Puma 78 0 Denunciar post Postado Janeiro 2, 2010 Bom ano de 2010, Agradeço analise log do Hijackthis. Depois de efectuar scan com antivírus, encontram-se 3 ficheiros infectados; kernel32.dll, winsock.dll e wsock32.dll. Log do Hijackthis: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:27:16, on 01-01-2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Mixer.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\pctspk.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing) O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM\..\Run: [CountrySelection] pctptt.exe O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Serviço Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: W2K PCtel speaker phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe -- End of file - 4419 bytes Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Janeiro 2, 2010 Bom Dia! Puma78 <!> Se os ficheiros,ainda,estão na quarentena do Avast recomendo sua restauração. °°°°°°°°°°°°°°°°°°°°°°°° °°°°°°°°°°°°°°°°°°°°°°°° <@> Baixe: < Norman Malware Cleaner > <@> Salve-o no desktop. <@> Abra o arquivo e clique em Executar --> Accept. <@> Clique em Add,para adicionar ou Remove,para remover unidades/setores à serem escaneados. ( C:\*.*,D:\*.*,E:\*.*,etc... ) <@> Clique em "Start scan" --> Aguarde! <@> Terminando,poste o relatório,que estará no desktop. ( NFix_2010-xx-xx_yy-yy-yy.log ) <-- °°°°°°°°°°°°°°°°°°°°°°°° °°°°°°°°°°°°°°°°°°°°°°°° <@> Faça uma análise em: < BitDefender_QuickScan > <@> Na página,clique em "Permitir" para que seja instalado o complemento ao Firefox. <-- Caso utilize esse navegador! <@> Após instalar o complemento,clique em "Iniciar Análise". <@> Marque: "I ACCEPT" --> OK <@> Se houver algum alerta,clique em "Interromper script" para que tenha início o scan. <@> Concluindo,clique em "Ver registro". <@> Poste o relatório: Report 2010-xx-yy _*_.txt Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Puma 78 0 Denunciar post Postado Janeiro 3, 2010 Bom Dia! Puma78 <!> Se os ficheiros,ainda,estão na quarentena do Avast recomendo sua restauração. °°°°°°°°°°°°°°°°°°°°°°°° °°°°°°°°°°°°°°°°°°°°°°°° <@> Baixe: < Norman Malware Cleaner > <@> Salve-o no desktop. <@> Abra o arquivo e clique em Executar --> Accept. <@> Clique em Add,para adicionar ou Remove,para remover unidades/setores à serem escaneados. ( C:\*.*,D:\*.*,E:\*.*,etc... ) <@> Clique em "Start scan" --> Aguarde! <@> Terminando,poste o relatório,que estará no desktop. ( NFix_2010-xx-xx_yy-yy-yy.log ) <-- °°°°°°°°°°°°°°°°°°°°°°°° °°°°°°°°°°°°°°°°°°°°°°°° <@> Faça uma análise em: < BitDefender_QuickScan > <@> Na página,clique em "Permitir" para que seja instalado o complemento ao Firefox. <-- Caso utilize esse navegador! <@> Após instalar o complemento,clique em "Iniciar Análise". <@> Marque: "I ACCEPT" --> OK <@> Se houver algum alerta,clique em "Interromper script" para que tenha início o scan. <@> Concluindo,clique em "Ver registro". <@> Poste o relatório: Report 2010-xx-yy _*_.txt Abraços! Bom dia, Digram Agradeço a atenção aqui vão os reports: Norman Malware Cleaner Version 1.6.2 Copyright © 1990 - 2009, Norman ASA. Built 2009/12/31 08:29:54 Norman Scanner Engine Version: 6.04.03 Nvcbin.def Version: 6.04.00, Date: 2009/12/31 08:29:54, Variants: 4653509 Scan started: 02/01/2010 20:22:25 Running pre-scan cleanup routine: Operating System: Microsoft Windows XP Professional 5.1.2600 Service Pack 2 Logged on user: BF277C0D78A84A6\Computador Scanning bootsectors... Number of sectors found: 0 Number of sectors scanned: 0 Number of sectors not scanned: 0 Number of infections found: 0 Number of infections removed: 0 Total scanning time: 0s 221ms Scanning running processes and process memory... Number of processes/threads found: 2620 Number of processes/threads scanned: 2620 Number of processes/threads not scanned: 0 Number of infected processes/threads terminated: 0 Total scanning time: 8m 58s Scanning file system... Scanning: prescan Scanning: C:\*.* Scanning: D:\*.