Ir para conteúdo

Arquivado

Este tópico foi arquivado e está fechado para novas respostas.

Puma 78

[Arquivado] Agradeço analise de log do Hijackthis

Recommended Posts

Bom ano de 2010,

 

Agradeço analise log do Hijackthis.

Depois de efectuar scan com antivírus, encontram-se 3 ficheiros infectados; kernel32.dll, winsock.dll e wsock32.dll.

 

Log do Hijackthis:

 

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:27:16, on 01-01-2010

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\WINDOWS\Mixer.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\pctspk.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (file missing)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [CountrySelection] pctptt.exe

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

O23 - Service: Serviço Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: W2K PCtel speaker phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe

 

--

End of file - 4419 bytes

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! Puma78

 

<!> Se os ficheiros,ainda,estão na quarentena do Avast recomendo sua restauração.

°°°°°°°°°°°°°°°°°°°°°°°°

°°°°°°°°°°°°°°°°°°°°°°°°

<@> Baixe: < Norman Malware Cleaner >

<@> Salve-o no desktop.

<@> Abra o arquivo e clique em Executar --> Accept.

<@> Clique em Add,para adicionar ou Remove,para remover unidades/setores à serem escaneados. ( C:\*.*,D:\*.*,E:\*.*,etc... )

<@> Clique em "Start scan" --> Aguarde!

<@> Terminando,poste o relatório,que estará no desktop. ( NFix_2010-xx-xx_yy-yy-yy.log ) <--

°°°°°°°°°°°°°°°°°°°°°°°°

°°°°°°°°°°°°°°°°°°°°°°°°

<@> Faça uma análise em: < BitDefender_QuickScan >

<@> Na página,clique em "Permitir" para que seja instalado o complemento ao Firefox. <-- Caso utilize esse navegador!

<@> Após instalar o complemento,clique em "Iniciar Análise".

<@> Marque: "I ACCEPT" --> OK

<@> Se houver algum alerta,clique em "Interromper script" para que tenha início o scan.

<@> Concluindo,clique em "Ver registro".

<@> Poste o relatório: Report 2010-xx-yy _*_.txt

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Bom Dia! Puma78

 

<!> Se os ficheiros,ainda,estão na quarentena do Avast recomendo sua restauração.

°°°°°°°°°°°°°°°°°°°°°°°°

°°°°°°°°°°°°°°°°°°°°°°°°

<@> Baixe: < Norman Malware Cleaner >

<@> Salve-o no desktop.

<@> Abra o arquivo e clique em Executar --> Accept.

<@> Clique em Add,para adicionar ou Remove,para remover unidades/setores à serem escaneados. ( C:\*.*,D:\*.*,E:\*.*,etc... )

<@> Clique em "Start scan" --> Aguarde!

<@> Terminando,poste o relatório,que estará no desktop. ( NFix_2010-xx-xx_yy-yy-yy.log ) <--

°°°°°°°°°°°°°°°°°°°°°°°°

°°°°°°°°°°°°°°°°°°°°°°°°

<@> Faça uma análise em: < BitDefender_QuickScan >

<@> Na página,clique em "Permitir" para que seja instalado o complemento ao Firefox. <-- Caso utilize esse navegador!

<@> Após instalar o complemento,clique em "Iniciar Análise".

<@> Marque: "I ACCEPT" --> OK

<@> Se houver algum alerta,clique em "Interromper script" para que tenha início o scan.

<@> Concluindo,clique em "Ver registro".

<@> Poste o relatório: Report 2010-xx-yy _*_.txt

 

Abraços!

 

Bom dia, Digram

 

Agradeço a atenção aqui vão os reports:

 

Norman Malware Cleaner

Version 1.6.2

Copyright © 1990 - 2009, Norman ASA. Built 2009/12/31 08:29:54

 

Norman Scanner Engine Version: 6.04.03

Nvcbin.def Version: 6.04.00, Date: 2009/12/31 08:29:54, Variants: 4653509

 

Scan started: 02/01/2010 20:22:25

 

Running pre-scan cleanup routine:

Operating System: Microsoft Windows XP Professional 5.1.2600 Service Pack 2

Logged on user: BF277C0D78A84A6\Computador

 

 

Scanning bootsectors...

 

Number of sectors found: 0

Number of sectors scanned: 0

Number of sectors not scanned: 0

Number of infections found: 0

Number of infections removed: 0

Total scanning time: 0s 221ms

 

 

Scanning running processes and process memory...

 

Number of processes/threads found: 2620

Number of processes/threads scanned: 2620

Number of processes/threads not scanned: 0

Number of infected processes/threads terminated: 0

Total scanning time: 8m 58s

 

 

Scanning file system...

