,315,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msoe.dll [2009-11-02 15:12:59 | 00,691,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll [2009-11-02 15:11:32 | 02,149,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2009-11-02 15:11:28 | 02,070,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe [2009-11-02 15:11:28 | 02,028,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2009-11-02 15:07:46 | 00,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\netapi32.dll [2009-11-02 14:44:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\l2schemas [2009-11-02 09:47:05 | 00,000,000 | ---D | C] -- C:\backups [2009-11-02 00:28:47 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\royaltheme [2009-11-01 23:12:37 | 00,069,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wlanapi.dll [2009-11-01 23:12:11 | 00,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tsgqec.dll [2009-11-01 23:12:11 | 00,050,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\tspkg.dll [2009-11-01 23:11:41 | 00,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sffp_mmc.sys [2009-11-01 23:11:39 | 00,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\setupn.exe [2009-11-01 23:11:26 | 00,290,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rhttpaa.dll [2009-11-01 23:11:23 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rasqec.dll [2009-11-01 23:11:22 | 00,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qutil.dll [2009-11-01 23:11:18 | 00,292,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagentrt.dll [2009-11-01 23:11:18 | 00,150,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qagent.dll [2009-11-01 23:11:18 | 00,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\qcliprov.dll [2009-11-01 23:11:08 | 00,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\onex.dll [2009-11-01 23:10:43 | 00,176,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napstat.exe [2009-11-01 23:10:42 | 00,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napmontr.dll [2009-11-01 23:10:42 | 00,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\napipsec.dll [2009-11-01 23:10:38 | 01,307,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6.dll [2009-11-01 23:10:38 | 00,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml6r.dll [2009-11-01 23:10:32 | 00,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mssha.dll [2009-11-01 23:10:32 | 00,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msshavmsg.dll [2009-11-01 23:09:59 | 00,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcex.dll [2009-11-01 23:09:59 | 00,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\microsoft.managementconsole.dll [2009-11-01 23:09:59 | 00,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcfxcommon.dll [2009-11-01 23:09:59 | 00,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mmcperf.exe [2009-11-01 23:09:33 | 00,037,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\l2gpstore.dll [2009-11-01 23:09:32 | 00,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kmsvc.dll [2009-11-01 23:09:32 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdpash.dll [2009-11-01 23:09:32 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnepr.dll [2009-11-01 23:09:32 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdiultn.dll [2009-11-01 23:09:31 | 00,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdbhc.dll [2009-11-01 23:09:28 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dpcdll.dll [2009-11-01 23:09:28 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pidgen.dll [2009-11-01 23:09:24 | 00,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\smtpapi.dll [2009-11-01 23:09:23 | 00,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\rwnh.dll [2009-11-01 23:09:09 | 00,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ieencode.dll [2009-11-01 23:09:03 | 00,144,384 | ---- | C] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\drivers\hdaudbus.sys [2009-11-01 23:08:51 | 00,184,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapp3hst.dll [2009-11-01 23:08:51 | 00,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapphost.dll [2009-11-01 23:08:51 | 00,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappcfg.dll [2009-11-01 23:08:51 | 00,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappgnui.dll [2009-11-01 23:08:51 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapqec.dll [2009-11-01 23:08:51 | 00,040,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eappprxy.dll [2009-11-01 23:08:51 | 00,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapsvc.dll [2009-11-01 23:08:51 | 00,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\eapolqec.dll [2009-11-01 23:08:48 | 00,651,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3ui.dll [2009-11-01 23:08:48 | 00,133,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3svc.dll [2009-11-01 23:08:48 | 00,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3cfg.dll [2009-11-01 23:08:48 | 00,056,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3msm.dll [2009-11-01 23:08:48 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3gpclnt.dll [2009-11-01 23:08:48 | 00,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3dlg.dll [2009-11-01 23:08:47 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dot3api.dll [2009-11-01 23:08:44 | 00,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dhcpqec.dll [2009-11-01 23:08:44 | 00,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsroam.dll [2009-11-01 23:08:44 | 00,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dimsntfy.dll [2009-11-01 23:08:38 | 00,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\credssp.dll [2009-11-01 23:08:28 | 