* Scanning: postscan Running post-scan cleanup routine: Number of files found: 45240 Number of archives unpacked: 266 Number of files scanned: 45238 Number of files not scanned: 2 Number of files skipped due to exclude list: 0 Number of infected files found: 0 Number of infected files repaired/deleted: 0 Number of infections removed: 0 Total scanning time: 1h 2m 7s e BitDefender QuickScan Beta 32-bit v0.9.8.9 ------------------------------------------ Data da análise: Sat Jan 02 22:09:40 2010 ID da máquina: 64879C04 Não foram encontradas infecções. ---------------------------------- Processos --------- <não assinado> Mixer 1424 C:\WINDOWS\Mixer.exe <não assinado> PCTSPK.EXE 1232 C:\WINDOWS\system32\pctspk.exe <verificado> avast! Antivirus 1472 C:\Program Files\Alwil Software\Avast4\ashDisp.exe <verificado> avast! Antivirus 332 C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe <verificado> avast! Antivirus 1296 C:\Program Files\Alwil Software\Avast4\ashServ.exe <verificado> avast! Antivirus 532 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe <verificado> avast! Antivirus 1244 C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe <verificado> GoogleToolbarNotifier 1488 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe <verificado> Microsoft® Visual Studio .NET 1140 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE <verificado> Microsoft® Windows® Operating System 4048 C:\Program Files\Internet Explorer\IEXPLORE.EXE <verificado> Microsoft® Windows® Operating System 1304 C:\WINDOWS\Explorer.EXE <verificado> Microsoft® Windows® Operating System 2224 C:\WINDOWS\System32\alg.exe <verificado> Microsoft® Windows® Operating System 488 C:\WINDOWS\system32\csrss.exe <verificado> Microsoft® Windows® Operating System 1480 C:\WINDOWS\system32\ctfmon.exe <verificado> Microsoft® Windows® Operating System 568 C:\WINDOWS\system32\lsass.exe <verificado> Microsoft® Windows® Operating System 556 C:\WINDOWS\system32\services.exe <verificado> Microsoft® Windows® Operating System 432 C:\WINDOWS\System32\smss.exe <verificado> Microsoft® Windows® Operating System 1832 C:\WINDOWS\system32\spoolsv.exe <verificado> Microsoft® Windows® Operating System 616 C:\WINDOWS\system32\svchost.exe <verificado> Microsoft® Windows® Operating System 724 C:\WINDOWS\system32\svchost.exe <verificado> Microsoft® Windows® Operating System 772 C:\WINDOWS\system32\svchost.exe <verificado> Microsoft® Windows® Operating System 840 C:\WINDOWS\System32\svchost.exe <verificado> Microsoft® Windows® Operating System 904 C:\WINDOWS\system32\svchost.exe <verificado> Microsoft® Windows® Operating System 992 C:\WINDOWS\system32\svchost.exe <verificado> Microsoft® Windows® Operating System 512 C:\WINDOWS\system32\winlogon.exe <verificado> Microsoft® Windows® Operating System 2576 C:\WINDOWS\system32\wuauclt.exe Atividade da Rede Obrigado Compartilhar este post Link para o post Compartilhar em outros sites
DigRam 144 Denunciar post Postado Janeiro 3, 2010 Boa Tarde! Puma 78 <@> Baixe: < > ( ...by OldTimer Tools ) <@> Salve-o no desktop! <@> Segundo a imagem,mude a opção em "Output" para "Minimal Output". <@> Duplo-clique em OTL.exe --> Marque a opção "Scan All Users". <@> Marque as caixas: <!> [] LOP check e [] Purity check <@> Clique em: < > --> Aguarde! <@> Poste: <1> OTL.txt <-- <2> Extra.txt <-- Abraços! Compartilhar este post Link para o post Compartilhar em outros sites
Puma 78 0 Denunciar post Postado Janeiro 10, 2010 Boa Tarde! Puma 78 <@> Baixe: < > ( ...by OldTimer Tools ) <@> Salve-o no desktop! <@> Segundo a imagem,mude a opção em "Output" para "Minimal Output". <@> Duplo-clique em OTL.exe --> Marque a opção "Scan All Users". <@> Marque as caixas: <!> [] LOP check e [] Purity check <@> Clique em: < > --> Aguarde! <@> Poste: <1> OTL.txt <-- <2> Extra.txt <-- Abraços! Bom dia, Obrigado pela sua atenção. Aqui vai; OTL logfile created on: 06-01-2010 22:08:57 - Run 1 OTL by OldTimer - Version 3.1.21.2 Folder = C:\Documents and Settings\Computador\Desktop Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy 239,00 Mb Total Physical Memory | 99,00 Mb Available Physical Memory | 41,00% Memory free 586,00 Mb Paging File | 198,00 Mb Available in Paging File | 34,00% Paging File free Paging file location(s): C:\pagefile.sys 360 720 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,29 Gb Total Space | 23,87 Gb Free Space | 81,50% Space Free | Partition Type: NTFS Drive D: | 47,39 Gb Total Space | 46,71 Gb Free Space | 98,57% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BF277C0D78A84A6 Current User Name: Computador Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\Computador\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC) PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software) PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software) PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\mixer.exe (C-Media Electronic Inc.) PRC - C:\WINDOWS\system32\pctspk.exe (PCtel, Inc.) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\Computador\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b\comctl32.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.) SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google) SRV - (gupdate) Serviço Google Update (gupdate) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.) SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software) SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software) SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software) SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software) SRV - (WMConnectCDS) -- C:\Program Files\Windows Media Connect 2\wmccds.exe (Microsoft Corporation) SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (Pctspk) -- C:\WINDOWS\system32\pctspk.exe (PCtel, Inc.) ========== Driver Services (SafeList) ========== DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software) DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software) DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software) DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software) DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software) DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software) DRV - (JL2005C) -- C:\WINDOWS\system32\drivers\jl2005c.sys (Windows ® 2000 DDK provider) DRV - (SISNICXP) -- C:\WINDOWS\system32\drivers\sisnicxp.sys (SiS Corporation) DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation) DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.) DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (NtApm) -- C:\WINDOWS\system32\drivers\NtApm.sys (Microsoft Corporation) DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation) DRV - (MODEMCSA) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation) DRV - (s3m) -- C:\WINDOWS\system32\drivers\s3m.sys (S3 Incorporated) DRV - (cmpci) C-Media PCI Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\cmaudio.sys (C-Media Inc) DRV - (Vpctcom) -- C:\WINDOWS\system32\DRIVERS\vpctcom.sys (PCtel, Inc.) DRV - (Vmodem) -- C:\WINDOWS\system32\DRIVERS\vmodem.sys (PCTEL, INC.) DRV - (ptserial) -- C:\WINDOWS\system32\drivers\ptserial.sys (PCTEL, INC.) DRV - (Vvoice) -- C:\WINDOWS\system32\DRIVERS\vvoice.sys (PCtel, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1757981266-854245398-842925246-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1757981266-854245398-842925246-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/ IE - HKU\S-1-5-21-1757981266-854245398-842925246-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie IE - HKU\S-1-5-21-1757981266-854245398-842925246-1003\S-1-5-21-1757981266-854245398-842925246-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 [2009-12-26 02:41:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Computador\Application Data\Mozilla\Extensions [2009-12-26 02:41:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Computador\Application Data\Mozilla\Extensions\mozswing@mozswing.org O1 HOSTS File: (734 bytes) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Facilitador de Leitor de Link Adobe PDF) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.) O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-1757981266-854245398-842925246-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software) O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc.) O4 - HKLM..\Run: [CountrySelection] C:\WINDOWS\System32\pctptt.exe (PCtel, Inc.) O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe (HP) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.) O4 - HKU\S-1-5-21-1757981266-854245398-842925246-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - Startup: C:\Documents and Settings\Computador\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Main present O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Main present O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Main present O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Main present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Main present O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Main present O7 - HKU\S-1-5-21-1757981266-854245398-842925246-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1757981266-854245398-842925246-1003\Software\Policies\Microsoft\Internet Explorer\Main present O7 - HKU\S-1-5-21-1757981266-854245398-842925246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKU\S-1-5-21-1757981266-854245398-842925246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKU\S-1-5-21-1757981266-854245398-842925246-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1757981266-854245398-842925246-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Main present O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (qsax Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.113.164.24 212.113.164.51 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009-10-13 17:14:17 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010-01-06 22:06:27 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Computador\Desktop\OTL.exe [2010-01-02 22:58:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\My Documents\LimeWire [2010-01-02 22:56:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Application Data\LimeWire [2010-01-02 22:52:49 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-01-02 22:52:49 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-01-02 22:52:49 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-01-02 22:52:49 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-01-02 22:52:03 | 00,000,000 | ---D | C] -- C:\Program Files\Java [2010-01-02 22:51:19 | 00,000,000 | ---D | C] -- C:\Program Files\LimeWire [2010-01-02 22:50:49 | 18,848,592 | ---- | C] (Lime Wire LLC) -- C:\Documents and Settings\Computador\Desktop\LimeWireWin.exe [2010-01-02 21:57:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Application Data\QuickScan [2010-01-02 13:12:31 | 56,294,728 | ---- | C] (Norman ASA) -- C:\Documents and Settings\Computador\Desktop\Norman_Malware_Cleaner.exe [2010-01-01 18:59:56 | 00,000,000 | -HSD | C] -- C:\RECYCLER [2009-12-31 16:08:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Application Data\Google [2009-12-31 16:06:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google [2009-12-31 16:04:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe [2009-12-27 11:19:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\System [2009-12-27 11:19:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Application Data\SmartDraw [2009-12-27 10:27:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\My Documents\DOC´S JORGE [2009-12-27 08:00:40 | 00,048,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys [2009-12-27 08:00:40 | 00,023,120 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys [2009-12-27 08:00:39 | 00,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys [2009-12-27 08:00:37 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr [2009-12-27 08:00:36 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys [2009-12-27 08:00:36 | 00,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys [2009-12-27 08:00:36 | 00,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys [2009-12-27 08:00:36 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys [2009-12-27 07:59:49 | 01,280,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe [2009-12-27 07:33:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp [2009-12-27 04:33:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\1323C [2009-12-26 02:41:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Application Data\Mozilla [2009-12-26 02:37:46 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll [2009-12-26 02:36:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Application Data\Sun [2009-12-26 01:11:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\My Documents\My Received Files [2009-12-26 01:11:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Application Data\BearShareTb [2009-12-26 01:10:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Local Settings\Application Data\BearShare [2009-12-26 01:10:19 | 00,483,328 | ---- | C] (SoftShape Development) -- C:\WINDOWS\System32\actskn45.ocx [2009-12-26 00:43:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF [2009-12-26 00:43:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2009-12-26 00:42:59 | 00,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll [2009-12-26 00:42:48 | 00,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll [2009-12-26 00:42:21 | 00,000,000 | ---D | C] -- C:\Program Files\Media Player Product Tool 5.22 [2009-12-26 00:42:19 | 00,023,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe [2009-12-25 19:49:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\My Documents\Primeiras Fotos Joana Natal 2009 [2009-12-25 19:29:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\My Documents\My Albums [2009-12-25 19:29:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Application