 

Scanning: prescan

 

Scanning: C:\*.*

 

Scanning: D:\*.*

 

Scanning: postscan

 

 

Running post-scan cleanup routine:

 

Number of files found: 45240

Number of archives unpacked: 266

Number of files scanned: 45238

Number of files not scanned: 2

Number of files skipped due to exclude list: 0

Number of infected files found: 0

Number of infected files repaired/deleted: 0

Number of infections removed: 0

Total scanning time: 1h 2m 7s

 

e

 

BitDefender QuickScan Beta 32-bit v0.9.8.9

------------------------------------------

 

Data da análise: Sat Jan 02 22:09:40 2010

ID da máquina: 64879C04

 

 

 

Não foram encontradas infecções.

----------------------------------

 

 

Processos

---------

<não assinado> Mixer 1424 C:\WINDOWS\Mixer.exe

<não assinado> PCTSPK.EXE 1232 C:\WINDOWS\system32\pctspk.exe

 

<verificado> avast! Antivirus 1472 C:\Program Files\Alwil Software\Avast4\ashDisp.exe

<verificado> avast! Antivirus 332 C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

<verificado> avast! Antivirus 1296 C:\Program Files\Alwil Software\Avast4\ashServ.exe

<verificado> avast! Antivirus 532 C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

<verificado> avast! Antivirus 1244 C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

<verificado> GoogleToolbarNotifier 1488 C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

<verificado> Microsoft® Visual Studio .NET 1140 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

<verificado> Microsoft® Windows® Operating System 4048 C:\Program Files\Internet Explorer\IEXPLORE.EXE

<verificado> Microsoft® Windows® Operating System 1304 C:\WINDOWS\Explorer.EXE

<verificado> Microsoft® Windows® Operating System 2224 C:\WINDOWS\System32\alg.exe

<verificado> Microsoft® Windows® Operating System 488 C:\WINDOWS\system32\csrss.exe

<verificado> Microsoft® Windows® Operating System 1480 C:\WINDOWS\system32\ctfmon.exe

<verificado> Microsoft® Windows® Operating System 568 C:\WINDOWS\system32\lsass.exe

<verificado> Microsoft® Windows® Operating System 556 C:\WINDOWS\system32\services.exe

<verificado> Microsoft® Windows® Operating System 432 C:\WINDOWS\System32\smss.exe

<verificado> Microsoft® Windows® Operating System 1832 C:\WINDOWS\system32\spoolsv.exe

<verificado> Microsoft® Windows® Operating System 616 C:\WINDOWS\system32\svchost.exe

<verificado> Microsoft® Windows® Operating System 724 C:\WINDOWS\system32\svchost.exe

<verificado> Microsoft® Windows® Operating System 772 C:\WINDOWS\system32\svchost.exe

<verificado> Microsoft® Windows® Operating System 840 C:\WINDOWS\System32\svchost.exe

<verificado> Microsoft® Windows® Operating System 904 C:\WINDOWS\system32\svchost.exe

<verificado> Microsoft® Windows® Operating System 992 C:\WINDOWS\system32\svchost.exe

<verificado> Microsoft® Windows® Operating System 512 C:\WINDOWS\system32\winlogon.exe

<verificado> Microsoft® Windows® Operating System 2576 C:\WINDOWS\system32\wuauclt.exe

 

 

Atividade da Rede

 

Obrigado

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! Puma 78

 

<@> Baixe: < otlDesktopIcon.png > ( ...by OldTimer Tools )

<@> Salve-o no desktop!

 

OTLI-scan.png

 

<@> Segundo a imagem,mude a opção em "Output" para "Minimal Output".

<@> Duplo-clique em OTL.exe --> Marque a opção "Scan All Users".

<@> Marque as caixas:

 

<!> [] LOP check e [] Purity check

 

<@> Clique em: < runscanbutton.png > --> Aguarde!

<@> Poste:

 

<1> OTL.txt <--

<2> Extra.txt <--

 

Abraços!

Compartilhar este post


Link para o post
Compartilhar em outros sites

Boa Tarde! Puma 78

 

<@> Baixe: < otlDesktopIcon.png > ( ...by OldTimer Tools )

<@> Salve-o no desktop!

 

OTLI-scan.png

 

<@> Segundo a imagem,mude a opção em "Output" para "Minimal Output".

<@> Duplo-clique em OTL.exe --> Marque a opção "Scan All Users".

<@> Marque as caixas:

 

<!> [] LOP check e [] Purity check

 

<@> Clique em: < runscanbutton.png > --> Aguarde!

<@> Poste:

 

<1> OTL.txt <--

<2> Extra.txt <--

 

Abraços!

 

Bom dia,

 

Obrigado pela sua atenção.