00,233,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\azroles.dll [2009-11-01 23:08:28 | 00,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\bitsprx4.dll [2009-11-01 23:08:14 | 00,136,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\aaclient.dll [2009-11-01 22:41:01 | 00,035,416 | ---- | C] (Sipphone, Inc) -- C:\Arquivos de programas\TurnOffBonjour.exe [2009-10-31 12:26:36 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\ivdf [2009-10-31 11:21:30 | 00,096,104 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys [2009-10-31 11:21:30 | 00,045,416 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntdd.sys [2009-10-31 11:21:30 | 00,022,360 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntmgr.sys [2009-10-31 11:21:29 | 00,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys [2009-10-31 11:21:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Dados de aplicativos\Avira [2009-10-31 11:21:24 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\Avira [2009-10-29 17:35:34 | 00,055,656 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys [2009-10-29 17:13:11 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\regcleaner [2009-10-29 00:01:37 | 00,000,000 | ---D | C] -- C:\Arquivos de programas\avz4 [2009-10-23 14:58:27 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll [2009-10-23 14:58:27 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2009-10-23 14:58:27 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2009-10-23 14:58:27 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2008-09-19 00:17:13 | 00,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnp325.dll [2008-08-31 02:52:05 | 00,096,768 | ---- | C] ( ) -- C:\WINDOWS\System32\libsndfile.dll [2008-01-06 22:04:08 | 00,409,600 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyinpa.dll [2008-01-06 22:04:08 | 00,393,216 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyiesc.dll [2008-01-06 22:03:20 | 01,183,744 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyserv.dll [2008-01-06 22:03:20 | 00,995,328 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyusb1.dll [2008-01-06 22:03:20 | 00,696,320 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyhbn3.dll [2008-01-06 22:03:20 | 00,536,576 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcylmpm.dll [2008-01-06 22:03:20 | 00,163,840 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcyprox.dll [2008-01-06 22:03:20 | 00,114,688 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcypplc.dll [2008-01-06 22:03:19 | 00,610,304 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycomc.dll [2008-01-06 22:03:19 | 00,421,888 | ---- | C] ( ) -- C:\WINDOWS\System32\lxcycomm.dll [2007-10-01 15:27:10 | 00,155,136 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347bus.sys [2007-10-01 15:27:10 | 00,005,248 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\d347prt.sys [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2009-11-22 11:04:39 | 00,528,896 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Lívia\Desktop\OTL.exe [2009-11-22 10:58:57 | 00,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-11-22 10:58:48 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009-11-22 10:58:41 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009-11-22 10:39:12 | 00,000,454 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{85B8E9AE-A5B1-4B97-866E-8481165590FD}.job [2009-11-22 03:29:02 | 18,350,080 | -H-- | M] () -- C:\Documents and Settings\Lívia\NTUSER.DAT [2009-11-20 23:40:00 | 00,000,300 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2009-11-20 17:43:06 | 00,000,040 | -HS- | M] () -- C:\Documents and Settings\All Users\Dados de aplicativos\.zreglib [2009-11-20 14:55:35 | 00,000,680 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TweetDeck.lnk [2009-11-20 14:19:30 | 00,021,552 | ---- | M] () -- C:\Documents and Settings\Lívia\Meus documentos\cc_20091120_141921.reg [2009-11-18 18:22:22 | 00,455,680 | ---- | M] () -- C:\Documents and Settings\Lívia\Desktop\ToolsCleaner2(2).exe [2009-11-15 00:50:32 | 00,047,616 | ---- | M] () -- C:\Documents and Settings\Lívia\Desktop\Win32kDiag.exe [2009-11-12 12:54:46 | 01,554,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2009-11-12 09:26:07 | 00,069,648 | ---- | M] () -- C:\Documents and Settings\Lívia\Configurações locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT [2009-11-11 16:18:14 | 00,033,283 | ---- | M] () -- C:\Documents and Settings\Lívia\Meus documentos\karen_s_house12_rect640.jpg [2009-11-11 12:06:03 | 00,031,232 | ---- | M] () -- C:\Documents and Settings\Lívia\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-11-11 11:45:00 | 00,022,489 | ---- | M] () -- C:\Documents and Settings\Lívia\Meus documentos\thisoldhouse.jpg [2009-11-11 11:08:22 | 00,067,251 | ---- | M] () -- C:\Documents and Settings\Lívia\Meus documentos\business-cards-various-styles-14b.jpg [2009-11-11 11:06:03 | 00,113,236 | ---- | M] () -- C:\Documents and Settings\Lívia\Meus documentos\business-cards-various-styles-80.jpg [2009-11-10 12:18:50 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009-11-10 12:18:02 | 00,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2009-11-09 23:01:12 | 03,563,165 | R--- | M] () -- C:\Documents and Settings\Lívia\Desktop\ComboFix.exe [2009-11-08 11:30:30 | 00,002,376 | ---- | M] () -- C:\Documents and Settings\Lívia\Desktop\Google Chrome.lnk [2009-11-08 04:18:32 | 01,580,950 | -H-- | M] () -- C:\Documents and Settings\Lívia\Configurações locais\Dados de aplicativos\IconCache.db [2009-11-08 02:19:33 | 00,017,260 | ---- | M] () -- C:\Documents and Settings\Lívia\Desktop\sf_alicia.ttf [2009-11-08 00:28:52 | 00,001,620 | ---- | M] () -- C:\Documents and