Data\ArcSoft [2009-12-25 19:27:50 | 00,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\PCDLIB32.DLL [2009-12-25 19:27:50 | 00,163,840 | ---- | C] (ArcSoft Inc.) -- C:\WINDOWS\System32\PhotoImpression Screen Saver.scr [2009-12-25 19:26:19 | 00,000,000 | ---D | C] -- C:\Program Files\ArcSoft [2009-12-25 19:25:16 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys [2009-12-25 19:25:07 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys [2009-12-25 19:25:02 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax [2009-12-25 19:25:02 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax [2009-12-25 19:25:01 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys [2009-12-25 19:24:56 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys [2009-12-25 19:24:47 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys [2009-12-25 19:24:30 | 00,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys [2009-12-25 19:24:20 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys [2009-12-25 19:23:37 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax [2009-12-25 19:23:37 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax [2009-12-25 19:23:37 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax [2009-12-25 19:23:37 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax [2009-12-25 19:23:37 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax [2009-12-25 19:23:37 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax [2009-12-25 19:23:34 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax [2009-12-25 19:23:34 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax [2009-12-25 19:23:34 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax [2009-12-25 19:23:34 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax [2009-12-25 19:23:33 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll [2009-12-25 19:23:33 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll [2009-12-25 19:19:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Dual Mode Camera [2009-12-25 19:19:54 | 00,135,168 | ---- | C] (JEILIN Tech.) -- C:\WINDOWS\System32\jl_jdct.drv [2009-12-25 19:19:52 | 00,068,762 | ---- | C] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\jl2005c.sys [2009-12-25 19:19:52 | 00,015,360 | ---- | C] (JEILIN Technology Corp.) -- C:\WINDOWS\System32\jl2005c.ax [2009-12-25 19:19:51 | 00,000,000 | ---D | C] -- C:\Program Files\JL2005D [2009-12-24 18:01:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\My Documents\Downloads [2009-12-24 17:05:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2009-12-24 17:00:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2009-12-24 17:00:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Local Settings\Application Data\Temp [2009-12-24 17:00:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Local Settings\Application Data\Google [2009-12-24 17:00:31 | 00,000,000 | ---D | C] -- C:\Program Files\Google [2009-12-24 15:19:31 | 00,000,000 | RHSD | C] -- C:\cmdcons [2009-12-24 15:17:46 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2009-12-24 15:17:46 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2009-12-24 15:17:46 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2009-12-24 15:17:46 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2009-12-23 06:58:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT [2009-12-23 06:57:03 | 00,000,000 | ---D | C] -- C:\Qoobox [2009-11-21 15:53:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2009-11-21 15:53:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2009-11-21 15:51:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2009-11-21 15:51:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010-01-06 22:10:14 | 00,001,018 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010-01-06 22:06:33 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Computador\Desktop\OTL.exe [2010-01-06 21:35:08 | 00,001,014 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010-01-06 21:35:00 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010-01-06 21:34:03 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010-01-06 21:34:00 | 25,118,7200 | -HS- | M] () -- C:\hiberfil.sys [2010-01-06 09:57:54 | 02,359,296 | -H-- | M] () -- C:\Documents and Settings\Computador\NTUSER.DAT [2010-01-06 09:57:54 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Computador\ntuser.ini [2010-01-06 09:57:40 | 00,000,292 | ---- | M] () -- C:\WINDOWS\cmmixer.ini [2010-01-06 09:57:37 | 03,628,286 | -H-- | M] () -- C:\Documents and Settings\Computador\Local Settings\Application Data\IconCache.db [2010-01-02 23:27:34 | 00,001,536 | ---- | M] () -- C:\Documents and Settings\Computador\Start Menu\Programs\Startup\LimeWire On Startup.lnk [2010-01-02 23:25:01 | 00,001,578 | ---- | M] () -- C:\Documents and Settings\Computador\Desktop\LimeWire 5.4.6.lnk [2010-01-02 22:52:13 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010-01-02 22:52:13 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010-01-02 22:52:13 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010-01-02 22:52:13 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl [2010-01-02 22:52:11 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll [2010-01-02 22:50:51 | 18,848,592 | ---- | M] (Lime Wire LLC) -- C:\Documents and Settings\Computador\Desktop\LimeWireWin.exe [2010-01-02 13:15:35 | 00,002,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winsock.dll [2010-01-02 13:15:35 | 00,002,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsock.dll [2010-01-02 13:12:55 | 56,294,728 | ---- | M] (Norman ASA) -- C:\Documents and Settings\Computador\Desktop\Norman_Malware_Cleaner.exe [2009-12-31 16:07:37 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat [2009-12-30 10:54:51 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009-12-27 08:00:41 | 00,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk [2009-12-27 08:00:36 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [2009-12-27 07:44:50 | 41,099,840 | ---- | M] () -- C:\Documents and Settings\Computador\Desktop\setupptg.exe [2009-12-27 07:30:35 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini [2009-12-26 00:43:02 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00.Wdf [2009-12-25 19:27:47 | 00,001,708 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PhotoImpression 4.lnk [2009-12-24 18:01:53 | 00,063,592 | ---- | M] () -- C:\Documents and Settings\Computador\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2009-12-24 17:01:28 | 00,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk [2009-12-24 15:19:37 | 00,000,281 | RHS- | M] () -- C:\boot.ini [2009-12-23 06:48:18 | 03,864,228 | R--- | M] () -- C:\Documents and Settings\Computador\Desktop\ComboFix.exe [2009-12-09 22:54:07 | 00,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010-01-02 23:27:34 | 00,001,536 | ---- | C] () -- C:\Documents and Settings\Computador\Start Menu\Programs\Startup\LimeWire On Startup.lnk [2010-01-02 23:25:01 | 00,001,578 | ---- | C] () -- C:\Documents and Settings\Computador\Desktop\LimeWire 5.4.6.lnk [2009-12-31 16:07:37 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat [2009-12-27 08:00:41 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk [2009-12-27 07:59:49 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx [2009-12-27 07:44:45 | 41,099,840 | ---- | C] () -- C:\Documents and Settings\Computador\Desktop\setupptg.exe [2009-12-26 01:11:43 | 00,076,407 | ---- | C] () -- C:\Documents and Settings\Computador\Application Data\Smiley.ico [2009-12-26 00:43:02 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00.Wdf [2009-12-25 19:27:47 | 00,001,708 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PhotoImpression 4.lnk [2009-12-24 17:01:28 | 00,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk [2009-12-24 17:00:38 | 00,001,018 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2009-12-24 17:00:38 | 00,001,014 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2009-12-24 15:19:36 | 00,000,211 | ---- | C] () -- C:\Boot.bak [2009-12-24 15:19:34 | 00,261,920 | ---- | C] () -- C:\cmldr [2009-12-24 15:17:46 | 00,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe [2009-12-24 15:17:46 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2009-12-24 15:17:46 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2009-12-24 15:17:46 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2009-12-24 15:17:46 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2009-12-23 06:48:18 | 03,864,228 | R--- | C] () -- C:\Documents and Settings\Computador\Desktop\ComboFix.exe [2009-11-27 20:56:38 | 00,005,120 | ---- | C] () -- C:\Documents and Settings\Computador\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009-10-13 22:31:48 | 00,000,292 | ---- | C] () -- C:\WINDOWS\cmmixer.ini [2009-10-13 17:03:42 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009-10-13 16:39:25 | 00,000,676 | R--- | C] () -- C:\WINDOWS\System32\ptcounty.ini [2009-10-13 16:33:27 | 00,004,320 | R--- | C] () -- C:\WINDOWS\mixerdef.ini [2004-08-03 23:56:44 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll [2003-01-07 19:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI ========== LOP Check ========== [2009-12-27 04:33:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1323C [2009-12-26 01:38:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Computador\Application Data\BearShareTb [2010-01-06 21:40:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Computador\Application Data\LimeWire [2010-01-02 22:12:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Computador\Application Data\QuickScan [2009-12-27 11:39:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Computador\Application Data\SmartDraw ========== Purity Check ========== < End of report > e OTL Extras logfile created on: 06-01-2010 22:08:57 - Run 1 OTL by OldTimer - Version 3.1.21.2 Folder = C:\Documents and Settings\Computador\Desktop Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 6.0.2900.2180) Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy 239,00 Mb Total Physical Memory | 99,00 Mb Available Physical Memory | 41,00% Memory free 586,00 Mb Paging File | 198,00 Mb Available in Paging File | 34,00% Paging File free Paging file location(s): C:\pagefile.sys 360 720 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 29,29 Gb Total Space | 23,87 Gb Free Space | 81,50% Space Free | Partition Type: NTFS Drive D: | 47,39 Gb Total Space | 46,71 Gb Free Space | 98,57% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BF277C0D78A84A6 Current User Name: Computador Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1757981266-854245398-842925246-1003\SOFTWARE\Classes\<extension>] .html [@ = ChromeHTML] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DoNotAllowExceptions" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 "10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect "10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect "10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect "10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect "10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect "10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 16 "{68D5CEF9-0DA8-47FE-B0EB-4CBFB5AAF662}" = ArcSoft PhotoImpression 4 "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{7CCEBC24-62DB-4280-A8EC-BFA49F167920}" = Software Update for Web Folders "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{9E17C94B-913A-48A4-B1A8-8CE25157C170}" = Media Player Product Tool 5.22 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC76BA86-7AD7-1046-7B44-A81300000003}" = Adobe Reader 8.1.3 - Português "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Shockwave Player" = Adobe Shockwave Player 11.5 "avast!" = avast! Antivirus "Dual Mode Camera_is1" = Uninstall Dual Mode Camera "Google Chrome" = Google Chrome "HijackThis" = HijackThis 2.0.2 "hp deskjet 845c series" = hp deskjet 845c series (Remover somente) "Installing HSP56 MicroModem Drivers" = HSP56 MicroModem Drivers "LimeWire" = LimeWire 5.4.6 "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver "Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 "WinRAR archiver" = Compressor WinRAR "winusb0100" = Microsoft WinUsb 1.0 "Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7 ========== Last 10 Event Log Errors ========== [ Antivirus Events ] Error - 02-01-2010 9:15:00 | Computer Name = BF277C0D78A84A6 | Source = avast! | ID = 33554522 Description = Error in aswChestS: chest s_RestoreFile Error 32. Error - 02-01-2010 9:15:00 | Computer Name = BF277C0D78A84A6 | Source = avast! | ID = 33554522 Description = Error in aswChestC: chestRestoreFile Error 32. Error - 02-01-2010 9:15:00 | Computer Name = BF277C0D78A84A6 | Source = avast! | ID = 33554522 Description = Error in aswChestC: chestGetFile Error 32. Error - 02-01-2010 9:15:00 | Computer Name = BF277C0D78A84A6 | Source = avast! | ID = 33554522 Description = aswChestInterface - Program error description: CChestListView::ExtractSelectedFiles() chestGetFile() failed: 32. Error - 02-01-2010 9:15:58 | Computer Name = BF277C0D78A84A6 | Source = avast! | ID = 33554522 Description = Error in aswChestS: chest s_RestoreFile Error 32. Error - 02-01-2010 9:15:58 | Computer Name = BF277C0D78A84A6 | Source = avast! | ID = 33554522 Description = Error in aswChestC: chestRestoreFile Error 32. Error - 02-01-2010 9:15:58 | Computer Name = BF277C0D78A84A6 | Source = avast! | ID = 33554522 Description = Error in aswChestC: chestGetFile Error 32. Error - 02-01-2010 9:15:58 | Computer Name = BF277C0D78A84A6 | Source = avast! | ID = 33554522 Description = aswChestInterface - Program error description: CChestListView::ExtractSelectedFiles() chestGetFile() failed: 32. [ Application Events ] Error - 05-01-2010 8:32:48 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1001 Description = Fault bucket 126637809. Error - 05-01-2010 8:32:52 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1001 Description = Fault bucket 126637809. Error - 05-01-2010 22:29:50 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1002 Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 05-01-2010 22:29:50 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1002 Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 05-01-2010 22:29:50 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1002 Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 05-01-2010 23:55:06 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1001 Description = Fault bucket 126637809. Error - 05-01-2010 23:55:07 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1001 Description = Fault bucket 126637809. Error - 05-01-2010 23:55:07 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1001 Description = Fault bucket 126637809. Error - 05-01-2010 23:55:25 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1002 Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 05-01-2010 23:55:31 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1001 Description = Fault bucket 126637809. [ System Events ] Error - 26-12-2009 11:43:02 | Computer Name = BF277C0D78A84A6 | Source = Service Control Manager | ID = 7034 Description = The avast! Web Scanner service terminated unexpectedly. It has done this 1 time(s). Error - 29-12-2009 19:18:44 | Computer Name = BF277C0D78A84A6 | Source = Dhcp | ID = 1000 Description = Your computer has lost the lease to its IP address 192.168.0.11 on the Network Card with network address 00D009E523E3. Error - 31-12-2009 16:22:52 | Computer Name = BF277C0D78A84A6 | Source = DCOM | ID = 10010 Description = The server {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} did not register with DCOM within the required timeout. Error - 03-01-2010 10:08:50 | Computer Name = BF277C0D78A84A6 | Source = DCOM | ID = 10010 Description = The server {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} did not register with DCOM within the required timeout. Error - 04-01-2010 11:04:25 | Computer Name = BF277C0D78A84A6 | Source = Service Control Manager | ID = 7009 Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service to connect. Error - 04-01-2010 11:04:25 | Computer Name = BF277C0D78A84A6 | Source = Service Control Manager | ID = 7000 Description = The avast! Web Scanner service failed to start due to the following error: %%1053 Error - 04-01-2010 11:05:43 | Computer Name = BF277C0D78A84A6 | Source = Service Control Manager | ID = 7034 Description = The avast! Web Scanner service terminated unexpectedly. It has done this 1 time(s). Error - 04-01-2010 18:26:32 | Computer Name = BF277C0D78A84A6 | Source = DCOM | ID = 10010 Description = The server {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} did not register with DCOM within the required timeout. Error - 06-01-2010 3:40:08 | Computer Name = BF277C0D78A84A6 | Source = W32Time | ID = 39452706 Description = The time service has detected that the system time needs to be changed by +175684 seconds. The time service will not change the system time by more than +54000 seconds. Verify that your time and time zone are correct, and that the time source time.windows.com (ntp.m|0x1|192.168.0.11:123->207.46.232.182:123) is working properly. Error - 06-01-2010 17:35:38 | Computer Name = BF277C0D78A84A6 | Source = DCOM | ID = 10010 Description = The server {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} did not register with DCOM within the required timeout. < End of report > Tudo de Bom Bom dia. Podia me dar a sua opinião sobre os 2 últimos reports? Existe algum malware no sistema ? Abraço, Puma 78 Compartilhar este post Link para o post Compartilhar em outros sites
Mário Monteiro 179 Denunciar post Postado Fevereiro 10, 2010 Tópico Arquivado Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado. Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura. Compartilhar este post Link para o post Compartilhar em outros sites