 

Aqui vai;

 

OTL logfile created on: 06-01-2010 22:08:57 - Run 1

OTL by OldTimer - Version 3.1.21.2 Folder = C:\Documents and Settings\Computador\Desktop

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy

 

239,00 Mb Total Physical Memory | 99,00 Mb Available Physical Memory | 41,00% Memory free

586,00 Mb Paging File | 198,00 Mb Available in Paging File | 34,00% Paging File free

Paging file location(s): C:\pagefile.sys 360 720 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 29,29 Gb Total Space | 23,87 Gb Free Space | 81,50% Space Free | Partition Type: NTFS

Drive D: | 47,39 Gb Total Space | 46,71 Gb Free Space | 98,57% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: BF277C0D78A84A6

Current User Name: Computador

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 

========== Processes (SafeList) ==========

 

PRC - C:\Documents and Settings\Computador\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

PRC - C:\Program Files\Java\jre6\bin\jucheck.exe (Sun Microsystems, Inc.)

PRC - C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)

PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

PRC - C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)

PRC - C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)

PRC - C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)

PRC - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)

PRC - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)

PRC - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)

PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)

PRC - C:\WINDOWS\mixer.exe (C-Media Electronic Inc.)

PRC - C:\WINDOWS\system32\pctspk.exe (PCtel, Inc.)

 

 

========== Modules (SafeList) ==========

 

MOD - C:\Documents and Settings\Computador\Desktop\OTL.exe (OldTimer Tools)

MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2649_x-ww_aac16c8b\comctl32.dll (Microsoft Corporation)

 

 

========== Win32 Services (SafeList) ==========

 

SRV - (JavaQuickStarterService) -- C:\Program Files\Java\jre6\bin\jqs.exe (Sun Microsystems, Inc.)

SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google)

SRV - (gupdate) Serviço Google Update (gupdate) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.)

SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe (ALWIL Software)

SRV - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (ALWIL Software)

SRV - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (ALWIL Software)

SRV - (aswUpdSv) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (ALWIL Software)

SRV - (WMConnectCDS) -- C:\Program Files\Windows Media Connect 2\wmccds.exe (Microsoft Corporation)

SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)

SRV - (Pctspk) -- C:\WINDOWS\system32\pctspk.exe (PCtel, Inc.)

 

 

========== Driver Services (SafeList) ==========

 

DRV - (aswMon2) -- C:\WINDOWS\system32\drivers\aswmon2.sys (ALWIL Software)

DRV - (aswSP) -- C:\WINDOWS\system32\drivers\aswSP.sys (ALWIL Software)

DRV - (aswFsBlk) -- C:\WINDOWS\system32\drivers\aswFsBlk.sys (ALWIL Software)

DRV - (aswTdi) -- C:\WINDOWS\system32\drivers\aswTdi.sys (ALWIL Software)

DRV - (aswRdr) -- C:\WINDOWS\system32\drivers\aswRdr.sys (ALWIL Software)

DRV - (Aavmker4) -- C:\WINDOWS\system32\drivers\aavmker4.sys (ALWIL Software)

DRV - (JL2005C) -- C:\WINDOWS\system32\drivers\jl2005c.sys (Windows ® 2000 DDK provider)

DRV - (SISNICXP) -- C:\WINDOWS\system32\drivers\sisnicxp.sys (SiS Corporation)

DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)

DRV - (SISNIC) -- C:\WINDOWS\system32\drivers\sisnic.sys (SiS Corporation)

DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation)

DRV - (gameenum) -- C:\WINDOWS\system32\drivers\gameenum.sys (Microsoft Corporation)

DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.)

DRV - (AliIde) -- C:\WINDOWS\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)

DRV - (NtApm) -- C:\WINDOWS\system32\drivers\NtApm.sys (Microsoft Corporation)

DRV - (ms_mpu401) -- C:\WINDOWS\system32\drivers\msmpu401.sys (Microsoft Corporation)

DRV - (MODEMCSA) -- C:\WINDOWS\system32\drivers\MODEMCSA.sys (Microsoft Corporation)

DRV - (s3m) -- C:\WINDOWS\system32\drivers\s3m.sys (S3 Incorporated)

DRV - (cmpci) C-Media PCI Audio Driver (WDM) -- C:\WINDOWS\system32\drivers\cmaudio.sys (C-Media Inc)

DRV - (Vpctcom) -- C:\WINDOWS\system32\DRIVERS\vpctcom.sys (PCtel, Inc.)

DRV - (Vmodem) -- C:\WINDOWS\system32\DRIVERS\vmodem.sys (PCTEL, INC.)

DRV - (ptserial) -- C:\WINDOWS\system32\drivers\ptserial.sys (PCTEL, INC.)

DRV - (Vvoice) -- C:\WINDOWS\system32\DRIVERS\vvoice.sys (PCtel, Inc.)