Settings\Lívia\Desktop\CCleaner.lnk [2009-11-06 10:53:52 | 00,267,264 | ---- | M] () -- C:\WINDOWS\PEV.exe [2009-11-05 15:36:21 | 26,768,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\MRT.exe [2009-11-05 14:27:54 | 00,042,241 | ---- | M] () -- C:\Documents and Settings\Lívia\Meus documentos\sofá_salatv_ideias.jpg [2009-11-04 23:38:01 | 00,001,653 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Pando.lnk [2009-11-04 06:19:05 | 00,472,064 | ---- | M] () -- C:\WINDOWS\System32\perfh016.dat [2009-11-04 06:19:05 | 00,435,840 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2009-11-04 06:19:05 | 00,080,418 | ---- | M] () -- C:\WINDOWS\System32\perfc016.dat [2009-11-04 06:19:05 | 00,068,544 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2009-11-04 06:19:04 | 01,070,424 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2009-11-04 03:10:04 | 00,001,141 | ---- | M] () -- C:\WINDOWS\win.ini [2009-11-03 01:44:02 | 00,277,765 | ---- | M] () -- C:\Documents and Settings\Lívia\Meus documentos\103009-felthouse.jpg [2009-11-02 20:54:08 | 00,017,478 | ---- | M] () -- C:\Documents and Settings\Lívia\Meus documentos\14012009349.JPG [2009-11-02 20:52:40 | 00,021,648 | ---- | M] () -- C:\Documents and Settings\Lívia\Meus documentos\tecnisasa.jpg [2009-11-02 20:52:29 | 00,025,817 | ---- | M] () -- C:\Documents and Settings\Lívia\Meus documentos\tecnisas.a.jpg [2009-11-02 17:49:26 | 00,000,810 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AnyDVD.lnk [2009-11-02 15:04:15 | 00,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2009-11-02 14:34:32 | 00,251,696 | RHS- | M] () -- C:\ntldr [2009-11-01 10:54:16 | 00,035,416 | ---- | M] (Sipphone, Inc) -- C:\Arquivos de programas\TurnOffBonjour.exe [2009-10-31 11:21:58 | 00,001,779 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk [2009-10-23 14:57:40 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll [2009-10-23 14:57:40 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2009-10-23 14:57:40 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2009-10-23 14:57:40 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2009-10-23 14:57:40 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] ========== Files Created - No Company Name ========== [2009-11-20 14:55:35 | 00,000,680 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TweetDeck.lnk [2009-11-20 14:19:27 | 00,021,552 | ---- | C] () -- C:\Documents and Settings\Lívia\Meus documentos\cc_20091120_141921.reg [2009-11-18 18:22:22 | 00,455,680 | ---- | C] () -- C:\Documents and Settings\Lívia\Desktop\ToolsCleaner2(2).exe [2009-11-15 00:50:32 | 00,047,616 | ---- | C] () -- C:\Documents and Settings\Lívia\Desktop\Win32kDiag.exe [2009-11-11 16:18:13 | 00,033,283 | ---- | C] () -- C:\Documents and Settings\Lívia\Meus documentos\karen_s_house12_rect640.jpg [2009-11-11 11:45:00 | 00,022,489 | ---- | C] () -- C:\Documents and Settings\Lívia\Meus documentos\thisoldhouse.jpg [2009-11-11 11:08:21 | 00,067,251 | ---- | C] () -- C:\Documents and Settings\Lívia\Meus documentos\business-cards-various-styles-14b.jpg [2009-11-11 11:06:01 | 00,113,236 | ---- | C] () -- C:\Documents and Settings\Lívia\Meus documentos\business-cards-various-styles-80.jpg [2009-11-09 23:03:32 | 00,267,264 | ---- | C] () -- C:\WINDOWS\PEV.exe [2009-11-08 02:19:32 | 00,017,260 | ---- | C] () -- C:\Documents and Settings\Lívia\Desktop\sf_alicia.ttf [2009-11-05 14:35:05 | 03,563,165 | R--- | C] () -- C:\Documents and Settings\Lívia\Desktop\ComboFix.exe [2009-11-05 14:27:53 | 00,042,241 | ---- | C] () -- C:\Documents and Settings\Lívia\Meus documentos\sofá_salatv_ideias.jpg [2009-11-04 23:38:01 | 00,001,653 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Pando.lnk [2009-11-03 01:44:01 | 00,277,765 | ---- | C] () -- C:\Documents and Settings\Lívia\Meus documentos\103009-felthouse.jpg [2009-11-02 20:54:07 | 00,017,478 | ---- | C] () -- C:\Documents and Settings\Lívia\Meus documentos\14012009349.JPG [2009-11-02 20:52:40 | 00,021,648 | ---- | C] () -- C:\Documents and Settings\Lívia\Meus documentos\tecnisasa.jpg [2009-11-02 20:52:26 | 00,025,817 | ---- | C] () -- C:\Documents and Settings\Lívia\Meus documentos\tecnisas.a.jpg [2009-11-02 17:58:02 | 00,000,040 | -HS- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\.zreglib [2009-11-02 17:49:26 | 00,000,810 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AnyDVD.lnk [2009-11-01 23:09:23 | 00,001,950 | ---- | C] () -- C:\WINDOWS\System32\pid.inf [2009-10-31 11:21:58 | 00,001,779 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Avira AntiVir Control Center.lnk [2009-08-25 21:36:27 | 00,000,038 | ---- | C] () -- C:\WINDOWS\TOMAR_AGUA.INI [2009-01-08 19:57:31 | 00,000,408 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini [2008-08-31 02:52:06 | 00,421,888 | ---- | C] () -- C:\WINDOWS\System32\OpenQuicktimeLib.dll [2008-08-31 02:52:06 | 00,225,610 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll [2008-03-31 20:39:22 | 00,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2008-03-31 20:39:18 | 00,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008-03-31 20:39:18 | 00,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008-03-31 20:39:17 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2008-03-31 20:39:14 | 00,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2008-03-31 20:39:14 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008-03-25 20:47:53 | 00,000,033 | ---- | C] () -- C:\WINDOWS\iltwain.ini [2008-01-23 17:44:54 | 00,000,305 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\addr_file.html [2008-01-06 22:04:09 | 00,040,960 | ---- | C] () -- C:\WINDOWS\System32\lxcyvs.dll [2008-01-06 22:04:07 | 00,303,104 | ---- | C] () -- C:\WINDOWS\System32\lxcycoin.dll [2008-01-06 22:03:38 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\lxcycaps.dll [2008-01-06 22:03:37 | 00,692,224 | ---- | C] () -- C:\WINDOWS\System32\lxcydrs.dll [2008-01-06 22:03:37 | 00,061,440 | ---- | C] () -- C:\WINDOWS\System32\lxcycnv4.dll [2008-01-06 22:03:20 | 00,233,472 | ---- | C] () -- C:\WINDOWS\System32\lxcyinst.dll [2007-12-13 12:26:53 | 00,001,817 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI [2007-12-06 01:57:07 | 00,335,872 | ---- | C] () -- C:\WINDOWS\System32\ldf252.dll [2007-10-25 10:26:48 | 00,000,453 | ---- | C] () -- C:\WINDOWS\bdoscandellang.ini [2007-10-10 18:25:16 | 00,005,056 | ---- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\hpzinstall.log [2007-10-07 23:13:24 | 00,002,336 | ---- | C] () -- C:\WINDOWS\TSCTNDBG.INI [2007-10-07 23:13:22 | 00,010,970 | ---- | C] () -- C:\WINDOWS\TSCTVDIV.INI [2007-10-07 23:13:22 | 00,000,025 | ---- | C] () -- C:\WINDOWS\TSCFM.INI [2007-10-07 23:13:21 | 00,020,292 | ---- | C] () -- C:\WINDOWS\TSCTVMSG.INI [2007-10-07 23:12:10 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\DTVdrv.dll [2007-10-07 23:12:10 | 00,012,188 | ---- | C] () -- C:\WINDOWS\System32\DTVdrvNT.sys [2007-10-07 23:12:08 | 00,019,321 | ---- | C] () -- C:\WINDOWS\Tsctvfm.ini [2007-10-07 23:12:08 | 00,001,082 | ---- | C] () -- C:\WINDOWS\TSCTV.INI [2007-10-07 23:12:08 | 00,000,113 | ---- | C] () -- C:\WINDOWS\IFOLDER.INI [2007-10-05 12:12:06 | 00,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2007-10-04 20:40:59 | 00,031,232 | ---- | C] () -- C:\Documents and Settings\Lívia\Configurações locais\Dados de aplicativos\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2007-10-04 20:28:04 | 00,069,648 | ---- | C] () -- C:\Documents and Settings\Lívia\Configurações locais\Dados de aplicativos\GDIPFONTCACHEV1.DAT [2007-10-04 20:24:38 | 00,003,818 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2007-10-04 19:50:09 | 00,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2007-10-04 19:50:07 | 00,733,696 | ---- | C] () -- C:\WINDOWS\System32\qedwipes.dll [2007-10-04 19:50:06 | 00,070,656 | ---- | C] () -- C:\WINDOWS\System32\amstream.dll [2007-10-04 19:50:06 | 00,014,336 | ---- | C] () -- C:\WINDOWS\System32\msdmo.dll [2007-10-01 15:31:33 | 00,000,154 | ---- | C] () -- C:\WINDOWS\wininit.ini [2007-09-30 23:26:29 | 00,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini [2007-09-30 23:11:52 | 00,020,333 | ---- | C] () -- C:\WINDOWS\cmaudio.ini [2007-09-17 02:07:00 | 01,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2007-09-17 02:07:00 | 01,478,656 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2007-09-17 02:07:00 | 01,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2007-09-17 02:07:00 | 00,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2007-09-17 02:07:00 | 00,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll [2007-03-29 23:00:40 | 00,203,264 | R--- | C] () -- C:\WINDOWS\System32\CddbCdda.dll [2007-03-25 11:28:48 | 01,580,950 | -H-- | C] () -- C:\Documents and Settings\Lívia\Configurações locais\Dados de aplicativos\IconCache.db [2007-03-25 11:24:11 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Lívia\Dados de aplicativos\desktop.ini [2007-03-02 21:18:53 | 00,003,694 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini [2007-03-02 21:18:52 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS [2007-03-02 21:08:10 | 00,000,000 | ---- | C] () -- C:\WINDOWS\control.ini [2007-03-02 21:04:11 | 00,000,037 | ---- | C] () -- C:\WINDOWS\vbaddin.ini [2007-03-02 21:04:11 | 00,000,036 | ---- | C] () -- C:\WINDOWS\vb.ini [2007-03-02 21:03:16 | 00,026,931 | ---- | C] () -- C:\WINDOWS\System32\tslabels.ini [2007-03-02 21:03:13 | 00,003,828 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.ini [2007-03-02 20:55:58 | 01,070,424 | ---- | C] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2007-03-02 20:55:57 | 00,004,207 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI [2007-03-02 20:55:21 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Dados de aplicativos\desktop.ini [2006-11-02 09:27:46 | 00,000,518 | ---- | C] () -- C:\WINDOWS\System32\SP207.ini [2006-06-29 15:58:52 | 00,030,808 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont [2006-06-29 15:53:56 | 00,026,489 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont [2006-04-18 16:39:28 | 00,029,779 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont [2006-04-18 16:39:28 | 00,026,040 | ---- | C] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont [2005-09-29 17:42:56 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\linstall.dll [2005-06-10 11:56:06 | 00,120,320 | ---- | C] () -- C:\WINDOWS\System32\UnzDll.dll [2005-06-10 11:55:04 | 00,123,904 | ---- | C] () -- C:\WINDOWS\System32\ZipDll.dll [2004-08-22 18:04:56 | 00,069,120 | ---- | C] () -- C:\WINDOWS\daemon.dll [2004-05-13 21:14:58 | 00,122,880 | ---- | C] () -- C:\WINDOWS\System32\opencrypto.dll [2004-03-18 18:43:44 | 00,843,776 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll [2002-09-11 10:00:00 | 01,015,477 | ---- | C] () -- C:\WINDOWS\System32\esentprf.ini [2002-09-11 10:00:00 | 00,355,112 | ---- | C] () -- C:\WINDOWS\System32\msjetoledb40.dll [2002-09-11 10:00:00 | 00,270,848 | ---- | C] () -- C:\WINDOWS\System32\sbe.dll [2002-09-11 10:00:00 | 00,253,440 | ---- | C] () -- C:\WINDOWS\System32\compatui.dll [2002-09-11 10:00:00 | 00,199,168 | ---- | C] () -- C:\WINDOWS\System32\ir32_32.dll [2002-09-11 10:00:00 | 00,186,880 | ---- | C] () -- C:\WINDOWS\System32\encdec.dll [2002-09-11 10:00:00 | 00,094,282 | ---- | C] () -- C:\WINDOWS\System32\msencode.dll [2002-09-11 10:00:00 | 00,053,478 | ---- | C] () -- C:\WINDOWS\System32\tcpmon.ini [2002-09-11 10:00:00 | 00,042,809 | ---- | C] () -- C:\WINDOWS\System32\key01.sys [2002-09-11 10:00:00 | 00,042,537 | ---- | C] () -- C:\WINDOWS\System32\keyboard.sys [2002-09-11 10:00:00 | 00,035,648 | ---- | C] () -- C:\WINDOWS\System32\ntio411.sys [2002-09-11 10:00:00 | 00,035,424 | ---- | C] () -- C:\WINDOWS\System32\ntio412.sys [2002-09-11 10:00:00 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio804.sys [2002-09-11 10:00:00 | 00,034,560 | ---- | C] () -- C:\WINDOWS\System32\ntio404.sys [2002-09-11 10:00:00 | 00,033,984 | ---- | C] () -- C:\WINDOWS\System32\ntio.sys [2002-09-11 10:00:00 | 00,029,370 | ---- | C] () -- C:\WINDOWS\System32\ntdos411.sys [2002-09-11 10:00:00 | 00,029,274 | ---- | C] () -- C:\WINDOWS\System32\ntdos412.sys [2002-09-11 10:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos804.sys [2002-09-11 10:00:00 | 00,029,146 | ---- | C] () -- C:\WINDOWS\System32\ntdos404.sys [2002-09-11 10:00:00 | 00,027,900 | ---- | C] () -- C:\WINDOWS\System32\ntdos.sys [2002-09-11 10:00:00 | 00,027,097 | ---- | C] () -- C:\WINDOWS\System32\country.sys [2002-09-11 10:00:00 | 00,021,111 | ---- | C] () -- C:\WINDOWS\System32\mqperf.ini [2002-09-11 10:00:00 | 00,015,799 | ---- | C] () -- C:\WINDOWS\System32\rsvp.ini [2002-09-11 10:00:00 | 00,015,360 | ---- | C] () -- C:\WINDOWS\System32\tsd32.dll [2002-09-11 10:00:00 | 00,013,712 | ---- | C] () -- C:\WINDOWS\System32\pschdprf.ini [2002-09-11 10:00:00 | 00,013,312 | ---- | C] () -- C:\WINDOWS\System32\win87em.dll [2002-09-11 10:00:00 | 00,010,240 | ---- | C] () -- C:\WINDOWS\System32\scriptpw.dll [2002-09-11 10:00:00 | 00,009,032 | ---- | C] () -- C:\WINDOWS\System32\ansi.sys [2002-09-11 10:00:00 | 00,006,107 | ---- | C] () -- C:\WINDOWS\System32\rasctrs.ini [2002-09-11 10:00:00 | 00,004,896 | ---- | C] () -- C:\WINDOWS\System32\himem.sys [2002-09-11 10:00:00 | 00,003,043 | ---- | C] () -- C:\WINDOWS\System32\perfci.ini [2002-09-11 10:00:00 | 00,002,924 | ---- | C] () -- C:\WINDOWS\System32\perfwci.ini [2002-09-11 10:00:00 | 00,002,656 | ---- | C] () -- C:\WINDOWS\System32\netware.drv [2002-09-11 10:00:00 | 00,001,405 | ---- | C] () -- C:\WINDOWS\msdfmap.ini [2002-09-11 10:00:00 | 00,001,300 | ---- | C] () -- C:\WINDOWS\System32\perffilt.ini [2002-09-11 10:00:00 | 00,001,141 | ---- | C] () -- C:\WINDOWS\win.ini [2002-09-11 10:00:00 | 00,000,361 | ---- | C] () -- C:\WINDOWS\System32\prodspec.ini [2002-09-11 10:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini [2002-01-01 01:39:54 | 00,032,768 | ---- | C] () -- C:\WINDOWS\SIS_LIB.DLL [2002-01-01 01:39:26 | 00,139,264 | R--- | C] () -- C:\WINDOWS\System32\IDEproperty.dll [2002-01-01 01:38:38 | 00,135,168 | R--- | C] () -- C:\WINDOWS\System32\property.dll [2001-09-05 21:50:20 | 00,157,696 | ---- | C] () -- C:\WINDOWS\System32\paqsp.dll [2001-07-06 16:30:02 | 00,003,277 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI ========== Alternate Data Streams ========== @Alternate Data Stream - 24 bytes -> C:\WINDOWS:1AB285AD820068BA < End of report > Extras: OTL Extras logfile created on: 2009-11-22 11:05:57 - Run 1 OTL by OldTimer - Version 3.1.6.3 Folder = C:\Documents and Settings\Lívia\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000416 | Country: Brasil | Language: PTB | Date Format: yyyy-MM-dd 1023.23 Mb Total Physical Memory | 581.57 Mb Available Physical Memory | 56.84% Memory free 2.40 Gb Paging File | 2.04 Gb Available in Paging File | 84.81% Paging File free Paging file location(s): c:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Arquivos de programas Drive C: | 16.62 Gb Total Space | 1.13 Gb Free Space | 6.81% Space Free | Partition Type: NTFS Drive D: | 26.54 Gb Total Space | 18.88 Gb Free Space | 71.16% Space Free | Partition Type: FAT32 Drive E: | 4.89 Gb Total Space | 4.86 Gb Free Space | 99.45% Space Free | Partition Type: NTFS Drive F: | 15.76 Gb Total Space | 5.82 Gb Free Space | 36.94% Space Free | Partition Type: FAT32 Drive G: | 59.62 Gb Total Space | 55.20 Gb Free Space | 92.58% Space Free | Partition Type: NTFS Drive H: | 19.52 Gb Total Space | 11.38 Gb Free Space | 58.28% Space Free | Partition Type: FAT32 Drive I: | 19.52 Gb Total Space | 6.54 Gb Free Space | 33.49% Space Free | Partition Type: FAT32 Drive J: | 8.91 Gb Total Space | 2.08 Gb Free Space | 23.38% Space Free | Partition Type: NTFS Drive L: | 467.84 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS Drive N: | 44.72 Gb Total Space | 6.74 Gb Free Space | 15.06% Space Free | Partition Type: NTFS Drive O: | 44.71 Gb Total Space | 4.06 Gb Free Space | 9.08% Space Free | Partition Type: NTFS Computer Name: BRCC01 Current User Name: Lívia Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- "%SYSTEMROOT%\hh.exe" %1 .html [@ = FirefoxHTML] -- F:\programas\firefox\firefox.exe (Mozilla Corporation) [HKEY_USERS\S-1-5-21-117609710-616249376-725345543-1002\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- F:\programas\firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 File not found cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "F:\programas\firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [OneNote.Open] -- C:\ARQUIV~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Arquivos de programas\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Arquivos de programas\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Arquivos de programas\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Arquivos de programas\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" File not found ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "17188:TCP" = 17188:TCP:*:Enabled:BitComet 17188 TCP "17188:UDP" = 17188:UDP:*:Enabled:BitComet 17188 UDP "58391:TCP" = 58391:TCP:*:Enabled:Pando P2P TCP Listening Port "58391:UDP" = 58391:UDP:*:Enabled:Pando P2P UDP Listening Port "58863:TCP" = 58863:TCP:*:Enabled:Pando P2P TCP Listening Port "58863:UDP" = 58863:UDP:*:Enabled:Pando P2P UDP Listening Port "57569:TCP" = 57569:TCP:*:Enabled:Pando P2P TCP Listening Port "57569:UDP" = 57569:UDP:*:Enabled:Pando P2P UDP Listening Port "58289:TCP" = 58289:TCP:*:Enabled:Pando "58289:UDP" = 58289:UDP:*:Enabled:Pando ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" = C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation) "C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" = C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Arquivos de programas\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" = C:\Arquivos de programas\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:*:Enabled:VoipDiscount -- (VoipDiscount) "C:\Arquivos de programas\VoipRaider.com\VoipRaider\VoipRaider.exe" = C:\Arquivos de programas\VoipRaider.com\VoipRaider\VoipRaider.exe:*:Enabled:VoipRaider -- (VoipRaider) "C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation) "C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation) "C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE" = C:\Arquivos de programas\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation) "F:\programas\FrostWire\FrostWire.exe" = F:\programas\FrostWire\FrostWire.exe:*:Enabled:FrostWire -- (FrostWire Group) "C:\Arquivos de programas\iTunes\iTunes.exe" = C:\Arquivos de programas\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe" = C:\Arquivos de programas\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation) "C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe" = C:\Arquivos de programas\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation) "C:\Documents and Settings\Lívia\Configurações locais\temp\7zS30.tmp\SymNRT.exe" = C:\Documents and Settings\Lívia\Configurações locais\temp\7zS30.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool -- File not found "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Arquivos de programas\Pando Networks\Pando\Pando.exe" = C:\Arquivos de programas\Pando Networks\Pando\Pando.exe:*:Enabled:Pando -- (Pando Networks) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 "{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3 "{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting "{0C405D1F-359E-41C5-A1A9-383A04BBD5E2}" = Windows Live Galeria de Fotos "{0FCCC22A-4667-49BC-AE94-B2901AD7ADF6}" = Multimedia Keyboard Driver "{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Barra de ferramentas "{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin "{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}" = PC Connectivity Solution "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Ferramenta de Carregamento do Windows Live "{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86 "{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}" = QuickTime "{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2 "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 16 "{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3 "{3186AEAE-E104-424D-9152-1BF6A4404758}" = Nokia Software Updater "{32BC546A-8AA3-4239-AE92-9CF3291C35A6}" = Windows Live Call "{350C9416-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{381C70F0-FC2C-4BEF-B16C-B88FA67A6B7B}" = Assistente de Conexão do Windows Live "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3BE480ED-E17A-431A-981C-5C2EDDBCD3BF}" = Macromedia Flash MX "{3D7E3EC9-46CF-4359-9289-39CE01DFB82F}" = Adobe Photoshop CS3 "{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}" = DAEMON Tools "{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack "{4CBF5DE3-5374-4350-8132-4B9D4DA7BF2E}" = Insert File Plugin for Windows Live Writer "{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings "{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3 "{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3 "{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}" = iTunes "{624DEAA0-B27D-444B-8BFE-70622B318A4A}" = Windows Live Toolbar "{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}" = Adobe Setup "{692854CC-97EF-4307-B787-8C6787B91046}" = Nero 7 Premium "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All "{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}" = Adobe Color Common Settings "{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3 "{74AD1846-2010-4FB1-8E24-B6F2B87150C2}" = Windows Live Mail "{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0 "{7C4196CA-CA41-4F34-9C08-7724E7705D52}" = Jasc Animation Shop 3 "{7E20EFE6-E604-48C6-8B39-BA4742F2CDB4}" = Zune Desktop Theme "{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3 "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86) "{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3 "{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support "{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer "{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12 "{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007 "{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007 "{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007 "{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007 "{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007 "{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007 "{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007 "{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007 "{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007 "{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) "{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007 "{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007 "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581) "{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007 "{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007 "{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007 "{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007 "{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007 "{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007 "{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007 "{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2) "{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3 "{9455959E-D588-EFAE-329C-F66CC797F32A}" = Adobe Media Player "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{95120000-0122-0416-0000-0000000FF1CE}" = Microsoft Office Outlook Connector "{9555B4ED-09A3-4722-8E8C-57A49401D059}" = Windows Live Writer "{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings "{96E94E18-54D6-42C1-8FC4-24DACEDC3395}" = Nokia NSeries System Utilities "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3 "{9E2EE2F7-33BD-4D30-9E5D-8469A9F32009}" = Windows Live Sync "{9F3C8BE0-A54A-2D46-36FB-0029D412B0AC}" = TweetDeck "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps "{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR "{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A8C856AD-63CD-4613-AA29-E6C85607EA06}" = Nokia Software Launcher "{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}" = Pando "{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings "{AC76BA86-7AD7-1046-7B44-A81200000003}" = Adobe Reader 8.1.2 - Português "{AFA20D47-69C3-4030-8DF8-D37466E70F13}" = Apple Mobile Device Support "{B3164E9E-BE08-4F3B-94BC-C6D09C0205E1}" = Nokia Connectivity Cable Driver "{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0 "{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup "{B5ED7AB0-3838-4389-8549-7C8E22DD48F4}" = Windows Live Messenger "{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0 "{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3 "{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86) "{BE686891-3C56-4714-AFEF-341A7867BA80}" = REALTEK USB Wireless LAN Driver and Utility "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client "{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files "{D4134B0B-EA9B-4835-A77A-60BEE6277101}" = Lightroom "{D5577624-0626-4C4B-87AA-D966DA1739D6}" = Nokia PC Suite "{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings "{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware 2007 "{E1077A0C-0DF2-4A9E-AD83-D6ACDFA40890}" = Twitter Plugin for Windows Live Writer "{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update "{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3 "{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0 "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard "{F2CD4651-F948-467C-B014-71FD981B7F59}" = Windows Live Essentials "{F4749535-2B87-498A-B74D-0A01B174E36D}" = PC Camera "{F4EE8763-EAA8-4BC1-8594-8501F5F00414}" = Nokia NSeries One Touch Access "{F779EC8D-6703-4C4A-817C-37B07898E647}" = Nokia NSeries Content Copier "{F89E5AD8-AE47-49B5-B9F9-C498791E6255}" = Nokia NSeries Music Manager "{FA25FAF6-3097-43C9-BBB2-A77CE8AF1881}" = Nokia NSeries Multimedia Player "{FD349381-D79C-4E5C-8980-015DFFB962D5}" = Nokia NSeries Application Installer "{FE64AE29-0883-4C70-8388-DC026019C900}" = HP Image Zone Express "{FF11004C-F42A-4A31-9BCF-7F5C8FDBE53C}" = Adobe Setup "3A5DEFA413DDE699DBA6EBE0A63534ACA524D30F" = Pacote de Driver do Windows - Nokia pccsmcfd (10/12/2007 6.85.4.0) "9CD348AE9C64C4B939B624E8E24F3903EFDFC82B" = Pacote de Driver do Windows - Nokia Modem (05/22/2008 7.00.0.1) "Adobe AIR" = Adobe AIR "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2 "Adobe_6c8e2cb4fd241c55406016127a6ab2e" = Adobe Color Common Settings "Adobe_719d6f144d0c086a0dfa7ff76bb9ac1" = Adobe Photoshop CS3 "Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus "C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD" = Pacote de Driver do Windows - Nokia Modem (05/22/2008 3.8) "CCleaner" = CCleaner "DVD Decrypter" = DVD Decrypter (Remove Only) "ENTERPRISE" = Microsoft Office Enterprise 2007 "ESET Online Scanner" = ESET Online Scanner v3 "FrostWire" = FrostWire 4.17.2 "H80-SkypeKeyboard-USB Phone_is1" = H80-SkypeKeyboard-USB Phone version 3.4.0.8 "IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs "ie8" = Windows Internet Explorer 8 "InstallShield_{21DBBDD6-93A5-4326-9A04-C9A5C9148502}" = Norton PartitionMagic 8.0 "InstallShield_{F4749535-2B87-498A-B74D-0A01B174E36D}" = PC Camera "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 3.8.5 "Lexmark 3400 Series" = Lexmark 3400 Series "Magic ISO Maker v5.3 (build 0221)" = Magic ISO Maker v5.3 (build 0221) "MemoriesOnTV3-CS1_is1" = MemoriesOnTV ClipShow Volume 1 "MemoriesOnTV4_is1" = MemoriesOnTV 4.1.0 "MemoriesOnTV-CS2_is1" = MemoriesOnTV ClipShow Volume 2 "Messenger Plus! Live" = Messenger Plus! Live "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mozilla Firefox (3.0.15)" = Mozilla Firefox (3.0.15) "MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP "NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs "Nokia PC Suite" = Nokia PC Suite "NVIDIA Drivers" = NVIDIA Drivers "Oi Velox Check Up_is1" = Oi Velox Check Up 1.0 "PCI Audio Driver" = PCI Audio Driver "PicaView" = PicaView "PixelView Station" = PixelView Station "PowerISO" = PowerISO "pppoe_is1" = Conexão Oi Velox "Programador de Modem_is1" = LightModem 3.0 "RASPPPOE" = PPP over Ethernet Protocol 0.98 "save2pc_is1" = save2pc 3.0 "ShockwaveFlash" = Adobe Flash Player 9 ActiveX "SystemRequirementsLab" = System