 

 

========== Standard Registry (SafeList) ==========

 

 

========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

 

 

IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found

IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found

IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-1757981266-854245398-842925246-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

IE - HKU\S-1-5-21-1757981266-854245398-842925246-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pt/

IE - HKU\S-1-5-21-1757981266-854245398-842925246-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKU\S-1-5-21-1757981266-854245398-842925246-1003\S-1-5-21-1757981266-854245398-842925246-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

[2009-12-26 02:41:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Computador\Application Data\Mozilla\Extensions

[2009-12-26 02:41:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Computador\Application Data\Mozilla\Extensions\mozswing@mozswing.org

 

O1 HOSTS File: (734 bytes) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 localhost

O2 - BHO: (Facilitador de Leitor de Link Adobe PDF) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKU\S-1-5-21-1757981266-854245398-842925246-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)

O4 - HKLM..\Run: [C-Media Mixer] C:\WINDOWS\mixer.exe (C-Media Electronic Inc.)

O4 - HKLM..\Run: [CountrySelection] C:\WINDOWS\System32\pctptt.exe (PCtel, Inc.)

O4 - HKLM..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb03.exe (HP)

O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)

O4 - HKU\S-1-5-21-1757981266-854245398-842925246-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - Startup: C:\Documents and Settings\Computador\Start Menu\Programs\Startup\LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe (Lime Wire, LLC)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Main present

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Main present

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Main present

O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-19_Classes\Software\Policies\Microsoft\Internet Explorer\Main present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Main present

O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-20_Classes\Software\Policies\Microsoft\Internet Explorer\Main present

O7 - HKU\S-1-5-21-1757981266-854245398-842925246-1003\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-1757981266-854245398-842925246-1003\Software\Policies\Microsoft\Internet Explorer\Main present

O7 - HKU\S-1-5-21-1757981266-854245398-842925246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\S-1-5-21-1757981266-854245398-842925246-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\S-1-5-21-1757981266-854245398-842925246-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKU\S-1-5-21-1757981266-854245398-842925246-1003_Classes\Software\Policies\Microsoft\Internet Explorer\Main present

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.)

O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)

O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} http://quickscan.bitdefender.com/qsax/qsax.cab (qsax Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)

O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab (Java Plug-in 1.6.0_16)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.113.164.24 212.113.164.51

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009-10-13 17:14:17 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O35 - comfile [open] -- "%1" %*

O35 - exefile [open] -- "%1" %*

 

========== Files/Folders - Created Within 30 Days ==========

 

[2010-01-06 22:06:27 | 00,513,536 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Computador\Desktop\OTL.exe

[2010-01-02 22:58:18 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\My Documents\LimeWire

[2010-01-02 22:56:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Application Data\LimeWire

[2010-01-02 22:52:49 | 00,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2010-01-02 22:52:49 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2010-01-02 22:52:49 | 00,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2010-01-02 22:52:49 | 00,073,728 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl

[2010-01-02 22:52:03 | 00,000,000 | ---D | C] -- C:\Program Files\Java

[2010-01-02 22:51:19 | 00,000,000 | ---D | C] -- C:\Program Files\LimeWire

[2010-01-02 22:50:49 | 18,848,592 | ---- | C] (Lime Wire LLC) -- C:\Documents and Settings\Computador\Desktop\LimeWireWin.exe

[2010-01-02 21:57:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Application Data\QuickScan

[2010-01-02 13:12:31 | 56,294,728 | ---- | C] (Norman ASA) -- C:\Documents and Settings\Computador\Desktop\Norman_Malware_Cleaner.exe

[2010-01-01 18:59:56 | 00,000,000 | -HSD | C] -- C:\RECYCLER

[2009-12-31 16:08:25 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Application Data\Google

[2009-12-31 16:06:33 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Google

[2009-12-31 16:04:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe

[2009-12-27 11:19:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\System

[2009-12-27 11:19:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Application Data\SmartDraw

[2009-12-27 10:27:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\My Documents\DOC´S JORGE

[2009-12-27 08:00:40 | 00,048,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys

[2009-12-27 08:00:40 | 00,023,120 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys

[2009-12-27 08:00:39 | 00,027,408 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys

[2009-12-27 08:00:37 | 00,097,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\AvastSS.scr

[2009-12-27 08:00:36 | 00,114,768 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswSP.sys

[2009-12-27 08:00:36 | 00,094,160 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys

[2009-12-27 08:00:36 | 00,093,424 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswmon.sys

[2009-12-27 08:00:36 | 00,020,560 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys

[2009-12-27 07:59:49 | 01,280,480 | ---- | C] (ALWIL Software) -- C:\WINDOWS\System32\aswBoot.exe

[2009-12-27 07:33:30 | 00,000,000 | ---D | C] -- C:\WINDOWS\temp

[2009-12-27 04:33:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\1323C

[2009-12-26 02:41:54 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Application Data\Mozilla

[2009-12-26 02:37:46 | 00,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll

[2009-12-26 02:36:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Application Data\Sun

[2009-12-26 01:11:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\My Documents\My Received Files

[2009-12-26 01:11:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Application Data\BearShareTb

[2009-12-26 01:10:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Local Settings\Application Data\BearShare

[2009-12-26 01:10:19 | 00,483,328 | ---- | C] (SoftShape Development) -- C:\WINDOWS\System32\actskn45.ocx

[2009-12-26 00:43:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF

[2009-12-26 00:43:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles

[2009-12-26 00:42:59 | 00,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll

[2009-12-26 00:42:48 | 00,014,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsgXP_2k3.dll

[2009-12-26 00:42:21 | 00,000,000 | ---D | C] -- C:\Program Files\Media Player Product Tool 5.22

[2009-12-26 00:42:19 | 00,023,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spupdsvc.exe

[2009-12-25 19:49:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\My Documents\Primeiras Fotos Joana Natal 2009

[2009-12-25 19:29:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\My Documents\My Albums

[2009-12-25 19:29:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Application Data\ArcSoft

[2009-12-25 19:27:50 | 00,212,480 | ---- | C] (Eastman Kodak) -- C:\WINDOWS\PCDLIB32.DLL

[2009-12-25 19:27:50 | 00,163,840 | ---- | C] (ArcSoft Inc.) -- C:\WINDOWS\System32\PhotoImpression Screen Saver.scr

[2009-12-25 19:26:19 | 00,000,000 | ---D | C] -- C:\Program Files\ArcSoft

[2009-12-25 19:25:16 | 00,005,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstee.sys

[2009-12-25 19:25:07 | 00,010,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ndisip.sys

[2009-12-25 19:25:02 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ipsink.ax

[2009-12-25 19:25:02 | 00,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ipsink.ax

[2009-12-25 19:25:01 | 00,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\streamip.sys

[2009-12-25 19:24:56 | 00,011,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\slip.sys

[2009-12-25 19:24:47 | 00,019,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wstcodec.sys

[2009-12-25 19:24:30 | 00,085,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nabtsfec.sys

[2009-12-25 19:24:20 | 00,017,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ccdecode.sys

[2009-12-25 19:23:37 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kswdmcap.ax

[2009-12-25 19:23:37 | 00,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kswdmcap.ax

[2009-12-25 19:23:37 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\ksxbar.ax

[2009-12-25 19:23:37 | 00,043,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ksxbar.ax

[2009-12-25 19:23:37 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax

[2009-12-25 19:23:37 | 00,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vidcap.ax

[2009-12-25 19:23:34 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kstvtune.ax

[2009-12-25 19:23:34 | 00,061,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kstvtune.ax

[2009-12-25 19:23:34 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dshowext.ax

[2009-12-25 19:23:34 | 00,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dshowext.ax

[2009-12-25 19:23:33 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vfwwdm32.dll

[2009-12-25 19:23:33 | 00,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vfwwdm32.dll

[2009-12-25 19:19:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Desktop\Dual Mode Camera

[2009-12-25 19:19:54 | 00,135,168 | ---- | C] (JEILIN Tech.) -- C:\WINDOWS\System32\jl_jdct.drv

[2009-12-25 19:19:52 | 00,068,762 | ---- | C] (Windows ® 2000 DDK provider) -- C:\WINDOWS\System32\drivers\jl2005c.sys

[2009-12-25 19:19:52 | 00,015,360 | ---- | C] (JEILIN Technology Corp.) -- C:\WINDOWS\System32\jl2005c.ax

[2009-12-25 19:19:51 | 00,000,000 | ---D | C] -- C:\Program Files\JL2005D

[2009-12-24 18:01:35 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\My Documents\Downloads

[2009-12-24 17:05:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google

[2009-12-24 17:00:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google

[2009-12-24 17:00:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Local Settings\Application Data\Temp

[2009-12-24 17:00:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Computador\Local Settings\Application Data\Google

[2009-12-24 17:00:31 | 00,000,000 | ---D | C] -- C:\Program Files\Google

[2009-12-24 15:19:31 | 00,000,000 | RHSD | C] -- C:\cmdcons

[2009-12-24 15:17:46 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe

[2009-12-24 15:17:46 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe

[2009-12-24 15:17:46 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe

[2009-12-24 15:17:46 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe

[2009-12-23 06:58:03 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT

[2009-12-23 06:57:03 | 00,000,000 | ---D | C] -- C:\Qoobox

[2009-11-21 15:53:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft

[2009-11-21 15:53:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft

[2009-11-21 15:51:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft

[2009-11-21 15:51:38 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files - Modified Within 30 Days ==========

 

[2010-01-06 22:10:14 | 00,001,018 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2010-01-06 22:06:33 | 00,513,536 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Computador\Desktop\OTL.exe

[2010-01-06 21:35:08 | 00,001,014 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2010-01-06 21:35:00 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT

[2010-01-06 21:34:03 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2010-01-06 21:34:00 | 25,118,7200 | -HS- | M] () -- C:\hiberfil.sys

[2010-01-06 09:57:54 | 02,359,296 | -H-- | M] () -- C:\Documents and Settings\Computador\NTUSER.DAT

[2010-01-06 09:57:54 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\Computador\ntuser.ini

[2010-01-06 09:57:40 | 00,000,292 | ---- | M] () -- C:\WINDOWS\cmmixer.ini

[2010-01-06 09:57:37 | 03,628,286 | -H-- | M] () -- C:\Documents and Settings\Computador\Local Settings\Application Data\IconCache.db

[2010-01-02 23:27:34 | 00,001,536 | ---- | M] () -- C:\Documents and Settings\Computador\Start Menu\Programs\Startup\LimeWire On Startup.lnk

[2010-01-02 23:25:01 | 00,001,578 | ---- | M] () -- C:\Documents and Settings\Computador\Desktop\LimeWire 5.4.6.lnk

[2010-01-02 22:52:13 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe

[2010-01-02 22:52:13 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe

[2010-01-02 22:52:13 | 00,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe

[2010-01-02 22:52:13 | 00,073,728 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javacpl.cpl

[2010-01-02 22:52:11 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deploytk.dll

[2010-01-02 22:50:51 | 18,848,592 | ---- | M] (Lime Wire LLC) -- C:\Documents and Settings\Computador\Desktop\LimeWireWin.exe

[2010-01-02 13:15:35 | 00,002,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winsock.dll

[2010-01-02 13:15:35 | 00,002,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsock.dll

[2010-01-02 13:12:55 | 56,294,728 | ---- | M] (Norman ASA) -- C:\Documents and Settings\Computador\Desktop\Norman_Malware_Cleaner.exe

[2009-12-31 16:07:37 | 00,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat

[2009-12-30 10:54:51 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2009-12-27 08:00:41 | 00,001,709 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk

[2009-12-27 08:00:36 | 00,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT

[2009-12-27 07:44:50 | 41,099,840 | ---- | M] () -- C:\Documents and Settings\Computador\Desktop\setupptg.exe

[2009-12-27 07:30:35 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini

[2009-12-26 00:43:02 | 00,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00.Wdf

[2009-12-25 19:27:47 | 00,001,708 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\PhotoImpression 4.lnk

[2009-12-24 18:01:53 | 00,063,592 | ---- | M] () -- C:\Documents and Settings\Computador\Local Settings\Application Data\GDIPFONTCACHEV1.DAT

[2009-12-24 17:01:28 | 00,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

[2009-12-24 15:19:37 | 00,000,281 | RHS- | M] () -- C:\boot.ini

[2009-12-23 06:48:18 | 03,864,228 | R--- | M] () -- C:\Documents and Settings\Computador\Desktop\ComboFix.exe

[2009-12-09 22:54:07 | 00,261,632 | ---- | M] () -- C:\WINDOWS\PEV.exe

[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

 

========== Files Created - No Company Name ==========

 

[2010-01-02 23:27:34 | 00,001,536 | ---- | C] () -- C:\Documents and Settings\Computador\Start Menu\Programs\Startup\LimeWire On Startup.lnk

[2010-01-02 23:25:01 | 00,001,578 | ---- | C] () -- C:\Documents and Settings\Computador\Desktop\LimeWire 5.4.6.lnk

[2009-12-31 16:07:37 | 00,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2009-12-27 08:00:41 | 00,001,709 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Antivirus.lnk

[2009-12-27 07:59:49 | 00,380,928 | ---- | C] () -- C:\WINDOWS\System32\actskin4.ocx

[2009-12-27 07:44:45 | 41,099,840 | ---- | C] () -- C:\Documents and Settings\Computador\Desktop\setupptg.exe

[2009-12-26 01:11:43 | 00,076,407 | ---- | C] () -- C:\Documents and Settings\Computador\Application Data\Smiley.ico

[2009-12-26 00:43:02 | 00,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\MsftWdf_user_01_07_00.Wdf

[2009-12-25 19:27:47 | 00,001,708 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\PhotoImpression 4.lnk

[2009-12-24 17:01:28 | 00,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk

[2009-12-24 17:00:38 | 00,001,018 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2009-12-24 17:00:38 | 00,001,014 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2009-12-24 15:19:36 | 00,000,211 | ---- | C] () -- C:\Boot.bak

[2009-12-24 15:19:34 | 00,261,920 | ---- | C] () -- C:\cmldr

[2009-12-24 15:17:46 | 00,261,632 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2009-12-24 15:17:46 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2009-12-24 15:17:46 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2009-12-24 15:17:46 | 00,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2009-12-24 15:17:46 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2009-12-23 06:48:18 | 03,864,228 | R--- | C] () -- C:\Documents and Settings\Computador\Desktop\ComboFix.exe

[2009-11-27 20:56:38 | 00,005,120 | ---- | C] () -- C:\Documents and Settings\Computador\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2009-10-13 22:31:48 | 00,000,292 | ---- | C] () -- C:\WINDOWS\cmmixer.ini

[2009-10-13 17:03:42 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2009-10-13 16:39:25 | 00,000,676 | R--- | C] () -- C:\WINDOWS\System32\ptcounty.ini

[2009-10-13 16:33:27 | 00,004,320 | R--- | C] () -- C:\WINDOWS\mixerdef.ini

[2004-08-03 23:56:44 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll

[2003-01-07 19:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

 

========== LOP Check ==========

 

[2009-12-27 04:33:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\1323C

[2009-12-26 01:38:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Computador\Application Data\BearShareTb

[2010-01-06 21:40:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Computador\Application Data\LimeWire

[2010-01-02 22:12:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Computador\Application Data\QuickScan

[2009-12-27 11:39:33 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Computador\Application Data\SmartDraw

 

========== Purity Check ==========

 

 

< End of report >

e

 

OTL Extras logfile created on: 06-01-2010 22:08:57 - Run 1

OTL by OldTimer - Version 3.1.21.2 Folder = C:\Documents and Settings\Computador\Desktop

Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation

Internet Explorer (Version = 6.0.2900.2180)

Locale: 00000816 | Country: Portugal | Language: PTG | Date Format: dd-MM-yyyy

 

239,00 Mb Total Physical Memory | 99,00 Mb Available Physical Memory | 41,00% Memory free

586,00 Mb Paging File | 198,00 Mb Available in Paging File | 34,00% Paging File free

Paging file location(s): C:\pagefile.sys 360 720 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files

Drive C: | 29,29 Gb Total Space | 23,87 Gb Free Space | 81,50% Space Free | Partition Type: NTFS

Drive D: | 47,39 Gb Total Space | 46,71 Gb Free Space | 98,57% Space Free | Partition Type: NTFS

E: Drive not present or media not loaded

F: Drive not present or media not loaded

G: Drive not present or media not loaded

H: Drive not present or media not loaded

I: Drive not present or media not loaded

 

Computer Name: BF277C0D78A84A6

Current User Name: Computador

Logged in as Administrator.

 

Current Boot Mode: Normal

Scan Mode: All users

Company Name Whitelist: Off

Skip Microsoft Files: Off

File Age = 30 Days

Output = Minimal

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-1757981266-854245398-842925246-1003\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)

 

========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirstRunDisabled" = 1

"AntiVirusOverride" = 0

"FirewallOverride" = 0

"AntiVirusDisableNotify" = 0

"FirewallDisableNotify" = 0

"UpdatesDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DoNotAllowExceptions" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007

"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008

"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Connect

"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Connect

"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Connect

"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Connect

"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Connect

"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Connect

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC)

 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}" = Adobe Flash Player 10 Plugin

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 16

"{68D5CEF9-0DA8-47FE-B0EB-4CBFB5AAF662}" = ArcSoft PhotoImpression 4

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{7CCEBC24-62DB-4280-A8EC-BFA49F167920}" = Software Update for Web Folders

"{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003

"{9E17C94B-913A-48A4-B1A8-8CE25157C170}" = Media Player Product Tool 5.22

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1046-7B44-A81300000003}" = Adobe Reader 8.1.3 - Português

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Adobe Shockwave Player" = Adobe Shockwave Player 11.5

"avast!" = avast! Antivirus

"Dual Mode Camera_is1" = Uninstall Dual Mode Camera

"Google Chrome" = Google Chrome

"HijackThis" = HijackThis 2.0.2

"hp deskjet 845c series" = hp deskjet 845c series (Remover somente)

"Installing HSP56 MicroModem Drivers" = HSP56 MicroModem Drivers

"LimeWire" = LimeWire 5.4.6

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"SiSLan" = SiS 900 PCI Fast Ethernet Adapter Driver

"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

"WinRAR archiver" = Compressor WinRAR

"winusb0100" = Microsoft WinUsb 1.0

"Wudf01007" = Microsoft User-Mode Driver Framework Feature Pack 1.7

 

========== Last 10 Event Log Errors ==========

 

[ Antivirus Events ]

Error - 02-01-2010 9:15:00 | Computer Name = BF277C0D78A84A6 | Source = avast! | ID = 33554522

Description = Error in aswChestS: chest s_RestoreFile Error 32.

 

Error - 02-01-2010 9:15:00 | Computer Name = BF277C0D78A84A6 | Source = avast! | ID = 33554522

Description = Error in aswChestC: chestRestoreFile Error 32.

 

Error - 02-01-2010 9:15:00 | Computer Name = BF277C0D78A84A6 | Source = avast! | ID = 33554522

Description = Error in aswChestC: chestGetFile Error 32.

 

Error - 02-01-2010 9:15:00 | Computer Name = BF277C0D78A84A6 | Source = avast! | ID = 33554522

Description = aswChestInterface - Program error description: CChestListView::ExtractSelectedFiles()

chestGetFile() failed: 32.

 

Error - 02-01-2010 9:15:58 | Computer Name = BF277C0D78A84A6 | Source = avast! | ID = 33554522

Description = Error in aswChestS: chest s_RestoreFile Error 32.

 

Error - 02-01-2010 9:15:58 | Computer Name = BF277C0D78A84A6 | Source = avast! | ID = 33554522

Description = Error in aswChestC: chestRestoreFile Error 32.

 

Error - 02-01-2010 9:15:58 | Computer Name = BF277C0D78A84A6 | Source = avast! | ID = 33554522

Description = Error in aswChestC: chestGetFile Error 32.

 

Error - 02-01-2010 9:15:58 | Computer Name = BF277C0D78A84A6 | Source = avast! | ID = 33554522

Description = aswChestInterface - Program error description: CChestListView::ExtractSelectedFiles()

chestGetFile() failed: 32.

 

[ Application Events ]

Error - 05-01-2010 8:32:48 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1001

Description = Fault bucket 126637809.

 

Error - 05-01-2010 8:32:52 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1001

Description = Fault bucket 126637809.

 

Error - 05-01-2010 22:29:50 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1002

Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

 

Error - 05-01-2010 22:29:50 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1002

Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

 

Error - 05-01-2010 22:29:50 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1002

Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

 

Error - 05-01-2010 23:55:06 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1001

Description = Fault bucket 126637809.

 

Error - 05-01-2010 23:55:07 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1001

Description = Fault bucket 126637809.

 

Error - 05-01-2010 23:55:07 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1001

Description = Fault bucket 126637809.

 

Error - 05-01-2010 23:55:25 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1002

Description = Hanging application IEXPLORE.EXE, version 6.0.2900.2180, hang module

hungapp, version 0.0.0.0, hang address 0x00000000.

 

Error - 05-01-2010 23:55:31 | Computer Name = BF277C0D78A84A6 | Source = Application Hang | ID = 1001

Description = Fault bucket 126637809.

 

[ System Events ]

Error - 26-12-2009 11:43:02 | Computer Name = BF277C0D78A84A6 | Source = Service Control Manager | ID = 7034

Description = The avast! Web Scanner service terminated unexpectedly. It has done

this 1 time(s).

 

Error - 29-12-2009 19:18:44 | Computer Name = BF277C0D78A84A6 | Source = Dhcp | ID = 1000

Description = Your computer has lost the lease to its IP address 192.168.0.11 on

the Network Card with network address 00D009E523E3.

 

Error - 31-12-2009 16:22:52 | Computer Name = BF277C0D78A84A6 | Source = DCOM | ID = 10010

Description = The server {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} did not register

with DCOM within the required timeout.

 

Error - 03-01-2010 10:08:50 | Computer Name = BF277C0D78A84A6 | Source = DCOM | ID = 10010

Description = The server {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} did not register

with DCOM within the required timeout.

 

Error - 04-01-2010 11:04:25 | Computer Name = BF277C0D78A84A6 | Source = Service Control Manager | ID = 7009

Description = Timeout (30000 milliseconds) waiting for the avast! Web Scanner service

to connect.

 

Error - 04-01-2010 11:04:25 | Computer Name = BF277C0D78A84A6 | Source = Service Control Manager | ID = 7000

Description = The avast! Web Scanner service failed to start due to the following

error: %%1053

 

Error - 04-01-2010 11:05:43 | Computer Name = BF277C0D78A84A6 | Source = Service Control Manager | ID = 7034

Description = The avast! Web Scanner service terminated unexpectedly. It has done

this 1 time(s).

 

Error - 04-01-2010 18:26:32 | Computer Name = BF277C0D78A84A6 | Source = DCOM | ID = 10010

Description = The server {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} did not register

with DCOM within the required timeout.

 

Error - 06-01-2010 3:40:08 | Computer Name = BF277C0D78A84A6 | Source = W32Time | ID = 39452706

Description = The time service has detected that the system time needs to be changed

by +175684 seconds. The time service will not change the system time by more than

+54000 seconds. Verify that your time and time zone are correct, and that the time

source time.windows.com (ntp.m|0x1|192.168.0.11:123->207.46.232.182:123) is working

properly.

 

Error - 06-01-2010 17:35:38 | Computer Name = BF277C0D78A84A6 | Source = DCOM | ID = 10010

Description = The server {FBA44040-BD27-4A09-ACC8-C08B7C723DCD} did not register

with DCOM within the required timeout.

 

 

< End of report >

 

Tudo de Bom

 

Bom dia.

 

Podia me dar a sua opinião sobre os 2 últimos reports? Existe algum malware no sistema ?

 

Abraço,

 

Puma 78

Compartilhar este post


Link para o post
Compartilhar em outros sites

Tópico Arquivado

 

Como o autor não respondeu por mais de 30 dias, o tópico foi arquivado.

 

Caso você seja o autor do tópico e quer reabrir, envie uma mensagem privada para um moderador da área juntamente com o link para este tópico e explique o motivo da reabertura.

Compartilhar este post


Link para o post
Compartilhar em outros sites

×

Informação importante

Ao usar o fórum, você concorda com nossos Termos e condições.