Requirements Lab "The Font Thing" = The Font Thing "TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck "VoipDiscount_is1" = VoipDiscount "VoipRaider_is1" = VoipRaider "Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 "WIC" = Windows Imaging Component "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "Windows Media Player" = Windows Media Player 11 "Windows XP Service Pack" = Windows XP Service Pack 3 "WinLiveSuite_Wave3" = Windows Live Essentials "WinRAR archiver" = WinRAR archiver "WM Converter 2.0" = WM Converter 2.0 "WMFDist11" = Windows Media Format 11 runtime "wmp11" = Windows Media Player 11 "Wudf01005" = Microsoft User-Mode Driver Framework Feature Pack 1.5 ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-117609710-616249376-725345543-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "Google Chrome" = Google Chrome ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 2009-11-21 18:17:37 | Computer Name = BRCC01 | Source = crypt32 | ID = 131080 Description = Falha na recuperação de atualização automática do número de seqüência de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> com erro: Esta operação foi retornada porque o tempo limite expirou. Error - 2009-11-21 18:17:37 | Computer Name = BRCC01 | Source = crypt32 | ID = 131080 Description = Falha na recuperação de atualização automática do número de seqüência de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> com erro: O servidor especificado não pode executar a operação solicitada. Error - 2009-11-21 18:27:02 | Computer Name = BRCC01 | Source = crypt32 | ID = 131080 Description = Falha na recuperação de atualização automática do número de seqüência de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> com erro: Esta operação foi retornada porque o tempo limite expirou. Error - 2009-11-21 18:27:02 | Computer Name = BRCC01 | Source = crypt32 | ID = 131080 Description = Falha na recuperação de atualização automática do número de seqüência de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> com erro: O servidor especificado não pode executar a operação solicitada. Error - 2009-11-21 18:27:02 | Computer Name = BRCC01 | Source = crypt32 | ID = 131080 Description = Falha na recuperação de atualização automática do número de seqüência de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> com erro: O servidor especificado não pode executar a operação solicitada. Error - 2009-11-21 18:28:31 | Computer Name = BRCC01 | Source = PerfNet | ID = 2002 Description = Não foi possível abrir o serviço do Redirecionador. Os dados do desempenho do Redirecionador não serão retornados. O código de erro retornado está no dado DWORD 0. Error - 2009-11-22 08:34:54 | Computer Name = BRCC01 | Source = PerfNet | ID = 2002 Description = Não foi possível abrir o serviço do Redirecionador. Os dados do desempenho do Redirecionador não serão retornados. O código de erro retornado está no dado DWORD 0. Error - 2009-11-22 08:35:15 | Computer Name = BRCC01 | Source = crypt32 | ID = 131080 Description = Falha na recuperação de atualização automática do número de seqüência de lista raiz de terceiros de: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> com erro: Esta operação foi retornada porque o tempo limite expirou. Error - 2009-11-22 08:38:23 | Computer Name = BRCC01 | Source = PerfNet | ID = 2002 Description = Não foi possível abrir o serviço do Redirecionador. Os dados do desempenho do Redirecionador não serão retornados. O código de erro retornado está no dado DWORD 0. Error - 2009-11-22 08:59:12 | Computer Name = BRCC01 | Source = PerfNet | ID = 2002 Description = Não foi possível abrir o serviço do Redirecionador. Os dados do desempenho do Redirecionador não serão retornados. O código de erro retornado está no dado DWORD 0. [ System Events ] Error - 2009-11-21 16:46:26 | Computer Name = BRCC01 | Source = Service Control Manager | ID = 7023 Description = O serviço Serviços IPSEC terminou com o erro: %%1747 Error - 2009-11-22 08:34:49 | Computer Name = BRCC01 | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço Context Manager Process Extension devido ao seguinte erro: %%2 Error - 2009-11-22 08:34:49 | Computer Name = BRCC01 | Source = Service Control Manager | ID = 7023 Description = O serviço Serviços IPSEC terminou com o erro: %%1747 Error - 2009-11-22 08:52:15 | Computer Name = BRCC01 | Source = Ntfs | ID = 262199 Description = A estrutura do sistema de arquivos está corrompida e inutilizável. Execute o utilitário chkdsk no volume N:. Error - 2009-11-22 08:52:15 | Computer Name = BRCC01 | Source = SiSRaid | ID = 262155 Description = Error - 2009-11-22 08:58:56 | Computer Name = BRCC01 | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço BtCap, WDM Video Capture devido ao seguinte erro: %%1058 Error - 2009-11-22 08:58:56 | Computer Name = BRCC01 | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço BtTuner, WDM TV Tuner devido ao seguinte erro: %%1058 Error - 2009-11-22 08:58:56 | Computer Name = BRCC01 | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço BtXBar, WDM Crossbar devido ao seguinte erro: %%1058 Error - 2009-11-22 08:58:56 | Computer Name = BRCC01 | Source = Service Control Manager | ID = 7000 Description = Não foi possível iniciar o serviço Context Manager Process Extension devido ao seguinte erro: %%2 Error - 2009-11-22 08:58:56 | Computer Name = BRCC01 | Source = Service Control Manager | ID = 7023 Description = O serviço Serviços IPSEC terminou com o erro: %%1747 < End of report > Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Mário Monteiro 179 Denunciar post Postado Dezembro 23, 2009 Tópico Arquivado Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites
